Mededeling

Collapse
No announcement yet.

Rightonadz en adsite

Collapse
X
Collapse
  •  
  • Page of 1
  • Filter
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Rightonadz en adsite

    Ik word de laatste dagen erg geplaagd door popups.
    Ik heb diverse malen hidmanpro gedraaid maar helaas zoder echt resultaat.
    Ik heb in het register gewerkt en de sleutels adsite en rightonadz gewist. Echter ook zonder resultaat.

    De logfile is in bijlage geplaatst:
    Bijgevoegde Bestanden
    Labels: Geen
    • Citaat
  • #2
    Download: RVAXO.exe
    • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
    • Open nu de map RVAXO op je bureaublad en dubbeklik RVAXO.cmd
      Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
    • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
    • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
      Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
    • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
    • Post de inhoud van de logfile in je volgende bericht.


    Download Combofix naar je Bureaublad.
    Dubbelklik op Combofix.exe
    Kies voor "Continue" door 1 te typen gevolgd door ENTER.
    Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
    Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
    Plaats deze log in je volgende post.

    NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
    • Citaat

    Comment

    • #3
      Rigtonadz en adsite

      Hierbij de logbestanden
      ----------------RVAXO.exe first run-------------

      Files found:

      C:\WINDOWS\system32\ljjhhge.dll__DELETE_ON_REBOOT
      C:\WINDOWS\system32\wvuutqr.dll__DELETE_ON_REBOOT
      C:\WINDOWS\system32\aadgh.ini2
      C:\WINDOWS\system32\mcrh.tmp
      C:\WINDOWS\system32\vbzip11.dll
      C:\WINDOWS\system32\vbzip10.dll
      C:\WINDOWS\system32\gzmrt.dll
      C:\WINDOWS\mrofinu1188.exe.tmp
      C:\n.bat
      C:\WINDOWS\system32\9461.bat
      C:\WINDOWS\system32\1654.bat
      C:\WINDOWS\system32\7494.bat
      C:\WINDOWS\system32\7724.bat
      C:\WINDOWS\system32\9426.bat
      C:\WINDOWS\system32\5867.bat
      C:\WINDOWS\system32\3679.bat
      C:\WINDOWS\system32\6569.bat
      C:\Documents and Settings\Tramweg\7000.bat
      C:\Documents and Settings\Tramweg\3464.bat
      C:\Documents and Settings\Tramweg\4479.bat
      C:\z.dat
      C:\x.dat

      Uninstallers Rogue scanners:


      Folders Found:

      C:\Program Files\outlook
      C:\Program Files\Temporary
      C:\Program Files\pedevice
      C:\WINDOWS\system32\bund1
      C:\Program Files\Common Files\{30816645-04B2-1043-0528-01042601001f}
      C:\Program Files\Common Files\{E0816645-04B2-1043-0528-01042601001f}

      Hosts-file was reset, If you use a custom hosts file please replace it...

      --------------RVAXO.exe last run---------------

      Files found:

      Folders Found:

      --------------RVAXO.exe finished----------------


      En vervolgens het logbestand van combifix

      ComboFix 08-01-05.1 - Tramweg 2008-01-05 12:07:32.1 - NTFSx86
      Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.281 [GMT 1:00]
      Gestart vanuit: C:\Documents and Settings\Tramweg\Bureaublad\ComboFix.exe
      * Nieuw herstelpunt werd aangemaakt
      .

      (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
      .

