Mededeling

Collapse
No announcement yet.

Rightonadz en adsite

Collapse
X
Collapse
  •  
  • Page of 1
  • Tijd
  • Show
Clear All
new posts
Vorige template Volgende
  • #1

    Rightonadz en adsite

    Ik word de laatste dagen erg geplaagd door popups.
    Ik heb diverse malen hidmanpro gedraaid maar helaas zoder echt resultaat.
    Ik heb in het register gewerkt en de sleutels adsite en rightonadz gewist. Echter ook zonder resultaat.

    De logfile is in bijlage geplaatst:
    Bijgevoegde Bestanden
    Labels: Geen
      • Citaat
    • #2
      Download: RVAXO.exe
      • Sla het bestand op je bureaublad op, dubbelklik het en kies voor "Unzip" om het uit te pakken.
      • Open nu de map RVAXO op je bureaublad en dubbeklik RVAXO.cmd
        Er zal een cmd-schermpje openen, daarin zullen snel enkele regels over niet gevonden bestanden voorbijkomen, dit is normaal.
      • Mogelijk start er ook een uninstaller van een rogue scanner op, sluit deze niet af maar volg eventuele aanwijzingen en laat deze gewoon zijn werk doen.
      • Daarna zal je PC herstarten, na de herstart opent het cmd-venster van RVAXO opnieuw.
        Laat deze lopen en wacht tot er een logfile opent: C:\RVAXO-results.log
      • Herstart je computer niet vanzelf, of start de tool niet na de reboot, doe dit dan handmatig.
      • Post de inhoud van de logfile in je volgende bericht.


      Download Combofix naar je Bureaublad.
      Dubbelklik op Combofix.exe
      Kies voor "Continue" door 1 te typen gevolgd door ENTER.
      Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
      Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
      Plaats deze log in je volgende post.

      NOTA: Indien je virusscanner reageert met een melding van een scriptuitvoering, mag je dit negeren.
        • Citaat

        Comment

        • #3
          Rigtonadz en adsite

          Hierbij de logbestanden
          ----------------RVAXO.exe first run-------------

          Files found:

          C:\WINDOWS\system32\ljjhhge.dll__DELETE_ON_REBOOT
          C:\WINDOWS\system32\wvuutqr.dll__DELETE_ON_REBOOT
          C:\WINDOWS\system32\aadgh.ini2
          C:\WINDOWS\system32\mcrh.tmp
          C:\WINDOWS\system32\vbzip11.dll
          C:\WINDOWS\system32\vbzip10.dll
          C:\WINDOWS\system32\gzmrt.dll
          C:\WINDOWS\mrofinu1188.exe.tmp
          C:\n.bat
          C:\WINDOWS\system32\9461.bat
          C:\WINDOWS\system32\1654.bat
          C:\WINDOWS\system32\7494.bat
          C:\WINDOWS\system32\7724.bat
          C:\WINDOWS\system32\9426.bat
          C:\WINDOWS\system32\5867.bat
          C:\WINDOWS\system32\3679.bat
          C:\WINDOWS\system32\6569.bat
          C:\Documents and Settings\Tramweg\7000.bat
          C:\Documents and Settings\Tramweg\3464.bat
          C:\Documents and Settings\Tramweg\4479.bat
          C:\z.dat
          C:\x.dat

          Uninstallers Rogue scanners:


          Folders Found:

          C:\Program Files\outlook
          C:\Program Files\Temporary
          C:\Program Files\pedevice
          C:\WINDOWS\system32\bund1
          C:\Program Files\Common Files\{30816645-04B2-1043-0528-01042601001f}
          C:\Program Files\Common Files\{E0816645-04B2-1043-0528-01042601001f}

          Hosts-file was reset, If you use a custom hosts file please replace it...

