logjes ivm ukash virus

marcel

12-02-2013 15:44

hallo
mijn pc heeft t ukash virus op gelopen
heb alle stappen gedaan zie logjes
Eset scan vond nix
mijn vraag is of de pc schoon is nu
gr marcel
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:46, on 12-2-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\manon\Bureaublad\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Search-Results Toolbar - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Search-Results Toolbar - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\Java\jre7\bin\jusched.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\Run: “c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353790306718
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 8408 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:34:46, on 12-2-2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\manon\Bureaublad\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: Search-Results Toolbar - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: Search-Results Toolbar - {3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} - C:\PROGRA~1\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll (file missing)
O4 - HKLM\..\Run: HDAShCut.exe
O4 - HKLM\..\Run: RTHDCPL.EXE
O4 - HKLM\..\Run: ALCMTR.EXE
O4 - HKLM\..\Run: C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
O4 - HKLM\..\Run: “c:\Program Files\Microsoft Security Client\msseces.exe” -hide -runkey
O4 - HKLM\..\Run: “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM\..\Run: “C:\Program Files\Java\jre7\bin\jusched.exe”
O4 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18\..\Run: “c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe” -t (User ‘SYSTEM’)
O4 - HKUS\.DEFAULT\..\Run: C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353790306718
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\APPLIC~1\Wincert\WIN32C~1.DLL
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
–
End of file - 8408 bytes
Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Databaseversie: v2013.02.12.04
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
manon :: UW-259CBE6449D1
12-2-2013 12:10:49
mbam-log-2013-02-12 (12-10-49).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 265342
Verstreken tijd: 9 minuut/minuten, 25 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
fazantje

12-02-2013 16:56

Hoi Marcel,
Zou je ook punt 2 willen uitvoeren en dat logje plaatsen.
Groetjes Huib;)
marcel

12-02-2013 17:55

logje punt 2
# AdwCleaner v2.112 - Verslag gemaakt op 12/02/2013 om 17:47:23
# Geactualiseerd op 10/02/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : manon - UW-259CBE6449D1
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\manon\Bureaublad\adwcleaner0.exe
# Optie
***** *****
***** *****
***** *****
***** *****
-\\ Internet Explorer v8.0.6001.18702
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\manon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
AdwCleaner.txt - -
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
marcel

12-02-2013 19:14

ik was dus bij t eerste logje adwcleaner vergeten en hijack dubbel gepost zag ik
dit is t eerste logje van adwcleaner die bij de eerste post hoort
# AdwCleaner v2.112 - Verslag gemaakt op 12/02/2013 om 12:02:28
# Geactualiseerd op 10/02/2013 door Xplode
# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)
# Gebruiker : manon - UW-259CBE6449D1
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Documents and Settings\manon\Bureaublad\adwcleaner0.exe
# Optie
***** *****
***** *****
File Verwijdert : C:\END
Map Verwijdert : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Map Verwijdert : C:\Documents and Settings\LocalService\Application Data\imeshbandmltbpi
Map Verwijdert : C:\Documents and Settings\LocalService\Application Data\mediabarim
Map Verwijdert : C:\Documents and Settings\LocalService\Local Settings\Application Data\Conduit
Map Verwijdert : C:\Documents and Settings\LocalService\Local Settings\Application Data\ConduitEngine
Map Verwijdert : C:\Program Files\iMesh Applications\Mediabar
Verwijdert bij het opstarten : C:\Documents and Settings\manon\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Verwijdert bij het opstarten : C:\Program Files\Searchqu Toolbar
***** *****
Data Verwijdert : HKLM\..\Windows = C:\PROGRA~1\SEARCH~1\Datamngr\datamngr.dll
Data Verwijdert : HKLM\..\Windows = C:\PROGRA~1\SEARCH~1\Datamngr\IEBHO.dll
Sleutel Verwijdert : HKCU\Software\APN DTX
Sleutel Verwijdert : HKCU\Software\DataMngr
Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Sleutel Verwijdert : HKLM\Software\DataMngr
Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A59}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wajam
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Sleutel Verwijdert : HKLM\Software\SearchquSRTB
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
***** *****
-\\ Internet Explorer v8.0.6001.18702
Het register bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v24.0.1312.57
File : C:\Documents and Settings\manon\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences
De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner.txt - -
########## EOF - C:\AdwCleaner.txt - ##########
fazantje

