antivirus.startpagina.nl

foxtab

  • Anonymous avatar

    Ben

    Hallo,

    Voer zoek.exe nogmaals uit met de volgende code;

    C:\Users\Gebruiker\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z;fs

    Doe na zoek.exe het volgende;

    Download

    AdwCleaner by Xplode naar het bureaublad.

    Sluit alle openstaande vensters.

    Dubbelklik op AdwCleaner om hem te starten.

    Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren,

    Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

    Klik vervolgens op Scan.

    Klik vervolgens op Clean als er items zijn gevonden.

    Klik bij Herstarten Noodzakelijk op OK

    Nadat de PC opnieuw is opgestart, opent meestal een logfile.

    Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner.txt

    Post aansluitend de inhoud van dit log in je volgende bericht.

  • Anonymous avatar

    mar

    hoi

    was dit het goede log

    Zoek.exe v5.0.0.0 Updated 31-January-2014

    Tool run by Gebruiker on di 04-02-2014 at 18:50:11,73.

    Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

    Running in: Normal Mode Internet Access Detected

    Launched: C:\Users\Gebruiker\Desktop\zoek.exe

    ==== Older Logs ======================

    C:\zoek-results2012-10-25-185945.log 11665 bytes

    C:\zoek-results2014-02-04-154302.log 45475 bytes

    ==== Deleting Files \ Folders ======================

    C:\Users\Gebruiker\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z deleted

    ==== C:\zoek_backup content ======================

    C:\zoek_backup (files=984 folders=330 50639842 bytes)

    ==== EOF on di 04-02-2014 at 18:51:31,92 ======================

  • Anonymous avatar

    Ben

    Hallo,

    Ja, nu AdwCleaner nog.

  • Anonymous avatar

    mar

    en nu deze

    bedankt nogmaals

    mar

    # AdwCleaner v3.018 - Report created 04/02/2014 at 18:57:26

    # Updated 28/01/2014 by Xplode

    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

    # Username : Gebruiker - GEBRUIKER-PC

    # Running from : C:\Users\Gebruiker\Desktop\adwcleaner.exe

    # Option : Clean

    ***** *****

    ***** *****

    File Deleted : C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\gisax6ha.default\user.js

    ***** *****

    ***** *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE

    Key Deleted : HKLM\SOFTWARE\Classes\driverscanner

    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

    Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\driverscanner_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger (1)_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger (1)_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger (2)_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger (2)_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger_RASAPI32

    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger_RASMANCS

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8911483C-C00A-4183-9FBC-6C9C00946C15}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95734BDE-B702-45B9-86E5-27676729F904}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C3F058A9-407D-4CD1-8F66-B75605B54B69}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D0482C8E-BAEA-4943-911A-B661060F56A7}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}

    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

    Key Deleted : HKCU\Software\AskPartnerNetwork

    Key Deleted : HKCU\Software\dsiteproducts

    Key Deleted : HKCU\Software\YahooPartnerToolbar

    Key Deleted : HKCU\Software\YourFileDownloader

    Key Deleted : HKCU\Software\AppDataLow\Software\smartbar

    Key Deleted : HKLM\Software\AskPartnerNetwork

    Key Deleted : HKLM\Software\Conduit

    Key Deleted : HKLM\Software\InstallCore

    Key Deleted : HKLM\Software\Uniblue\DriverScanner

    Key Deleted : HKLM\Software\YourFileDownloader

    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zip Opener Packages

    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c3e85ee9-5892-4142-b537-bceb3dac4c3d}

    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OpenIt Open It!

    Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3

    Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3

    ***** *****

    -\\ Internet Explorer v11.0.9600.16428

    -\\ Mozilla Firefox v26.0 (nl)

    Line Deleted : user_pref(“extensions.bootstrappedAddons”, “{\”gmailnoads@mywebber.com\“:{\”version\“:\”4.23\“,\”type\“:\”extension\“,\”descriptor\“:\”C:\\\\Users\\\\Gebruiker\\\\AppData\\\\Roaming\\\\Mozilla\\\\Fire

    Line Deleted : user_pref(“extensions.gmailnoads@mywebber.com.install-event-fired”, true);

    Line Deleted : user_pref(“extensions.plugin@getwebcake.com.install-event-fired”, true);

    Line Deleted : user_pref(“extentions.webcake.defaultEnableAppsList”, “layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc”);

    Line Deleted : user_pref(“extentions.webcake.installId”, “f7b97a6e-7050-4ae9-8212-9d7a7da5b822”);

    -\\ Google Chrome v32.0.1700.107

    Deleted : homepage

    *************************

    AdwCleaner.txt - -

    AdwCleaner.txt - -

    ########## EOF - C:\AdwCleaner\AdwCleaner.txt - ##########

  • Anonymous avatar

    Ben

    Hallo,

    Hoe draait de pc hierna?

  • Anonymous avatar

    mar

    hoi

    Hij draait prima

    wat was/is er nu precies aan de hand geweest

    gr Mar

    bedankt voor al jullie hulp

  • Anonymous avatar

    fazantje

    Hoi Mar,

    De besmettingen heb je waarschijnlijk via het downloaden van FoxTab binnen gekregen.

    Als ik op FoxTab zoek, dan gaan alle bellen van mij virusscanner rinkelen.

    Ook zag ik Softonic in jou logjes.

    Blijf daar weg!!!!

    Dis is 1 grote bron van besmettingen

    Met het onderstaande tooltje ruim je o.a. alle gebruikte tools op:

    Download Delfix by Xplode naar het bureaublad.

    Dubbelklik op Delfix.exe om de tool te starten.

    Zet nu vinkjes voor de volgende items:

    Remove disinfection tools

    Create registry backup

    Purge System Restore

    Reset system settings

    Klik nu op “Run” en wacht geduldig tot de tool gereed is.

    Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.

    Mochten er nog tools of mappen overgebleven zijn dan kan je die zelf verwijderen.

    Kijk voor de zekerheid even onder: C - programfiles - foxtab.

    Mocht deze er nog staan, dan rechtsklik en kies verwijderen.

    Leeg daarna jou prullenbak.

    Groetjes Huib;)

  • Anonymous avatar

    mar

    hoi

    allemaal bedankt voor jullie hulp

    gr mar

  • Anonymous avatar

    fazantje

    Omdat dit topic is opgelost word het gesloten.

    Wilt U Uw topic als nog weer openen, stuur dan een privé bericht naar Ben of Huib (fazantje).

    Zij zullen dan het “slotje” er van af halen en het topic is weer open.

    Het AV team.

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.