      C:\Documents and Settings\Tramweg\Application Data\Dxcknwrd.dll
      C:\Documents and Settings\Tramweg\Mijn documenten\FNTS~1
      C:\Documents and Settings\Tramweg\Mijn documenten\WNSXS~1
      C:\Program Files\Common Files\{30816~1
      C:\Program Files\Common Files\{E0816~1
      C:\Program Files\Common Files\sstem~1
      C:\Program Files\Common Files\uninstall information
      C:\temp\tn3
      C:\WINDOWS\asembl~1
      C:\WINDOWS\b143.exe
      C:\WINDOWS\system32\curity~1
      C:\WINDOWS\system32\dobe~1
      C:\WINDOWS\system32\dobe~1\?dobe\
      C:\WINDOWS\system32\dobe~2
      C:\WINDOWS\system32\ecurit~1
      C:\WINDOWS\system32\nsi18.dll

      .
      ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

      .
      -------\LEGACY_CLIENT_IP-IPX


      (((((((((((((((((((( Bestanden Gemaakt van 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))
      .

      2008-01-05 12:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
      2008-01-05 12:02 . 2008-01-05 12:03 <DIR> d-------- C:\RVAXO
      2008-01-05 11:58 . 2008-01-04 20:53 589,745 --a------ C:\WINDOWS\system32\RVAXO.bat
      2008-01-05 11:58 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
      2008-01-04 13:50 . 2008-01-04 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
      2008-01-02 21:26 . 2008-01-03 10:46 1,031,578 ---hs---- C:\WINDOWS\system32\ikfpwros.ini
      2008-01-02 20:51 . 2008-01-05 12:04 <DIR> dr-h----- C:\Documents and Settings\Tramweg\Onlangs geopend
      2008-01-02 10:03 . 2008-01-02 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
      2008-01-01 21:41 . 2008-01-01 21:41 <DIR> d-------- C:\Program Files\SurfRight
      2008-01-01 20:36 . 2008-01-01 20:29 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
      2008-01-01 20:36 . 2008-01-01 20:29 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
      2008-01-01 18:53 . 2008-01-04 16:11 28,332 --ahs---- C:\WINDOWS\system32\aadgh.ini
      2008-01-01 18:52 . 2008-01-01 18:52 <DIR> d-------- C:\Program Files\kernel
      2008-01-01 18:47 . 2008-01-02 09:24 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
      2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Davilex
      2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Borland
      2007-12-29 13:30 . 1998-06-02 12:01 233,472 --a------ C:\WINDOWS\system32\ILDA32.DLL
      2007-12-29 13:30 . 1999-11-11 23:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
      2007-12-29 13:30 . 2002-09-26 14:08 22,528 --a------ C:\WINDOWS\system32\WSC32.DLL
      2007-12-29 13:30 . 1998-07-08 20:14 17,408 --a------ C:\WINDOWS\system32\MIO32.DLL
      2007-12-29 13:12 . 2007-12-29 14:13 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\MAGIX
      2007-12-29 13:09 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
      2007-12-29 13:09 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
      2007-12-29 13:08 . 2006-03-31 14:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
      2007-12-28 21:28 . 2007-12-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
      2007-12-28 21:27 . 2007-12-29 13:09 <DIR> d-------- C:\Program Files\Common Files\MAGIX Shared
      2007-12-28 20:59 . 2008-01-03 17:30 <DIR> d-------- C:\WINDOWS\system32\MAGIX
      2007-12-24 22:03 . 2007-12-24 22:08 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\ICQ
      2007-12-24 22:02 . 2007-12-24 22:02 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\InstallShield
      2007-12-24 21:55 . 2007-12-24 21:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

      .
      ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      2008-01-04 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
      2008-01-04 12:53 --------- d-----w C:\Program Files\Lavasoft
      2008-01-04 12:52 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Lavasoft
      2008-01-04 12:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
      2008-01-03 16:12 --------- d-----w C:\Program Files\Trend Micro
      2008-01-02 16:03 --------- d-----w C:\Program Files\Common Files\Adobe
      2008-01-02 11:45 --------- d-----w C:\Program Files\Paint.NET
      2007-12-26 17:46 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\ZoomBrowser EX
      2007-12-26 12:21 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CameraWindowDC
      2007-12-24 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
      2007-11-30 13:49 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CANON INC
      2007-11-30 13:34 --------- d-----w C:\Program Files\Canon
      2007-11-30 13:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
      2007-11-30 13:31 --------- d-----w C:\Program Files\Common Files\Canon
      2007-11-25 12:27 39,424 ----a-w C:\WINDOWS\zipinst.exe
      2007-11-25 12:25 --------- d-----w C:\Program Files\Volumouse
      2007-11-16 16:02 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Media Player Classic
      2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
      2005-09-26 08:42 684 -c----w C:\Documents and Settings\Tramweg\hpothb07.dat
      2004-09-28 02:00 26,240 -c----w C:\WINDOWS\inf\RAMDSK.SYS
      .

      ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
      .
      .
      REGEDIT4
      *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0814FB89-CAFD-4425-A6E1-722E47CB7A19}]
      C:\WINDOWS\system32\hgdaa.dll

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18BEFD34-61D6-1E27-A340-69E33F92FBEF}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{42EBA932-6FD4-1E71-A340-69E33F92FBED}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45EAAE64-6782-192B-A340-69E33F92F9BA}]

      [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{46EEAC31-3288-4C73-A340-69E33F92FABF}]

      [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03 15360]
      "kernel"="C:\Program Files\kernel\kernel.exe" [2008-01-01 18:52 61440]
      "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

      [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
      "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 03:06 86016]
      "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 03:06 7311360]
      "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

      [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
      "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]
      "PcSync"="H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15 1634304]

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
      "NoResolveTrack"= 1 (0x1)

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjhhge]
      ljjhhge.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvuutqr]
      wvuutqr.dll

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

      [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^svchost.exe]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
      --a------ 2007-10-10 18:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Besieger DreamCatcher Interactive crack]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bita]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search 2]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\csr]


      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
      --------- 2002-12-02 20:56 40960 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e08166ea]
      C:\WINDOWS\system32\sorwpfki.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\feedreader.exe]
      --a------ 2007-06-29 10:45 1219072 h:\Program Files\FeedReader30\feedreader.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
      --a------ 2007-11-21 01:47 172280 H:\Program Files\ICQ6\ICQ.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
      --a------ 2007-01-08 21:17 52256 h:\Program Files\CyberLink\PowerDVD\Language\Language.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LocalCooling]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSVersion]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
      --------- 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
      --a------ 2005-12-10 03:06 1519616 C:\WINDOWS\system32\nwiz.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2P Networking]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
      --a------ 2007-01-23 10:19 223232 H:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
      --a------ 2007-06-16 00:15 366400 h:\Program Files\Picasa2\PicasaMediaDetector.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\postSetupCheck]
      C:\WINDOWS\system32\gzmrt.dll

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnSys Executable]
      -r------- 2002-08-01 12:03 36864 d:\\PrnSys.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
      --------- 2007-01-08 21:26 68640 h:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
      --a------ 2006-12-15 03:23 75520 C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
      --------- 2004-12-29 10:41 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vidmon]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinUpdate]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Words]

      [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
      "Diskeeper"=2 (0x2)

      [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
      "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

      [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
      "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
      "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
      "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
      "nwiz"=nwiz.exe /install

