startpagina

• 

  isabel

  21-01-2014 17:03

  Logfile of Trend Micro HijackThis v2.0.4

  Scan saved at 17:02:51, on 21-1-2014

  Platform: Windows 7 SP1 (WinNT 6.00.3505)

  MSIE: Internet Explorer v11.0 (11.00.9600.16428)

  Boot mode: Normal

  Running processes:

  C:\Windows\system32\taskhost.exe

  C:\Windows\system32\Dwm.exe

  C:\Program Files\Oceanis\SystemSetting\WallPaperAgent.exe

  C:\Windows\Explorer.exe

  C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

  C:\Program Files\CapsLKNotify\CapsLKNotify.exe

  C:\Windows\System32\igfxtray.exe

  C:\Windows\System32\hkcmd.exe

  C:\Windows\System32\igfxpers.exe

  C:\Windows\system32\igfxsrvc.exe

  C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

  C:\Program Files\Microsoft Security Client\msseces.exe

  C:\Program Files\Common Files\Java\Java Update\jusched.exe

  C:\Users\Isabel\Downloads\tdsskiller (1).exe

  C:\Program Files\trend micro\hijackthis.exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

  O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

  O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

  O2 - BHO: Windows 7 Starter Helper - {D381FF29-7CFB-4D4E-B92A-C4EDDC696614} - C:\Program Files\Oceanis\SystemSetting\StarterHelper.dll

  O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

  O4 - HKLM\..\Run: “C:\Program Files\LogMeIn\x86\LogMeInSystray.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

  O4 - HKLM\..\Run: %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

  O4 - HKLM\..\Run: C:\Program Files\CapsLKNotify\CapsLKNotify.exe

  O4 - HKLM\..\Run: C:\Windows\system32\igfxtray.exe

  O4 - HKLM\..\Run: C:\Windows\system32\hkcmd.exe

  O4 - HKLM\..\Run: C:\Windows\system32\igfxpers.exe

  O4 - HKLM\..\Run: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

  O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe”

  O4 - HKLM\..\Run: “C:\Program Files\Common Files\Java\Java Update\jusched.exe”

  O4 - HKCU\..\Run: “C:\Users\Isabel\AppData\Local\Facebook\Update\FacebookUpdate.exe” /c /nocrashserver

  O4 - HKCU\..\Run: “C:\Program Files\CCleaner\CCleaner.exe” /AUTO

  O4 - HKUS\S-1-5-19\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-19\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘LOCAL SERVICE’)

  O4 - HKUS\S-1-5-20\..\Run: %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User ‘NETWORK SERVICE’)

  O4 - HKUS\S-1-5-20\..\RunOnce: C:\Windows\System32\mctadmin.exe (User ‘NETWORK SERVICE’)

  O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files\PokerStars.EU\PokerStarsUpdate.exe (file missing)

  O11 - Options group: Accelerated graphics

  O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} (DellSystem.Scanner) - http://xserv.dell.com/DellDriverScanner/DellSystem.CAB

  O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} (DellSystemLite.Scanner) - http://support.dell.com/systemprofiler/DellSystemLite.CAB

  O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

  O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\615\G2AWinLogon.dll

  O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

  O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

  O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

  O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

  O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\615\g2aservice.exe

  O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

  O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

  O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe

  O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe

  –

  End of file - 5590 bytes

  Rapporteren
• 

  Ben

  21-01-2014 17:05

  Hallo,

  Die zijn weg hoe gaat het nu?

  Rapporteren
• 

  isabel

  21-01-2014 17:15

  heb nog steeds sweet page

  ga ff de pc opstarten kijken wat er dangebeurt

  tot zo

  Rapporteren
• 

  Ben

  21-01-2014 17:24

  Hallo,

  Is goed ik wacht het af.

  Rapporteren
• 

  isabel

  21-01-2014 17:25

  hij zit er nog in

  ik ga gewoon IE verwijderen

  Rapporteren
• 

  Ben

  21-01-2014 17:30

  Hallo,

  Doe nog eens;

  Download

  

  AdwCleaner by Xplode naar het bureaublad.

