Last van een virus, malware, spam of storende pop-ups tijdens het internetten? HijackThis helpt je graag verder.

Welkom op HijackThis, op dit forum kan je terecht voor gratis hulp bij het verwijderen van virussen, malware en andere schadelijke software. Als gast kan je alleen het forum bekijken en meelezen met de verschillende discussies. Klik op de onderstaande link om geheel gratis een gebruikersaccount op ons forum te registreren.

Klik hier om een gratis account te registreren!

Donaties

Ben je tevreden over de manier waarop onze medewerkers je geholpen hebben op HijackThis.nl? Of wil je HijackThis.nl een hart onder de riem steken om dit vrijwilligerswerk verder te kunnen blijven doen? Overweeg dan eens of je een (vrijblijvende) donatie aan ons forum kan doen. Met dank bij voorbaat voor de donatie die je aan HijackThis.nl hebt gedaan!

donaties

INTERNET SLOOM

Vragen over software-problemen
Forumregels
Plaats hier a.u.b. geen FRST/RSIT/DDS/HijackThis logjes!
Deze sectie is alleen bestemd voor algemene computerproblemen.
Problemen die veroorzaakt worden door infecties zullen worden behandeld in de daarvoor bestemde sectie van het forum.
Plaats reactie
Ssjoerd1990
Lid
Berichten: 4
Lid geworden op: 28 dec 2013 18:04
Besturingssysteem: windows 8
Bescherming: Avast, cc cleaner

INTERNET SLOOM

Bericht door Ssjoerd1990 » 02 jan 2014 22:39

IK kan SRIT niet downloaden, en daarom plaats ik een hijack this logfile.

Mijn internet is super sloom en komt steeds spam in beeld. Verder valt de verbinding steeds weg waarna hij pas bij het opnieuw opstarten weer even verbinding wil maken.

Kan iemand mij helpen zie log hier onder :
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 08:01:56, on 3-6-2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16537)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mysearch.avg.com/?cid={6D056F2A- ... 2013-05-29 19:00:23&v=15.2.0.5&pid=safeguard&sg=2&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Search-Results Toolbar - {7abe12ca-e995-4ab4-9a4e-ef8820a20182} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.16.16\bh\delta.dll
O2 - BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files (x86)\DealPly\DealPlyIE.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files (x86)\uTorrentBar_NL\prxtbuTor.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll
O3 - Toolbar: Search-Results Toolbar - {7abe12ca-e995-4ab4-9a4e-ef8820a20182} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.2.0.5\AVG SafeGuard toolbar_toolbar.dll
O4 - HKLM\..\Run: [BakupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -k -h
O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKUS\S-1-5-19\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [IsMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Download with &MediaFairyPro - C:\Program Files (x86)\Media Fairy Pro\hook.html
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - AppInit_DLLs: c:\progra~3\browse~1\261249~1.132\{c16c1~1\browse~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AtherosSvc - Qualcomm Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrowserProtect - Unknown owner - C:\ProgramData\BrowserProtect\2.6.1249.132\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
O23 - Service: Dritek RF Button Command Service (RfButtonDriverService) - Dritek System INC. - C:\Windows\RfBtnSvc64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater15.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.2.0\ToolbarUpdater.exe
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Wlan Agent - Atheros - C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe

--
End of file - 13873 bytes

Gebruikersavatar
Abraham54
Collega Helper
Berichten: 3165
Lid geworden op: 15 feb 2010 21:00
Besturingssysteem: Windows 10 Professional x64
Bescherming: Windows Defender
Locatie: Grootste stad vanTwente
Contacteer:

Re: INTERNET SLOOM

Bericht door Abraham54 » 03 jan 2014 20:58

Zo te zien heb jij behoorlijk wat adware in jouw Windows zitten.

Graag de drie logs in één keer bijvoegen.

Stap •1•
Download Afbeelding AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK
Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[S0].txt.

Logbestand plaatsen
  • Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[S0].txt als bijlage toe aan het volgende bericht.
  • Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
Stap •2•
Download de Afbeelding Junkware Removal Tool by Thisisu naar je bureaublad.
Schakel de antivirus- en antispywareprogramma's uit, mogelijk kunnen deze conflicteren met JRT
(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  • Dubbelklik op JRT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Het tool zal aansluitend het systeem scannen.
  • De scan kan afhankelijk van de computersysteemspecificaties soms vrij lang duren, wacht geduldig af.
  • Indien de scan gereed is, zal er een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch worden geopend.
  • Post de inhoud van deze log in je volgende bericht als bijlage.
Stap •3•
Download Afbeelding MalwareBytes' Anti-Malware(mirror)(website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:
  • Update MalwareBytes' Anti-Malware
  • Start MalwareBytes' Anti-Malware
  • Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
Klik daarna op "Voltooien".
De databaseupdate zal gedownload en geïnstalleerd worden.