      R0 Klpid;Klpid;C:\WINDOWS\system32\Drivers\klpid.sys [2002-11-24 18:37]
      R1 Klpf;Klpf;C:\WINDOWS\system32\Drivers\Klpf.sys [2002-11-20 14:34]
      R2 AdobeActiveFileMonitor;Adobe Active File Monitor;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 04:47]
      R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 03:40]
      R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-04-20 22:01]
      R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
      R3 rtl8029;NT-stuurprogramma voor Realtek RTL8029(AS)-based PCI Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 20:12]
      S1 ctredrv.sys;ctredrv.sys;C:\WINDOWS\system32\drivers\ctredrv.sys
      S2 UMAXPCLS;Stuurprogramma voor scanner op printerpoort;C:\WINDOWS\system32\DRIVERS\umaxpcls.sys [2001-08-17 21:58]
      S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
      S3 InterCheck Control;InterCheck Control;C:\Program Files\@Home veiligheid\Antivirus\icntdrv5.sys [2006-05-05 15:30]
      S3 InterCheck Filter;InterCheck Filter;C:\Program Files\@Home veiligheid\Antivirus\icntflt5.sys [2006-05-05 15:30]
      S3 InterCheck Support 01;InterCheck Support 01;C:\Program Files\@Home veiligheid\Antivirus\icntst01.sys [2006-09-13 16:00]
      S3 InterCheck Support 02;InterCheck Support 02;C:\Program Files\@Home veiligheid\Antivirus\icntst02.sys [2006-09-13 16:00]
      S3 InterCheck Support 03;InterCheck Support 03;C:\Program Files\@Home veiligheid\Antivirus\icntst03.sys [2006-09-13 16:00]
      S3 InterCheck Support 04;InterCheck Support 04;C:\Program Files\@Home veiligheid\Antivirus\icntst04.sys [2006-09-13 16:00]
      S3 InterCheck Support 05;InterCheck Support 05;C:\Program Files\@Home veiligheid\Antivirus\icntst05.sys [2006-09-13 16:00]
      S3 InterCheck Support 06;InterCheck Support 06;C:\Program Files\@Home veiligheid\Antivirus\icntst06.sys [2006-09-13 16:00]
      S3 InterCheck Support 07;InterCheck Support 07;C:\Program Files\@Home veiligheid\Antivirus\icntst07.sys [2006-09-13 16:00]
      S3 InterCheck Support 08;InterCheck Support 08;C:\Program Files\@Home veiligheid\Antivirus\icntst08.sys [2006-09-13 16:00]
      S3 InterCheck Support 09;InterCheck Support 09;C:\Program Files\@Home veiligheid\Antivirus\icntst09.sys [2006-09-13 16:00]
      S3 InterCheck Support 10;InterCheck Support 10;C:\Program Files\@Home veiligheid\Antivirus\icntst10.sys [2006-09-13 16:00]
      S3 InterCheck Support 11;InterCheck Support 11;C:\Program Files\@Home veiligheid\Antivirus\icntst11.sys [2006-09-13 16:00]
      S3 InterCheck Support 12;InterCheck Support 12;C:\Program Files\@Home veiligheid\Antivirus\icntst12.sys [2006-09-13 16:00]
      S3 TESTCAP;TESTCAP;C:\WINDOWS\system32\DRIVERS\PCTVAud.sys [2000-02-08 10:25]
      S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 08:41]

      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
      UxTuneUp

      .
      Inhoud van de 'Gedeelde Taken' map
      "2007-12-07 17:35:27 C:\WINDOWS\Tasks\Easy Onderhoud.job"
      - I:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
      "2008-01-05 11:21:15 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
      - C:\Program Files\Windows Defender\MpCmdRun.exe
      "2008-01-04 19:55:37 C:\WINDOWS\Tasks\User_Feed_Synchronization-{977636D9-3279-44BB-B242-11E8AC3727AF}.job"
      - C:\WINDOWS\system32\msfeedssync.exe
      .
      **************************************************************************

      catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-01-05 12:18:52
      Windows 5.1.2600 Service Pack 2 NTFS

      scannen van verborgen processen ...

      scannen van verborgen autostart items ...

      scannen van verborgen bestanden ...

      Scan succesvol afgerond
      verborgen bestanden: 0

      **************************************************************************
      .
      Voltooingstijd: 2008-01-05 12:23:32 - machine was rebooted
      ComboFix-quarantined-files.txt 2008-01-05 11:23:13
      .
      2008-01-04 10:53:26 --- E O F ---
      • Citaat

      Comment

      • #4
        Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
        Dit zal alles van RVAXO doen verwijderen.

        Download de bijlage: CFScript.txt

        Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



        Dit zal ComboFix doen herstarten.
        Start opnieuw op als daarom gevraagd wordt,
        en post de inhoud van de Combofix.txt in je volgende antwoord.