  • Sluit alle openstaande vensters.

  • Dubbelklik op AdwCleaner om hem te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,

  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

  • Klik vervolgens op Scan.

  • Klik vervolgens op Clean als er items zijn gevonden.

  • Klik bij Herstarten Noodzakelijk op OK

  Nadat de PC opnieuw is opgestart, opent meestal een logfile.

  Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt

  Post aansluitend de inhoud van dit log in je volgende bericht.

  Rapporteren
• 

  isabel

  21-01-2014 18:13

  # AdwCleaner v3.017 - Report created 19/01/2014 at 21:22:37

  # Updated 12/01/2014 by Xplode

  # Operating System : Windows 7 Starter Service Pack 1 (32 bits)

  # Username : Isabel - ISABEL-PC

  # Running from : C:\Users\Isabel\Downloads\adwcleaner.exe

  # Option : Clean

  ***** *****

  ***** *****

  Folder Deleted : C:\ProgramData\apn

  Folder Deleted : C:\Users\Isabel\AppData\LocalLow\Softonic

  Folder Deleted : C:\Users\Isabel\AppData\Roaming\PerformerSoft

  Folder Deleted : C:\Users\Isabel\AppData\Roaming\Systweak

  Folder Deleted : C:\Users\Isabel\AppData\Local\Google\Chrome\User Data\Default\Extensions\chdboodilddefglllfoimeceomkpmkbi

  File Deleted : C:\Users\Isabel\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

  File Deleted : C:\Windows\System32\Tasks\Dealply

  ***** *****

  ***** *****

  Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\chdboodilddefglllfoimeceomkpmkbi

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HomeTab_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASMANCS

  Key Deleted : HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\Update SaltarSmart

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_google-chrome_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_google-chrome_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_msn-messenger-8-5_RASMANCS

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

  Key Deleted : HKCU\Software\simplytech

  Key Deleted : HKCU\Software\systweak

  Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

  Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

  Key Deleted : HKLM\Software\systweak

  Key Deleted : HKLM\Software\Uniblue

  ***** *****

  -\\ Internet Explorer v11.0.9600.16428

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl

  -\\ Google Chrome v32.0.1700.76

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  # AdwCleaner v3.017 - Report created 21/01/2014 at 18:08:55

  # Updated 12/01/2014 by Xplode

  # Operating System : Windows 7 Starter Service Pack 1 (32 bits)

  # Username : Isabel - ISABEL-PC

  # Running from : C:\Users\Isabel\Downloads\adwcleaner.exe

  # Option : Clean

  ***** *****

  ***** *****

  ***** *****

  Shortcut Disinfected : C:\Users\Isabel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

  Shortcut Disinfected : C:\Users\Isabel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

  Shortcut Disinfected : C:\Users\Isabel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

  Shortcut Disinfected : C:\Users\Isabel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk

  ***** *****

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASAPI32

  Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateSaltarSmart_RASMANCS

  Key Deleted : HKLM\SYSTEM\CurrentControlSet\services\eventlog\Application\Update SaltarSmart

  Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

  Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}

  Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

  Key Deleted : HKCU\Software\Vittalia

  Key Deleted : HKLM\Software\PIP

  Key Deleted : HKLM\Software\supWPM

  Key Deleted : HKLM\Software\Uniblue

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF

  Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

  ***** *****

  -\\ Internet Explorer v11.0.9600.16428

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search

  Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl

  -\\ Google Chrome v32.0.1700.76

  *************************

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  AdwCleaner.txt - -

  ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  Rapporteren
• 

  Ben

  21-01-2014 18:14

  Hallo,

  Hoe gaat het nu?

  Rapporteren
• 

  isabel

  21-01-2014 18:16

  YES!!!!

  sweetpage is weg

  heb mijn vertrouwde startpagina weer terug ()

  Rapporteren
• 

  isabel

  21-01-2014 18:19

  super bedank!!!

  ook voor je geduld !!!

  echt super top

  Rapporteren

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.