          --------------RVAXO.exe last run---------------

          Files found:

          Folders Found:

          --------------RVAXO.exe finished----------------


          En vervolgens het logbestand van combifix

          ComboFix 08-01-05.1 - Tramweg 2008-01-05 12:07:32.1 - NTFSx86
          Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.281 [GMT 1:00]
          Gestart vanuit: C:\Documents and Settings\Tramweg\Bureaublad\ComboFix.exe
          * Nieuw herstelpunt werd aangemaakt
          .

          (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
          .

          C:\Documents and Settings\Tramweg\Application Data\Dxcknwrd.dll
          C:\Documents and Settings\Tramweg\Mijn documenten\FNTS~1
          C:\Documents and Settings\Tramweg\Mijn documenten\WNSXS~1
          C:\Program Files\Common Files\{30816~1
          C:\Program Files\Common Files\{E0816~1
          C:\Program Files\Common Files\sstem~1
          C:\Program Files\Common Files\uninstall information
          C:\temp\tn3
          C:\WINDOWS\asembl~1
          C:\WINDOWS\b143.exe
          C:\WINDOWS\system32\curity~1
          C:\WINDOWS\system32\dobe~1
          C:\WINDOWS\system32\dobe~1\?dobe\
          C:\WINDOWS\system32\dobe~2
          C:\WINDOWS\system32\ecurit~1
          C:\WINDOWS\system32\nsi18.dll

          .
          ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

          .
          -------\LEGACY_CLIENT_IP-IPX


          (((((((((((((((((((( Bestanden Gemaakt van 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))
          .

          2008-01-05 12:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
          2008-01-05 12:02 . 2008-01-05 12:03 <DIR> d-------- C:\RVAXO
          2008-01-05 11:58 . 2008-01-04 20:53 589,745 --a------ C:\WINDOWS\system32\RVAXO.bat
          2008-01-05 11:58 . 2001-10-01 14:51 69,632 --a------ C:\WINDOWS\system32\remove.exe
          2008-01-04 13:50 . 2008-01-04 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
          2008-01-02 21:26 . 2008-01-03 10:46 1,031,578 ---hs---- C:\WINDOWS\system32\ikfpwros.ini
          2008-01-02 20:51 . 2008-01-05 12:04 <DIR> dr-h----- C:\Documents and Settings\Tramweg\Onlangs geopend
          2008-01-02 10:03 . 2008-01-02 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
          2008-01-01 21:41 . 2008-01-01 21:41 <DIR> d-------- C:\Program Files\SurfRight
          2008-01-01 20:36 . 2008-01-01 20:29 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
          2008-01-01 20:36 . 2008-01-01 20:29 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
          2008-01-01 18:53 . 2008-01-04 16:11 28,332 --ahs---- C:\WINDOWS\system32\aadgh.ini
          2008-01-01 18:52 . 2008-01-01 18:52 <DIR> d-------- C:\Program Files\kernel
          2008-01-01 18:47 . 2008-01-02 09:24 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
          2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Davilex
          2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Borland
          2007-12-29 13:30 . 1998-06-02 12:01 233,472 --a------ C:\WINDOWS\system32\ILDA32.DLL
          2007-12-29 13:30 . 1999-11-11 23:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
          2007-12-29 13:30 . 2002-09-26 14:08 22,528 --a------ C:\WINDOWS\system32\WSC32.DLL
          2007-12-29 13:30 . 1998-07-08 20:14 17,408 --a------ C:\WINDOWS\system32\MIO32.DLL
          2007-12-29 13:12 . 2007-12-29 14:13 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\MAGIX
          2007-12-29 13:09 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
          2007-12-29 13:09 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
          2007-12-29 13:08 . 2006-03-31 14:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
          2007-12-28 21:28 . 2007-12-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
          2007-12-28 21:27 . 2007-12-29 13:09 <DIR> d-------- C:\Program Files\Common Files\MAGIX Shared
          2007-12-28 20:59 . 2008-01-03 17:30 <DIR> d-------- C:\WINDOWS\system32\MAGIX
          2007-12-24 22:03 . 2007-12-24 22:08 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\ICQ
          2007-12-24 22:02 . 2007-12-24 22:02 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\InstallShield
          2007-12-24 21:55 . 2007-12-24 21:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