12-02-2013 19:26

Hoi Marcel,
Download Combofix hier en plaats het op jou bureaublad.
Schakel nu eerst jou virusscanner uit. Deze gaat weer aan nadat computer opnieuw is opgestart.
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link,
want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt
van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en download Combofix opnieuw.
Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op Combofix.exe
Volg de instructies, aanvaard de disclaimer.
Tijdens het runnen van de fix, NIET in het venster klikken, want dit zal je pc doen vasthangen.
De scan kan, afhankelijk van de besmetting 40 tot wel 100 minuten duren, dus denk niet van hij zit vast.
Wanneer de fix voltooid is en na herstart, zal de log combofix.txt openen.
Plaats in jou volgende bericht de logjes van Combofix en een nieuw HijackThis logje, en vertel hoe het nu gaat.
Succes,
Huib;)
marcel

12-02-2013 20:24

Tijdens het lopen van Combofix komt er bij t einde van verwijderen etc
opeens een blauw scherm met de vermelding in witte letters dat Windows afgesloten wordt wegens een ernstige fout en dan de vermelding: BAD_POOL_HEADER
heb t 2 x overnieuw geprobeerd maar steeds aan t eind een blauw scherm en geen logje
mag t ook in veilige modus?
of heb je een andr idee?
gr marcel,
marcel

12-02-2013 20:28

Combofix komt bij t einde van verwijderen etc
een blauw scherm Windows afgesloten wordt wegens een ernstige fout met vermelding: BAD_POOL_HEADER
heb t 2 x overnieuw geprobeerd maar steeds aan t eind een blauw scherm en geen logje
mag t ook in veilige modus?
of heb je een andr idee?
gr marcel,
Ben

12-02-2013 21:18

Hallo,
Heb je je virusscanner uit staan?
Zo ja doe het volgende:
Download zoek.exe naar het bureaublad.
*Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
(hier of hier) kan je lezen hoe je dat doet.
* Dubbelklik op Zoek.exe om de tool te starten.
* Windows Vista, 7 en 8 gebruikers dienen de tool als “administrator” uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
* Kopieer nu onderstaande vet gedrukte en plak die in het grote invulvenster:
emptyclsid;
* Klik op de button "Options" en vink nu de onderstaande opties aan.
* Standaard Search
* Auto Clean
* Empty All Temp
* System Restore Point
* Klik nu op de knop "Run script".
* Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
* Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
* Post nu de inhoud van het geopende logje in het volgende bericht.
Groeten abbs.
marcel