Bij problemen!!! (Lees de onderstaande instructies)
  • Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  • Daarna: "Scanner Instellingen". Onderaan bij "PUP" kiezen voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  • Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  • Druk vervolgens op de knop "Scannen" om de scan te starten.
  • Het scannen kan een tijdje duren, wees dus geduldig.
  • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  • Herstart de computer indien nodig en post hierna de log als bijlage in het volgende bericht.
Het log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan worden teruggevonden door op de "Logs" tab te klikken in het programma.
Domheid is ook een gave God's, maar men mag haar niet misbruiken.

Ssjoerd1990
Lid
Berichten: 4
Lid geworden op: 28 dec 2013 18:04
Besturingssysteem: windows 8
Bescherming: Avast, cc cleaner

Re: INTERNET SLOOM

Bericht door Ssjoerd1990 » 10 jan 2014 06:08

Bedankt voor de tips, hij doet het al een stuk snel ! :) zie hieronder mijn logfiles :

ADW CLEANER

# AdwCleaner v3.016 - Report created 03/01/2014 at 22:56:18
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Sjoerd - LAPTOP_SJOERD
# Running from : C:\Users\Sjoerd\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : vToolbarUpdater17.1.3
Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\savenSihaare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar
Folder Deleted : C:\Program Files (x86)\uTorrentBar_NL
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Babylon
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\Local\jZip
Folder Deleted : C:\Users\Sjoerd\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\savenSihaare
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\DivX_Browser_Bar
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\uTorrentBar_NL
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\dosearches
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\aaiiiywv@o-.org
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\kcbh8vbat@ouifq.net
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\hdvc3@hdvidcodec.com.xpi
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\invalidprefs.js
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\dosearches.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\user.js
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5808bdae06fe942
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{720F4CC6-5D8D-42F8-9B1A-F5318D5BE297}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDC51164-8543-4AF5-B8C6-9F5E9B3D9057}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6515ECD-2B73-4EB7-86DC-C970B53CCAF6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_NL
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\HDvid Codec V1
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\jZipSRTB
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\DivX_Browser_Bar
Key Deleted : HKLM\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\prefs.js ]

Line Deleted : user_pref("CT3288691.FF19Solved", "true");
Line Deleted : user_pref("CT3288691.UserID", "UN18140265232595730");
Line Deleted : user_pref("CT3288691.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3288691.fullUserID", "UN18140265232595730.IN.20131103210918");
Line Deleted : user_pref("CT3288691.installDate", "03/11/2013 21:09:23");
Line Deleted : user_pref("CT3288691.installSessionId", "{AE7378E1-09A4-493D-B705-BB4795B116F4}");
Line Deleted : user_pref("CT3288691.installSp", "true");
Line Deleted : user_pref("CT3288691.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT3288691.keyword", "true");
Line Deleted : user_pref("CT3288691.originalHomepage", "hxxp://www.search.ask.com/?p2=%5EB7N%5EYYYYYY% ... rgb=FF&apn[...]
Line Deleted : user_pref("CT3288691.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3288691.originalSearchEngine", "Ask Search");
Line Deleted : user_pref("CT3288691.originalSearchEngineName", "Ask Search");
Line Deleted : user_pref("CT3288691.searchRevert", "false");
Line Deleted : user_pref("CT3288691.searchUserMode", "2");
Line Deleted : user_pref("CT3288691.smartbar.homepage", "true");
Line Deleted : user_pref("CT3288691.toolbarInstallDate", "03-11-2013 21:09:18");
Line Deleted : user_pref("CT3288691.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT3288691.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,brain/default2,easyinline/dock,superfish,superfishgoogleeil,yontooinstalled,yontoonewoffers,dropdowndeals");
Line Deleted : user_pref("extentions.y2layers.installId", "7bee41a5-b539-40d1-9113-54ebc37c843b");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN18140265232595730&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.machineId", "L0+SWKRC0L+G6EVOY5GZ5JAYEGDZWVHV6SZYTY4NM+XA2ZDWL0R7EHZRYTEVTVZUN3VU1RKL6VUL/7OD5GES3A");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [20518 octets] - [03/01/2014 22:54:28]
AdwCleaner[R1].txt - [20509 octets] - [03/01/2014 22:55:57]
AdwCleaner[S0].txt - [18141 octets] - [03/01/2014 22:56:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18202 octets] ##########