          .
          ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          2008-01-04 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
          2008-01-04 12:53 --------- d-----w C:\Program Files\Lavasoft
          2008-01-04 12:52 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Lavasoft
          2008-01-04 12:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
          2008-01-03 16:12 --------- d-----w C:\Program Files\Trend Micro
          2008-01-02 16:03 --------- d-----w C:\Program Files\Common Files\Adobe
          2008-01-02 11:45 --------- d-----w C:\Program Files\Paint.NET
          2007-12-26 17:46 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\ZoomBrowser EX
          2007-12-26 12:21 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CameraWindowDC
          2007-12-24 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
          2007-11-30 13:49 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CANON INC
          2007-11-30 13:34 --------- d-----w C:\Program Files\Canon
          2007-11-30 13:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
          2007-11-30 13:31 --------- d-----w C:\Program Files\Common Files\Canon
          2007-11-25 12:27 39,424 ----a-w C:\WINDOWS\zipinst.exe
          2007-11-25 12:25 --------- d-----w C:\Program Files\Volumouse
          2007-11-16 16:02 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Media Player Classic
          2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
          2005-09-26 08:42 684 -c----w C:\Documents and Settings\Tramweg\hpothb07.dat
          2004-09-28 02:00 26,240 -c----w C:\WINDOWS\inf\RAMDSK.SYS
          .

          ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
          .
          .
          REGEDIT4
          *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0814FB89-CAFD-4425-A6E1-722E47CB7A19}]
          C:\WINDOWS\system32\hgdaa.dll

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18BEFD34-61D6-1E27-A340-69E33F92FBEF}]

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{42EBA932-6FD4-1E71-A340-69E33F92FBED}]

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45EAAE64-6782-192B-A340-69E33F92F9BA}]

          [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{46EEAC31-3288-4C73-A340-69E33F92FABF}]

          [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:03 15360]
          "kernel"="C:\Program Files\kernel\kernel.exe" [2008-01-01 18:52 61440]
          "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

          [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
          "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 03:06 86016]
          "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 03:06 7311360]
          "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

          [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
          "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]
          "PcSync"="H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15 1634304]

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
          "NoResolveTrack"= 1 (0x1)

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ljjhhge]
          ljjhhge.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\wvuutqr]
          wvuutqr.dll

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

          [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^svchost.exe]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
          --a------ 2007-10-10 18:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AltnetPointsManager]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Besieger DreamCatcher Interactive crack]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bita]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copernic Desktop Search 2]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\csr]


          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
          --------- 2002-12-02 20:56 40960 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiskeeperSystray]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DownloadAccelerator]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\e08166ea]
          C:\WINDOWS\system32\sorwpfki.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\feedreader.exe]
          --a------ 2007-06-29 10:45 1219072 h:\Program Files\FeedReader30\feedreader.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
          --a------ 2007-11-21 01:47 172280 H:\Program Files\ICQ6\ICQ.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IpWins]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
          --a------ 2007-01-08 21:17 52256 h:\Program Files\CyberLink\PowerDVD\Language\Language.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LocalCooling]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSVersion]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
          --------- 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
          --a------ 2005-12-10 03:06 1519616 C:\WINDOWS\system32\nwiz.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P2P Networking]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PC Booster]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
          --a------ 2007-01-23 10:19 223232 H:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PcSync]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
          --a------ 2007-06-16 00:15 366400 h:\Program Files\Picasa2\PicasaMediaDetector.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\postSetupCheck]
          C:\WINDOWS\system32\gzmrt.dll

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnSys Executable]
          -r------- 2002-08-01 12:03 36864 d:\\PrnSys.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
          --------- 2007-01-08 21:26 68640 h:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
          --a------ 2006-12-15 03:23 75520 C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
          --------- 2004-12-29 10:41 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vidmon]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinUpdate]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Words]

          [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
          "Diskeeper"=2 (0x2)

          [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
          "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