12-02-2013 21:38

bijdeze logje zoek.exe ( scanner uit)
Zoek.exe Version 4.0.0.2 Beta Updated 11-February-2013
Tool run by manon on di 12-02-2013 at 21:20:43,78.
Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
==== System Restore Info ======================
12-2-2013 21:22:08 Zoek.exe System Restore Point Created Succesfully.
==== Suspicious Entries Found ======================
“1900:UDP”=“1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007”
“2869:TCP”=“2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008”
“3389:TCP”=“3389:TCP:*:Enabled:Remote Desktop”
“65533:TCP”=“65533:TCP:*:Enabled:Services”
“52344:TCP”=“52344:TCP:*:Enabled:Services”
“1900:UDP”=“1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007”
“2869:TCP”=“2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008”
“5985:TCP”="5985:TCP:*isabled:Windows Remote Management "
“80:TCP”="80:TCP:*isabled:Windows Remote Management - compatibiliteitsmodus (HTTP-In) "
“139:TCP”=“139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004”
“445:TCP”=“445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005”
“137:UDP”=“137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001”
“138:UDP”=“138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002”
“4481:TCP”=“4481:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer”
“4481:UDP”=“4481:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery”
“4482:TCP”=“4482:TCP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync data transfer”
“4482:UDP”=“4482:UDP:LocalSubNet:Enabled:BlackBerry Desktop Software Wireless Music Sync discovery”
“3389:TCP”=“3389:TCP:*:Enabled:Remote Desktop”
“65533:TCP”=“65533:TCP:*:Enabled:Services”
“52344:TCP”=“52344:TCP:*:Enabled:Services”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-83265092-2990293034-2559932795-1007\Software\Microsoft\Internet Explorer\SearchScopes\{4EB140FC-1938-46FE-963B-A2D849D6244E} deleted successfully
HKEY_USERS\S-1-5-21-83265092-2990293034-2559932795-1007\Software\Microsoft\Internet Explorer\SearchScopes\{A9F06ABC-0DEC-43D5-BBD6-C4801B4E33F3} deleted successfully
HKEY_USERS\S-1-5-21-83265092-2990293034-2559932795-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
HKEY_USERS\S-1-5-21-83265092-2990293034-2559932795-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3ec1a45c-8bc3-4bfe-b226-4051c5d3d068} deleted successfully
==== Running Processes ======================
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\FsUsbExService.Exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\locator.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\alg.exe
C:\Documents and Settings\manon\Bureaublad\zoek.exe
c:\Tmp\Mama\RarSFX0\zoek.com
C:\WINDOWS\system32\mshta.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
==== Deleting Files \ Folders ======================
“C:\Documents and Settings\All Users\Application Data\0tbpw.pad” deleted
“C:\Documents and Settings\manon\Application Data\searchresultstb” deleted
“C:\Documents and Settings\All Users\Application Data\Wincert” deleted
==== System Specs ======================
Windows: Windows XP Home Edition Service Pack 3 (Build 2600)
Internet Explorer: 8.0.6001.18702
Memory (RAM): 1023 MB
CPU Info: Intel(R) Pentium(R) D CPU 2.66GHz
CPU Speed: 2660,4 MHz
Sound Card: Realtek HD Audio output |
Display Adapters: Radeon X1300 Series | Radeon X1300 Series Secondary | NetMeeting driver | RDPDD Chained DD
Monitors: 1x; Dell 1503FP (analoog) |
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: SiS191 100/10 Ethernet Device - Pakketplanner-minipoort
CD / DVD Drives: 2x (D: | E: | ) D: PHILIPS DROM6216 | E: HL-DT-STDVDRAM GSA-H10N
Ports: COM4 | COM5 | COM1 LPT Port NOT Present.
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C: 232,9GB
Hard Disks - Free: C: 179,7GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 04/19/06 | A M I - 4000619
Time Zone: West-Europa (standaardtijd)
Motherboard *: FUJITSU SIEMENS P5SD2-FM
Sun Java version: 1.7.0_13
Country: Nederland
Language: NLD
==== Files Recently Created / Modified ======================
====== C:\WINDOWS ====
2013-02-12 18:37:55 F042EE4C8D66248D9B86DCF52ABAE416 256000 -c–a-w- C:\WINDOWS\PEV.exe
2013-02-12 18:37:55 9E05A9C264C8A908A8E79450FCBFF047 80412 -c–a-w- C:\WINDOWS\grep.exe
2013-02-12 18:37:55 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 -c–a-w- C:\WINDOWS\zip.exe
2013-02-12 18:37:55 0297C72529807322B152F517FDB0A9FC 406528 -c–a-w- C:\WINDOWS\SWSC.exe
2013-02-12 18:37:55 0277C027A26428DB64EF4F64F52BB4FD 208896 -c–a-w- C:\WINDOWS\MBR.exe
====== C:\WINDOWS\TEMP ====
====== C:\WINDOWS\system32 =====
2013-02-12 12:48:48 E828134279A6BB5EF3032F9B88D335F9 94112 -c–a-w- C:\WINDOWS\System32\WindowsAccessBridge.dll
====== C:\WINDOWS\system32\drivers =====
2013-02-02 20:43:27 629CABB0421668C9D3D402A3C3D77E14 21104 -c–a-w- C:\WINDOWS\System32\drivers\mbam.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2013-02-05 15:47:48 ——– dc—-w- C:\Program Files\ABN AMRO e.dentifier2
======= C: =====
2013-02-12 16:47:23 6A217F44E02B6201668D0A58951732D1 1063 -c–a-w- C:\AdwCleaner.txt
2013-02-12 11:50:21 6331FB4BED83F8D1EF08E0DACD907634 1005 -c–a-w- C:\AdwCleaner.txt
2013-02-12 11:02:28 B264452BDB1D1E7BCF921D5770B8F0CA 7830 -c–a-w- C:\AdwCleaner.txt
====== C:\Documents and Settings\manon\Application Data ======