MALWAREBYTES:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Databaseversie: v2014.01.03.06

Windows 7 x64 NTFS
Internet Explorer 9.10.9200.16750
Sjoerd :: LAPTOP_SJOERD [administrator]

3-1-2014 23:18:05
mbam-log-2014-01-03 (23-18-05).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 214020
Verstreken tijd: 7 minuut/minuten, 23 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

JUNKWARE:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 8 x64
Ran by Sjoerd on vr 03-01-2014 at 23:09:07,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-662412863-766297031-3122434959-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DE3E13BF-6DCB-4A4F-AD26-59A2F41BD0E3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\hdvid codec v1"



~~~ FireFox

Emptied folder: C:\Users\Sjoerd\AppData\Roaming\mozilla\firefox\profiles\5d3y80wr.default\minidumps [9 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 03-01-2014 at 23:14:09,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ssjoerd1990
Lid
Berichten: 4
Lid geworden op: 28 dec 2013 18:04
Besturingssysteem: windows 8
Bescherming: Avast, cc cleaner

Re: INTERNET SLOOM

Bericht door Ssjoerd1990 » 10 jan 2014 06:08

Bedankt voor de tips, hij doet het al een stuk snel ! :) zie hieronder mijn logfiles :

ADW CLEANER

# AdwCleaner v3.016 - Report created 03/01/2014 at 22:56:18
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Sjoerd - LAPTOP_SJOERD
# Running from : C:\Users\Sjoerd\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : vToolbarUpdater17.1.3
Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\savenSihaare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar
Folder Deleted : C:\Program Files (x86)\uTorrentBar_NL
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Babylon
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\Local\jZip
Folder Deleted : C:\Users\Sjoerd\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\savenSihaare
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\DivX_Browser_Bar
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\uTorrentBar_NL
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\dosearches
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\aaiiiywv@o-.org
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\kcbh8vbat@ouifq.net
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\hdvc3@hdvidcodec.com.xpi
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\invalidprefs.js
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\dosearches.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\user.js
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5808bdae06fe942
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{720F4CC6-5D8D-42F8-9B1A-F5318D5BE297}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDC51164-8543-4AF5-B8C6-9F5E9B3D9057}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6515ECD-2B73-4EB7-86DC-C970B53CCAF6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_NL
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\HDvid Codec V1
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\jZipSRTB
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\DivX_Browser_Bar
Key Deleted : HKLM\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\prefs.js ]

Line Deleted : user_pref("CT3288691.FF19Solved", "true");
Line Deleted : user_pref("CT3288691.UserID", "UN18140265232595730");
Line Deleted : user_pref("CT3288691.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3288691.fullUserID", "UN18140265232595730.IN.20131103210918");
Line Deleted : user_pref("CT3288691.installDate", "03/11/2013 21:09:23");
Line Deleted : user_pref("CT3288691.installSessionId", "{AE7378E1-09A4-493D-B705-BB4795B116F4}");
Line Deleted : user_pref("CT3288691.installSp", "true");
Line Deleted : user_pref("CT3288691.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT3288691.keyword", "true");
Line Deleted : user_pref("CT3288691.originalHomepage", "hxxp://www.search.ask.com/?p2=%5EB7N%5EYYYYYY% ... rgb=FF&apn[...]
Line Deleted : user_pref("CT3288691.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3288691.originalSearchEngine", "Ask Search");
Line Deleted : user_pref("CT3288691.originalSearchEngineName", "Ask Search");
Line Deleted : user_pref("CT3288691.searchRevert", "false");
Line Deleted : user_pref("CT3288691.searchUserMode", "2");
Line Deleted : user_pref("CT3288691.smartbar.homepage", "true");
Line Deleted : user_pref("CT3288691.toolbarInstallDate", "03-11-2013 21:09:18");
Line Deleted : user_pref("CT3288691.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT3288691.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,brain/default2,easyinline/dock,superfish,superfishgoogleeil,yontooinstalled,yontoonewoffers,dropdowndeals");
Line Deleted : user_pref("extentions.y2layers.installId", "7bee41a5-b539-40d1-9113-54ebc37c843b");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN18140265232595730&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.machineId", "L0+SWKRC0L+G6EVOY5GZ5JAYEGDZWVHV6SZYTY4NM+XA2ZDWL0R7EHZRYTEVTVZUN3VU1RKL6VUL/7OD5GES3A");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [20518 octets] - [03/01/2014 22:54:28]
AdwCleaner[R1].txt - [20509 octets] - [03/01/2014 22:55:57]
AdwCleaner[S0].txt - [18141 octets] - [03/01/2014 22:56:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18202 octets] ##########

MALWAREBYTES:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Databaseversie: v2014.01.03.06

Windows 7 x64 NTFS
Internet Explorer 9.10.9200.16750
Sjoerd :: LAPTOP_SJOERD [administrator]

3-1-2014 23:18:05
mbam-log-2014-01-03 (23-18-05).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 214020
Verstreken tijd: 7 minuut/minuten, 23 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

JUNKWARE:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 8 x64
Ran by Sjoerd on vr 03-01-2014 at 23:09:07,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-662412863-766297031-3122434959-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DE3E13BF-6DCB-4A4F-AD26-59A2F41BD0E3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\hdvid codec v1"