          [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
          "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
          "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
          "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
          "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
          "nwiz"=nwiz.exe /install

          R0 Klpid;Klpid;C:\WINDOWS\system32\Drivers\klpid.sys [2002-11-24 18:37]
          R1 Klpf;Klpf;C:\WINDOWS\system32\Drivers\Klpf.sys [2002-11-20 14:34]
          R2 AdobeActiveFileMonitor;Adobe Active File Monitor;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 04:47]
          R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 03:40]
          R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-04-20 22:01]
          R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
          R3 rtl8029;NT-stuurprogramma voor Realtek RTL8029(AS)-based PCI Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 20:12]
          S1 ctredrv.sys;ctredrv.sys;C:\WINDOWS\system32\drivers\ctredrv.sys
          S2 UMAXPCLS;Stuurprogramma voor scanner op printerpoort;C:\WINDOWS\system32\DRIVERS\umaxpcls.sys [2001-08-17 21:58]
          S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
          S3 InterCheck Control;InterCheck Control;C:\Program Files\@Home veiligheid\Antivirus\icntdrv5.sys [2006-05-05 15:30]
          S3 InterCheck Filter;InterCheck Filter;C:\Program Files\@Home veiligheid\Antivirus\icntflt5.sys [2006-05-05 15:30]
          S3 InterCheck Support 01;InterCheck Support 01;C:\Program Files\@Home veiligheid\Antivirus\icntst01.sys [2006-09-13 16:00]
          S3 InterCheck Support 02;InterCheck Support 02;C:\Program Files\@Home veiligheid\Antivirus\icntst02.sys [2006-09-13 16:00]
          S3 InterCheck Support 03;InterCheck Support 03;C:\Program Files\@Home veiligheid\Antivirus\icntst03.sys [2006-09-13 16:00]
          S3 InterCheck Support 04;InterCheck Support 04;C:\Program Files\@Home veiligheid\Antivirus\icntst04.sys [2006-09-13 16:00]
          S3 InterCheck Support 05;InterCheck Support 05;C:\Program Files\@Home veiligheid\Antivirus\icntst05.sys [2006-09-13 16:00]
          S3 InterCheck Support 06;InterCheck Support 06;C:\Program Files\@Home veiligheid\Antivirus\icntst06.sys [2006-09-13 16:00]
          S3 InterCheck Support 07;InterCheck Support 07;C:\Program Files\@Home veiligheid\Antivirus\icntst07.sys [2006-09-13 16:00]
          S3 InterCheck Support 08;InterCheck Support 08;C:\Program Files\@Home veiligheid\Antivirus\icntst08.sys [2006-09-13 16:00]
          S3 InterCheck Support 09;InterCheck Support 09;C:\Program Files\@Home veiligheid\Antivirus\icntst09.sys [2006-09-13 16:00]
          S3 InterCheck Support 10;InterCheck Support 10;C:\Program Files\@Home veiligheid\Antivirus\icntst10.sys [2006-09-13 16:00]
          S3 InterCheck Support 11;InterCheck Support 11;C:\Program Files\@Home veiligheid\Antivirus\icntst11.sys [2006-09-13 16:00]
          S3 InterCheck Support 12;InterCheck Support 12;C:\Program Files\@Home veiligheid\Antivirus\icntst12.sys [2006-09-13 16:00]
          S3 TESTCAP;TESTCAP;C:\WINDOWS\system32\DRIVERS\PCTVAud.sys [2000-02-08 10:25]
          S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 08:41]

          HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
          UxTuneUp

          .
          Inhoud van de 'Gedeelde Taken' map
          "2007-12-07 17:35:27 C:\WINDOWS\Tasks\Easy Onderhoud.job"
          - I:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
          "2008-01-05 11:21:15 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
          - C:\Program Files\Windows Defender\MpCmdRun.exe
          "2008-01-04 19:55:37 C:\WINDOWS\Tasks\User_Feed_Synchronization-{977636D9-3279-44BB-B242-11E8AC3727AF}.job"
          - C:\WINDOWS\system32\msfeedssync.exe
          .
          **************************************************************************

          catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
          Rootkit scan 2008-01-05 12:18:52
          Windows 5.1.2600 Service Pack 2 NTFS

          scannen van verborgen processen ...

          scannen van verborgen autostart items ...

          scannen van verborgen bestanden ...