        Post ook een nieuw logje van Hijackthis en vertel ook of er nog problemen zijn.
        Bijgevoegde Bestanden
        • Citaat

        Comment

        • #5
          Rightonadz en adsite

          Ik heb alles zo uitgevoerd zoals in de instructie.
          Het lijkt erop dat de popups verdwenen zijn. Wat een genot.
          Hartelijk dank. Ik ben wel overgestapt op firefox ipv van IE7.
          De laatste log is de volgende:

          ComboFix 08-01-05.1 - Tramweg 2008-01-06 15:44:35.2 - NTFSx86
          Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.235 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Tramweg\Bureaublad\ComboFix.exe
          Command switches used :: C:\Documents and Settings\Tramweg\Bureaublad\cfscript-1.txt
          * Nieuw herstelpunt werd aangemaakt

          FILE
          C:\WINDOWS\system32\aadgh.ini
          C:\WINDOWS\system32\ikfpwros.ini
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\Program Files\kernel
          C:\Program Files\kernel\kernel.exe
          C:\WINDOWS\system32\aadgh.ini
          C:\WINDOWS\system32\ikfpwros.ini

          .
          ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

          .
          -------\LEGACY_CTREDRV.SYS
          -------\ctredrv.sys


          (((((((((((((((((((( Bestanden Gemaakt van 2007-12-06 to 2008-01-06 ))))))))))))))))))))))))))))))
          .

          2008-01-05 19:48 . 2008-01-06 13:23 <DIR> dr-h----- C:\Documents and Settings\Tramweg\Onlangs geopend
          2008-01-05 13:59 . 2008-01-05 14:03 <DIR> d-------- C:\Program Files\SpywareBlaster
          2008-01-05 12:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
          2008-01-04 13:50 . 2008-01-04 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
          2008-01-02 10:03 . 2008-01-02 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
          2008-01-01 21:41 . 2008-01-01 21:41 <DIR> d-------- C:\Program Files\SurfRight
          2008-01-01 20:36 . 2008-01-01 20:29 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
          2008-01-01 20:36 . 2008-01-01 20:29 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
          2008-01-01 18:47 . 2008-01-02 09:24 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
          2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Davilex
          2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Borland
          2007-12-29 13:30 . 1998-06-02 12:01 233,472 --a------ C:\WINDOWS\system32\ILDA32.DLL
          2007-12-29 13:30 . 1999-11-11 23:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
          2007-12-29 13:30 . 2002-09-26 14:08 22,528 --a------ C:\WINDOWS\system32\WSC32.DLL
          2007-12-29 13:30 . 1998-07-08 20:14 17,408 --a------ C:\WINDOWS\system32\MIO32.DLL
          2007-12-29 13:12 . 2007-12-29 14:13 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\MAGIX
          2007-12-29 13:09 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
          2007-12-29 13:09 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
          2007-12-29 13:08 . 2006-03-31 14:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
          2007-12-28 21:28 . 2007-12-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
          2007-12-28 21:27 . 2007-12-29 13:09 <DIR> d-------- C:\Program Files\Common Files\MAGIX Shared
          2007-12-28 20:59 . 2008-01-03 17:30 <DIR> d-------- C:\WINDOWS\system32\MAGIX
          2007-12-24 22:03 . 2007-12-24 22:08 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\ICQ
          2007-12-24 22:02 . 2007-12-24 22:02 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\InstallShield
          2007-12-24 21:55 . 2007-12-24 21:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-01-04 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-01-04 12:53 --------- d-----w C:\Program Files\Lavasoft
          2008-01-04 12:52 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Lavasoft
          2008-01-04 12:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
          2008-01-03 16:12 --------- d-----w C:\Program Files\Trend Micro
          2008-01-02 16:03 --------- d-----w C:\Program Files\Common Files\Adobe
          2008-01-02 11:45 --------- d-----w C:\Program Files\Paint.NET
          2007-12-26 17:46 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\ZoomBrowser EX
          2007-12-26 12:21 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CameraWindowDC
          2007-12-24 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2007-11-30 13:49 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CANON INC
          2007-11-30 13:34 --------- d-----w C:\Program Files\Canon
          2007-11-30 13:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
          2007-11-30 13:31 --------- d-----w C:\Program Files\Common Files\Canon
          2007-11-25 12:27 39,424 ----a-w C:\WINDOWS\zipinst.exe
          2007-11-25 12:25 --------- d-----w C:\Program Files\Volumouse
          2007-11-16 16:02 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Media Player Classic
          2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
          2005-09-26 08:42 684 -c----w C:\Documents and Settings\Tramweg\hpothb07.dat
          2004-09-28 02:00 26,240 -c----w C:\WINDOWS\inf\RAMDSK.SYS
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 03:06 86016]
          "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 03:06 7311360]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]
          "PcSync"="H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15 1634304]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
          --a------ 2007-10-10 18:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
          --------- 2002-12-02 20:56 40960 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\feedreader.exe]
          --a------ 2007-06-29 10:45 1219072 h:\Program Files\FeedReader30\feedreader.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
          --a------ 2007-11-21 01:47 172280 H:\Program Files\ICQ6\ICQ.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
          --a------ 2007-01-08 21:17 52256 h:\Program Files\CyberLink\PowerDVD\Language\Language.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
          --------- 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
          --a------ 2005-12-10 03:06 1519616 C:\WINDOWS\system32\nwiz.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
          --a------ 2007-01-23 10:19 223232 H:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
          --a------ 2007-06-16 00:15 366400 h:\Program Files\Picasa2\PicasaMediaDetector.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnSys Executable]
          -r------- 2002-08-01 12:03 36864 d:\\PrnSys.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
          --------- 2007-01-08 21:26 68640 h:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
          --------- 2004-12-29 10:41 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Words]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
          "Diskeeper"=2 (0x2)