~~~ FireFox

Emptied folder: C:\Users\Sjoerd\AppData\Roaming\mozilla\firefox\profiles\5d3y80wr.default\minidumps [9 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 03-01-2014 at 23:14:09,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ssjoerd1990
Lid
Berichten: 4
Lid geworden op: 28 dec 2013 18:04
Besturingssysteem: windows 8
Bescherming: Avast, cc cleaner

Re: INTERNET SLOOM

Bericht door Ssjoerd1990 » 10 jan 2014 06:08

Bedankt voor de tips, hij doet het al een stuk snel ! :) zie hieronder mijn logfiles :

ADW CLEANER

# AdwCleaner v3.016 - Report created 03/01/2014 at 22:56:18
# Updated 23/12/2013 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : Sjoerd - LAPTOP_SJOERD
# Running from : C:\Users\Sjoerd\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : BackupStack
Service Deleted : vToolbarUpdater17.1.3
Service Deleted : Yontoo Desktop Updater

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BetterSoft
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\ProgramData\savenSihaare
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\jZip
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\TornTV.com
Folder Deleted : C:\Program Files (x86)\Yontoo
Folder Deleted : C:\Program Files (x86)\DivX_Browser_Bar
Folder Deleted : C:\Program Files (x86)\uTorrentBar_NL
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Sjoerd\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Babylon
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\Local\jZip
Folder Deleted : C:\Users\Sjoerd\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\savenSihaare
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\DivX_Browser_Bar
Folder Deleted : C:\Users\Sjoerd\AppData\LocalLow\uTorrentBar_NL
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\dosearches
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Yontoo
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\aaiiiywv@o-.org
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\kcbh8vbat@ouifq.net
Folder Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Folder Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\hdvc3@hdvidcodec.com.xpi
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\Extensions\trtv3@trtv.com.xpi
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jZip.lnk
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\invalidprefs.js
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\ask-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\dosearches.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\user.js
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage
File Deleted : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
File Deleted : C:\Windows\System32\Tasks\BrowserProtect
File Deleted : C:\Windows\System32\Tasks\Dealply

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Public\Desktop\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sjoerd\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\jZip.file
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\AppPath\jZip.exe
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\5808bdae06fe942
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3288691
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DD937C23-9304-4E9E-9FD3-0E00B88E2C2E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E87EA0C-D5FA-4BD8-A9E1-C341F4B798F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{720F4CC6-5D8D-42F8-9B1A-F5318D5BE297}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDC51164-8543-4AF5-B8C6-9F5E9B3D9057}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6515ECD-2B73-4EB7-86DC-C970B53CCAF6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{77E8143B-6759-416E-B521-82CFED75150B}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{77E8143B-6759-416E-B521-82CFED75150B}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\jZip
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\DivX_Browser_Bar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar_NL
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\HDvid Codec V1
Key Deleted : HKLM\Software\jZip
Key Deleted : HKLM\Software\jZipSRTB
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\DivX_Browser_Bar
Key Deleted : HKLM\Software\uTorrentBar_NL
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\jZip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar_NL Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\Sjoerd\AppData\Roaming\Mozilla\Firefox\Profiles\5d3y80wr.default\prefs.js ]