          Scan succesvol afgerond
          verborgen bestanden: 0

          **************************************************************************
          .
          Voltooingstijd: 2008-01-05 12:23:32 - machine was rebooted
          ComboFix-quarantined-files.txt 2008-01-05 11:23:13
          .
          2008-01-04 10:53:26 --- E O F ---
            • Citaat

            Comment

            • #4
              Open de map RVAXO op je bureaublad en dubbelklik Uninstall.cmd
              Dit zal alles van RVAXO doen verwijderen.

              Download de bijlage: CFScript.txt

              Sleep CFScript.txt in ComboFix.exe zoals getoond in onderstaand voorbeeld :



              Dit zal ComboFix doen herstarten.
              Start opnieuw op als daarom gevraagd wordt,
              en post de inhoud van de Combofix.txt in je volgende antwoord.

              Post ook een nieuw logje van Hijackthis en vertel ook of er nog problemen zijn.
              Bijgevoegde Bestanden
                • Citaat

                Comment

                • #5
                  Rightonadz en adsite

                  Ik heb alles zo uitgevoerd zoals in de instructie.
                  Het lijkt erop dat de popups verdwenen zijn. Wat een genot.
                  Hartelijk dank. Ik ben wel overgestapt op firefox ipv van IE7.
                  De laatste log is de volgende:

                  ComboFix 08-01-05.1 - Tramweg 2008-01-06 15:44:35.2 - NTFSx86
                  Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.235 [GMT 1:00]
                  Gestart vanuit: C:\Documents and Settings\Tramweg\Bureaublad\ComboFix.exe
                  Command switches used :: C:\Documents and Settings\Tramweg\Bureaublad\cfscript-1.txt
                  * Nieuw herstelpunt werd aangemaakt

                  FILE
                  C:\WINDOWS\system32\aadgh.ini
                  C:\WINDOWS\system32\ikfpwros.ini
                  .

                  (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
                  .

                  C:\Program Files\kernel
                  C:\Program Files\kernel\kernel.exe
                  C:\WINDOWS\system32\aadgh.ini
                  C:\WINDOWS\system32\ikfpwros.ini

                  .
                  ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

                  .
                  -------\LEGACY_CTREDRV.SYS
                  -------\ctredrv.sys


                  (((((((((((((((((((( Bestanden Gemaakt van 2007-12-06 to 2008-01-06 ))))))))))))))))))))))))))))))
                  .