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
          "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
          "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
          "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
          "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
          "nwiz"=nwiz.exe /install

          R0 Klpid;Klpid;C:\WINDOWS\system32\Drivers\klpid.sys [2002-11-24 18:37]
          R1 Klpf;Klpf;C:\WINDOWS\system32\Drivers\Klpf.sys [2002-11-20 14:34]
          R2 AdobeActiveFileMonitor;Adobe Active File Monitor;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 04:47]
          R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 03:40]
          R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-04-20 22:01]
          R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
          R3 rtl8029;NT-stuurprogramma voor Realtek RTL8029(AS)-based PCI Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 20:12]
          S2 UMAXPCLS;Stuurprogramma voor scanner op printerpoort;C:\WINDOWS\system32\DRIVERS\umaxpcls.sys [2001-08-17 21:58]
          S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
          S3 InterCheck Control;InterCheck Control;C:\Program Files\@Home veiligheid\Antivirus\icntdrv5.sys [2006-05-05 15:30]
          S3 InterCheck Filter;InterCheck Filter;C:\Program Files\@Home veiligheid\Antivirus\icntflt5.sys [2006-05-05 15:30]
          S3 InterCheck Support 01;InterCheck Support 01;C:\Program Files\@Home veiligheid\Antivirus\icntst01.sys [2006-09-13 16:00]
          S3 InterCheck Support 02;InterCheck Support 02;C:\Program Files\@Home veiligheid\Antivirus\icntst02.sys [2006-09-13 16:00]
          S3 InterCheck Support 03;InterCheck Support 03;C:\Program Files\@Home veiligheid\Antivirus\icntst03.sys [2006-09-13 16:00]
          S3 InterCheck Support 04;InterCheck Support 04;C:\Program Files\@Home veiligheid\Antivirus\icntst04.sys [2006-09-13 16:00]
          S3 InterCheck Support 05;InterCheck Support 05;C:\Program Files\@Home veiligheid\Antivirus\icntst05.sys [2006-09-13 16:00]
          S3 InterCheck Support 06;InterCheck Support 06;C:\Program Files\@Home veiligheid\Antivirus\icntst06.sys [2006-09-13 16:00]
          S3 InterCheck Support 07;InterCheck Support 07;C:\Program Files\@Home veiligheid\Antivirus\icntst07.sys [2006-09-13 16:00]
          S3 InterCheck Support 08;InterCheck Support 08;C:\Program Files\@Home veiligheid\Antivirus\icntst08.sys [2006-09-13 16:00]
          S3 InterCheck Support 09;InterCheck Support 09;C:\Program Files\@Home veiligheid\Antivirus\icntst09.sys [2006-09-13 16:00]
          S3 InterCheck Support 10;InterCheck Support 10;C:\Program Files\@Home veiligheid\Antivirus\icntst10.sys [2006-09-13 16:00]
          S3 InterCheck Support 11;InterCheck Support 11;C:\Program Files\@Home veiligheid\Antivirus\icntst11.sys [2006-09-13 16:00]
          S3 InterCheck Support 12;InterCheck Support 12;C:\Program Files\@Home veiligheid\Antivirus\icntst12.sys [2006-09-13 16:00]
          S3 TESTCAP;TESTCAP;C:\WINDOWS\system32\DRIVERS\PCTVAud.sys [2000-02-08 10:25]
          S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 08:41]