Line Deleted : user_pref("CT3288691.FF19Solved", "true");
Line Deleted : user_pref("CT3288691.UserID", "UN18140265232595730");
Line Deleted : user_pref("CT3288691.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3288691.fullUserID", "UN18140265232595730.IN.20131103210918");
Line Deleted : user_pref("CT3288691.installDate", "03/11/2013 21:09:23");
Line Deleted : user_pref("CT3288691.installSessionId", "{AE7378E1-09A4-493D-B705-BB4795B116F4}");
Line Deleted : user_pref("CT3288691.installSp", "true");
Line Deleted : user_pref("CT3288691.installerVersion", "1.8.0.14");
Line Deleted : user_pref("CT3288691.keyword", "true");
Line Deleted : user_pref("CT3288691.originalHomepage", "hxxp://www.search.ask.com/?p2=%5EB7N%5EYYYYYY% ... rgb=FF&apn[...]
Line Deleted : user_pref("CT3288691.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3288691.originalSearchEngine", "Ask Search");
Line Deleted : user_pref("CT3288691.originalSearchEngineName", "Ask Search");
Line Deleted : user_pref("CT3288691.searchRevert", "false");
Line Deleted : user_pref("CT3288691.searchUserMode", "2");
Line Deleted : user_pref("CT3288691.smartbar.homepage", "true");
Line Deleted : user_pref("CT3288691.toolbarInstallDate", "03-11-2013 21:09:18");
Line Deleted : user_pref("CT3288691.versionFromInstaller", "10.21.1.7");
Line Deleted : user_pref("CT3288691.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "DivX Browser Bar Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extentions.y2layers.defaultEnableAppsList", "bestvideodownloader,brain/default2,easyinline/dock,superfish,superfishgoogleeil,yontooinstalled,yontoonewoffers,dropdowndeals");
Line Deleted : user_pref("extentions.y2layers.installId", "7bee41a5-b539-40d1-9113-54ebc37c843b");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3288691&octid=CT3288691&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3288691&SearchSource=2&CUI=UN18140265232595730&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3288691");
Line Deleted : user_pref("smartbar.machineId", "L0+SWKRC0L+G6EVOY5GZ5JAYEGDZWVHV6SZYTY4NM+XA2ZDWL0R7EHZRYTEVTVZUN3VU1RKL6VUL/7OD5GES3A");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3288691&CUI=UN18140265232595730&UM=2&SearchSource=13");

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Sjoerd\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [20518 octets] - [03/01/2014 22:54:28]
AdwCleaner[R1].txt - [20509 octets] - [03/01/2014 22:55:57]
AdwCleaner[S0].txt - [18141 octets] - [03/01/2014 22:56:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [18202 octets] ##########

MALWAREBYTES:

Malwarebytes Anti-Malware 1.75.0.1300
http://www.malwarebytes.org

Databaseversie: v2014.01.03.06

Windows 7 x64 NTFS
Internet Explorer 9.10.9200.16750
Sjoerd :: LAPTOP_SJOERD [administrator]

3-1-2014 23:18:05
mbam-log-2014-01-03 (23-18-05).txt

Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 214020
Verstreken tijd: 7 minuut/minuten, 23 seconde(n)

Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)

JUNKWARE:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 8 x64
Ran by Sjoerd on vr 03-01-2014 at 23:09:07,16
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-662412863-766297031-3122434959-1001\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DE3E13BF-6DCB-4A4F-AD26-59A2F41BD0E3}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Sjoerd\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Program Files (x86)\hdvid codec v1"



~~~ FireFox

Emptied folder: C:\Users\Sjoerd\AppData\Roaming\mozilla\firefox\profiles\5d3y80wr.default\minidumps [9 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 03-01-2014 at 23:14:09,20
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Gebruikersavatar
Abraham54
Collega Helper
Berichten: 3165
Lid geworden op: 15 feb 2010 21:00
Besturingssysteem: Windows 10 Professional x64
Bescherming: Windows Defender
Locatie: Grootste stad vanTwente
Contacteer:

Re: INTERNET SLOOM

Bericht door Abraham54 » 10 jan 2014 07:03

Dat is inderdaad een behoorlijke opruiming.

Je mag AdwCleaner nogmaals gebruiken en voeg het log dan vervolgens bij.
Domheid is ook een gave God's, maar men mag haar niet misbruiken.

Plaats reactie