                  2008-01-05 19:48 . 2008-01-06 13:23 <DIR> dr-h----- C:\Documents and Settings\Tramweg\Onlangs geopend
                  2008-01-05 13:59 . 2008-01-05 14:03 <DIR> d-------- C:\Program Files\SpywareBlaster
                  2008-01-05 12:05 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
                  2008-01-04 13:50 . 2008-01-04 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
                  2008-01-02 10:03 . 2008-01-02 10:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Prevx
                  2008-01-01 21:41 . 2008-01-01 21:41 <DIR> d-------- C:\Program Files\SurfRight
                  2008-01-01 20:36 . 2008-01-01 20:29 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
                  2008-01-01 20:36 . 2008-01-01 20:29 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
                  2008-01-01 18:47 . 2008-01-02 09:24 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
                  2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Davilex
                  2007-12-29 13:30 . 2007-12-29 13:30 <DIR> d-------- C:\Program Files\Borland
                  2007-12-29 13:30 . 1998-06-02 12:01 233,472 --a------ C:\WINDOWS\system32\ILDA32.DLL
                  2007-12-29 13:30 . 1999-11-11 23:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
                  2007-12-29 13:30 . 2002-09-26 14:08 22,528 --a------ C:\WINDOWS\system32\WSC32.DLL
                  2007-12-29 13:30 . 1998-07-08 20:14 17,408 --a------ C:\WINDOWS\system32\MIO32.DLL
                  2007-12-29 13:12 . 2007-12-29 14:13 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\MAGIX
                  2007-12-29 13:09 . 2001-05-11 13:18 420,240 --a------ C:\WINDOWS\system32\mpg4c32.dll
                  2007-12-29 13:09 . 2001-03-26 04:41 245,760 --a------ C:\WINDOWS\system32\mp4sds32.ax
                  2007-12-29 13:08 . 2006-03-31 14:57 430,080 --a------ C:\WINDOWS\system32\MXRestore.exe
                  2007-12-28 21:28 . 2007-12-28 21:28 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\MAGIX
                  2007-12-28 21:27 . 2007-12-29 13:09 <DIR> d-------- C:\Program Files\Common Files\MAGIX Shared
                  2007-12-28 20:59 . 2008-01-03 17:30 <DIR> d-------- C:\WINDOWS\system32\MAGIX
                  2007-12-24 22:03 . 2007-12-24 22:08 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\ICQ
                  2007-12-24 22:02 . 2007-12-24 22:02 <DIR> d-------- C:\Documents and Settings\Tramweg\Application Data\InstallShield
                  2007-12-24 21:55 . 2007-12-24 21:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn

                  .
                  ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  2008-01-04 14:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
                  2008-01-04 12:53 --------- d-----w C:\Program Files\Lavasoft
                  2008-01-04 12:52 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Lavasoft
                  2008-01-04 12:50 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
                  2008-01-03 16:12 --------- d-----w C:\Program Files\Trend Micro
                  2008-01-02 16:03 --------- d-----w C:\Program Files\Common Files\Adobe
                  2008-01-02 11:45 --------- d-----w C:\Program Files\Paint.NET
                  2007-12-26 17:46 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\ZoomBrowser EX
                  2007-12-26 12:21 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CameraWindowDC
                  2007-12-24 21:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
                  2007-11-30 13:49 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\CANON INC
                  2007-11-30 13:34 --------- d-----w C:\Program Files\Canon
                  2007-11-30 13:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
                  2007-11-30 13:31 --------- d-----w C:\Program Files\Common Files\Canon
                  2007-11-25 12:27 39,424 ----a-w C:\WINDOWS\zipinst.exe
                  2007-11-25 12:25 --------- d-----w C:\Program Files\Volumouse
                  2007-11-16 16:02 --------- d-----w C:\Documents and Settings\Tramweg\Application Data\Media Player Classic
                  2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
                  2005-09-26 08:42 684 -c----w C:\Documents and Settings\Tramweg\hpothb07.dat
                  2004-09-28 02:00 26,240 -c----w C:\WINDOWS\inf\RAMDSK.SYS
                  .

                  ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
                  .
                  .
                  REGEDIT4
                  *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

                  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
                  "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-10 03:06 86016]
                  "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-10 03:06 7311360]
                  "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]

                  [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
                  "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 10:03 15360]
                  "PcSync"="H:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15 1634304]

                  [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Gamma Loader.lnk]

                  [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Speed Launch.lnk]

                  [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Adobe Reader Synchronizer.lnk]

                  [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
                  --a------ 2007-10-10 18:51 39792 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeviceDiscovery]
                  --------- 2002-12-02 20:56 40960 D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\feedreader.exe]
                  --a------ 2007-06-29 10:45 1219072 h:\Program Files\FeedReader30\feedreader.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ICQ]
                  --a------ 2007-11-21 01:47 172280 H:\Program Files\ICQ6\ICQ.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
                  --a------ 2007-01-08 21:17 52256 h:\Program Files\CyberLink\PowerDVD\Language\Language.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroCheck]
                  --------- 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
                  --a------ 2005-12-10 03:06 1519616 C:\WINDOWS\system32\nwiz.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
                  --a------ 2007-01-23 10:19 223232 H:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]
                  --a------ 2007-06-16 00:15 366400 h:\Program Files\Picasa2\PicasaMediaDetector.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrnSys Executable]
                  -r------- 2002-08-01 12:03 36864 d:\\PrnSys.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
                  --------- 2007-01-08 21:26 68640 h:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpySweeper]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spyware Doctor]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
                  --------- 2004-12-29 10:41 180269 C:\Program Files\Common Files\Real\Update_OB\realsched.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Words]