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
          UxTuneUp

          .
          Inhoud van de 'Gedeelde Taken' map
          "2007-12-07 17:35:27 C:\WINDOWS\Tasks\Easy Onderhoud.job"
          - I:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
          "2008-01-06 15:00:16 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
          - C:\Program Files\Windows Defender\MpCmdRun.exe
          "2008-01-06 12:25:22 C:\WINDOWS\Tasks\User_Feed_Synchronization-{977636D9-3279-44BB-B242-11E8AC3727AF}.job"
          - C:\WINDOWS\system32\msfeedssync.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-01-06 15:57:42
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          Voltooingstijd: 2008-01-06 16:01:51 - machine was rebooted
          ComboFix-quarantined-files.txt 2008-01-06 15:01:39
          ComboFix2.txt 2008-01-05 11:23:34
          .
          2008-01-04 10:53:26 --- E O F ---
          • Citaat

          Comment

          • #6
            Download het volgende naar je bureaublad:
            http://downloads.subratam.org/ResetTeaTimer.bat

            Dubbelklik daarna op ResetTeaTimer.bat.

            Verwijder de volgende map:
            C:\Qoobox

            Maak dan je prullenbak leeg.

            Download ATF cleaner (mirror)(gemaakt door Atribune)

            Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

            Dubbelklik op ATF cleaner om het programma te starten.
            Op het tabblad "Main", plaats je een vinkje bij Select All.
            Klik op de knop Empty Selected.

            Het volgende doen als je ook FireFox als browser hebt:
            Klik op tabblad "Firefox", plaats een vinkje bij Select All.
            Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            (dit haalt het vinkje weer weg bij "Firefox saved passwords")
            Klik op de knop Empty Selected.

            Het volgende doen als je ook Opera als browser hebt:
            Klik op tabblad "Opera", plaats een vinkje bij Select All.
            Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
            Klik op de knop Empty Selected.
            Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

            Ga naar Start - Uitvoeren en geef hier het volgende in:
            Combofix /U
            Druk daarna op OK.
            Let op: Er moet een spatie tussen Combofix en /U zitten.

            Dit zal Combofix deïnstalleren.

            Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
            Kijk hier hoe je je systeemherstel moet uitschakelen.
            Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

            TeaTimer van Spybot mag je nu ook weer aanzetten
            • Citaat

            Comment

            Vorige template Volgende
            Sorry, you are not authorized to view this page
            Working...
            X