                  [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
                  "Diskeeper"=2 (0x2)

                  [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
                  "CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe

                  [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
                  "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
                  "NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
                  "NeroFilterCheck"=C:\WINDOWS\system32\NeroCheck.exe
                  "MSConfig"=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
                  "nwiz"=nwiz.exe /install

                  R0 Klpid;Klpid;C:\WINDOWS\system32\Drivers\klpid.sys [2002-11-24 18:37]
                  R1 Klpf;Klpf;C:\WINDOWS\system32\Drivers\Klpf.sys [2002-11-20 14:34]
                  R2 AdobeActiveFileMonitor;Adobe Active File Monitor;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 04:47]
                  R2 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;I:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 03:40]
                  R2 SVKP;SVKP;C:\WINDOWS\system32\SVKP.sys [2005-04-20 22:01]
                  R2 UxTuneUp;TuneUp Thema-uitbreiding;C:\WINDOWS\System32\svchost.exe [2004-08-04 10:03]
                  R3 rtl8029;NT-stuurprogramma voor Realtek RTL8029(AS)-based PCI Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\RTL8029.SYS [2001-08-17 20:12]
                  S2 UMAXPCLS;Stuurprogramma voor scanner op printerpoort;C:\WINDOWS\system32\DRIVERS\umaxpcls.sys [2001-08-17 21:58]
                  S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;I:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [2005-11-17 14:18]
                  S3 InterCheck Control;InterCheck Control;C:\Program Files\@Home veiligheid\Antivirus\icntdrv5.sys [2006-05-05 15:30]
                  S3 InterCheck Filter;InterCheck Filter;C:\Program Files\@Home veiligheid\Antivirus\icntflt5.sys [2006-05-05 15:30]
                  S3 InterCheck Support 01;InterCheck Support 01;C:\Program Files\@Home veiligheid\Antivirus\icntst01.sys [2006-09-13 16:00]
                  S3 InterCheck Support 02;InterCheck Support 02;C:\Program Files\@Home veiligheid\Antivirus\icntst02.sys [2006-09-13 16:00]
                  S3 InterCheck Support 03;InterCheck Support 03;C:\Program Files\@Home veiligheid\Antivirus\icntst03.sys [2006-09-13 16:00]
                  S3 InterCheck Support 04;InterCheck Support 04;C:\Program Files\@Home veiligheid\Antivirus\icntst04.sys [2006-09-13 16:00]
                  S3 InterCheck Support 05;InterCheck Support 05;C:\Program Files\@Home veiligheid\Antivirus\icntst05.sys [2006-09-13 16:00]
                  S3 InterCheck Support 06;InterCheck Support 06;C:\Program Files\@Home veiligheid\Antivirus\icntst06.sys [2006-09-13 16:00]
                  S3 InterCheck Support 07;InterCheck Support 07;C:\Program Files\@Home veiligheid\Antivirus\icntst07.sys [2006-09-13 16:00]
                  S3 InterCheck Support 08;InterCheck Support 08;C:\Program Files\@Home veiligheid\Antivirus\icntst08.sys [2006-09-13 16:00]
                  S3 InterCheck Support 09;InterCheck Support 09;C:\Program Files\@Home veiligheid\Antivirus\icntst09.sys [2006-09-13 16:00]
                  S3 InterCheck Support 10;InterCheck Support 10;C:\Program Files\@Home veiligheid\Antivirus\icntst10.sys [2006-09-13 16:00]
                  S3 InterCheck Support 11;InterCheck Support 11;C:\Program Files\@Home veiligheid\Antivirus\icntst11.sys [2006-09-13 16:00]
                  S3 InterCheck Support 12;InterCheck Support 12;C:\Program Files\@Home veiligheid\Antivirus\icntst12.sys [2006-09-13 16:00]
                  S3 TESTCAP;TESTCAP;C:\WINDOWS\system32\DRIVERS\PCTVAud.sys [2000-02-08 10:25]
                  S3 usb2vcom;Nokia CA-42 USB;C:\WINDOWS\system32\DRIVERS\usb2vcom.sys [2006-04-03 08:41]

                  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
                  UxTuneUp

                  .
                  Inhoud van de 'Gedeelde Taken' map
                  "2007-12-07 17:35:27 C:\WINDOWS\Tasks\Easy Onderhoud.job"
                  - I:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
                  "2008-01-06 15:00:16 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
                  - C:\Program Files\Windows Defender\MpCmdRun.exe
                  "2008-01-06 12:25:22 C:\WINDOWS\Tasks\User_Feed_Synchronization-{977636D9-3279-44BB-B242-11E8AC3727AF}.job"
                  - C:\WINDOWS\system32\msfeedssync.exe
                  .
                  **************************************************************************

                  catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
                  Rootkit scan 2008-01-06 15:57:42
                  Windows 5.1.2600 Service Pack 2 NTFS

                  scannen van verborgen processen ...

                  scannen van verborgen autostart items ...

                  scannen van verborgen bestanden ...

                  Scan succesvol afgerond
                  verborgen bestanden: 0

                  **************************************************************************
                  .
                  Voltooingstijd: 2008-01-06 16:01:51 - machine was rebooted
                  ComboFix-quarantined-files.txt 2008-01-06 15:01:39
                  ComboFix2.txt 2008-01-05 11:23:34
                  .
                  2008-01-04 10:53:26 --- E O F ---
                    • Citaat

                    Comment

                    • #6
                      Download het volgende naar je bureaublad:
                      http://downloads.subratam.org/ResetTeaTimer.bat

                      Dubbelklik daarna op ResetTeaTimer.bat.

                      Verwijder de volgende map:
                      C:\Qoobox

                      Maak dan je prullenbak leeg.

                      Download ATF cleaner (mirror)(gemaakt door Atribune)

                      Belangrijk: Sluit al je browservensters(IE en/of Firefox en/of Opera) om de tool goed te kunnen laten werken.

                      Dubbelklik op ATF cleaner om het programma te starten.
                      Op het tabblad "Main", plaats je een vinkje bij Select All.
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook FireFox als browser hebt:
                      Klik op tabblad "Firefox", plaats een vinkje bij Select All.
                      Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      (dit haalt het vinkje weer weg bij "Firefox saved passwords")
                      Klik op de knop Empty Selected.

                      Het volgende doen als je ook Opera als browser hebt:
                      Klik op tabblad "Opera", plaats een vinkje bij Select All.
                      Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
                      Klik op de knop Empty Selected.
                      Ga naar het tabblad "Main" en klik op de knop Exit om het programma af te sluiten.

                      Ga naar Start - Uitvoeren en geef hier het volgende in:
                      Combofix /U
                      Druk daarna op OK.
                      Let op: Er moet een spatie tussen Combofix en /U zitten.

                      Dit zal Combofix deïnstalleren.

                      Schakel Systeemherstel uit. Herstart de computer. Schakel Systeemherstel weer in.
                      Kijk hier hoe je je systeemherstel moet uitschakelen.
                      Hiermee verwijder je eventuele restanten van de infecties uit je systeemherstel.

                      TeaTimer van Spybot mag je nu ook weer aanzetten
                        • Citaat

                        Comment

                        Vorige template Volgende
                        Sorry, you are not authorized to view this page
                        Working...
                        X
                        😀
                        🥰
                        🤢
                        😎
                        😡
                        👍
                        👎