2013-02-12 12:52:09 ——– dc—-w- C:\Documents and Settings\manon\Local Settings\Application Data\Sun
2013-02-05 15:46:53 ——– dc—-w- C:\Documents and Settings\All Users\Application Data\{6CDCEBFA-D5FA-4ED0-A11F-AC1F8BD76DF2}
2013-02-02 21:17:50 E2BD0B8EF3CDA7631FE2F1EEEE8F2562 222350 -c–a-w- C:\Documents and Settings\manon\Local Settings\Application Data\census.cache
2013-02-02 21:17:06 7C8851204A44AC85454AA6DEC7104E91 208020 -c–a-w- C:\Documents and Settings\manon\Local Settings\Application Data\ars.cache
2013-01-29 07:51:40 ——– dc-h–w- C:\Documents and Settings\manon\Application Data\60B2AFE6
====== C:\Documents and Settings\manon ======
2013-02-10 19:07:21 ——– dc-h–r- C:\Documents and Settings\manon\Onlangs geopend
====== C: exe-files ==
2013-02-12 18:37:55 F042EE4C8D66248D9B86DCF52ABAE416 256000 -c–a-w- C:\WINDOWS\PEV.exe
2013-02-12 18:37:55 9E05A9C264C8A908A8E79450FCBFF047 80412 -c–a-w- C:\WINDOWS\grep.exe
2013-02-12 18:37:55 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 -c–a-w- C:\WINDOWS\zip.exe
2013-02-12 18:37:55 0297C72529807322B152F517FDB0A9FC 406528 -c–a-w- C:\WINDOWS\SWSC.exe
2013-02-12 18:37:55 0277C027A26428DB64EF4F64F52BB4FD 208896 -c–a-w- C:\WINDOWS\MBR.exe
2013-02-12 12:21:44 CE0D0B11986FD2C0247AE88A59B36A6E 579904 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2013-02-12 12:21:44 BDB7D97012F9B3102DB72AA76A24942A 546944 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerApp.exe
2013-02-12 12:21:44 7C9EEC809FB9CDA26EFC245C001EA980 2347384 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2013-02-12 12:21:44 7ABF8849E76732C357F419B1AF5668F2 546944 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2013-02-12 12:21:44 6D4ED8A5C071F29730A6F0B943FEEA3A 122584 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2013-02-12 10:59:50 A079519FFD3857560FA11EFBA92C0474 587671 -c–a-w- C:\Documents and Settings\manon\Bureaublad\adwcleaner0.exe
=== C: other files ==
2013-02-12 18:38:58 A0D5A2D641A3F4D19309E7023C3E2E8E 7093 -c–a-w- C:\Qoobox\BackEnv\SetPath.bat
2013-02-12 12:48:48 E828134279A6BB5EF3032F9B88D335F9 94112 -c–a-w- C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-02-12 12:21:44 F8D176DB5B14AED7C9B25E0640226BD1 258352 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\unicows.dll
2013-02-12 12:21:44 D696304DA41F6C41442A242696A1DE13 476904 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\esets_apiA.dll
2013-02-12 12:21:44 B5C09D498274262FF39647F6FA17C1E9 637584 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\esets_apiW_a.dll
2013-02-12 12:21:44 6D79B1BC4472FB194C02386F2C69E86F 324464 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\OnlineScannerLang.dll
2013-02-12 12:21:44 0ABDB460A83E2718D11FEAE328B3BD1D 493384 -c–a-w- C:\Program Files\ESET\ESET Online Scanner\esets_apiW.dll
2013-02-12 08:50:57 266AD84EAE031B628F02D35411C72015 94208 -c–a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{1FF917C1-6BFC-CA28-B455-5C89A6DD3EF2}-readme.dll
2013-02-12 08:50:55 266AD84EAE031B628F02D35411C72015 94208 -c–a-w- C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\LocalCopy\{79666754-3072-BA4F-5254-F5C4F1A5D8F0}-wpbt0.dll
==== Startup Registry Enabled ======================
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“DWQueuedReporting”=“c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t”
“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe”
“CTFMON.EXE”=“C:\WINDOWS\system32\CTFMON.EXE”
“DWQueuedReporting”=“c:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe -t”
“Snelkoppeling naar eigenschappenvenster voor High Definition Audio”=“HDAShCut.exe”
“RTHDCPL”=“RTHDCPL.EXE”
“Alcmtr”=“ALCMTR.EXE”
“RIMBBLaunchAgent.exe”=“C:\Program Files\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe”
“MSC”=“c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey”
“QuickTime Task”=“C:\Program Files\QuickTime\qttask.exe -atboottime”
“SunJavaUpdateSched”=“C:\Program Files\Java\jre7\bin\jusched.exe”
“KernelFaultCheck”=“%systemroot%\system32\dumprep 0 -k”
“CTFMON.EXE”=“C:\WINDOWS\system32\ctfmon.exe”
==== Startup Registry Disabled ======================
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“cli”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\ATI Technologies\\ATI.ACE\\cli.exe\“ runtime -Delay”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“RunDll32 cmcnfgu”
“hkey”=“HKLM”
“command”=“RunDll32 cmcnfgu.cpl,CMICtrlWnd”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“iTunesHelper”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\iTunes\\iTunesHelper.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“KB01091894”
“hkey”=“HKCU”
“command”=“\”C:\\Documents and Settings\\manon\\Application Data\\KB01091894.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“_uninstop”
“hkey”=“HKLM”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“msnmsgr”
“hkey”=“HKCU”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“NeroCheck”
“hkey”=“HKLM”
“command”=“C:\\WINDOWS\\system32\\NeroCheck.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“qttask”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\QuickTime\\qttask.exe\“ -atboottime”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Skype”
“hkey”=“HKCU”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“jusched”
“hkey”=“HKLM”
“command”=“\”C:\\Program Files\\Java\\jre1.6.0_03\\bin\\jusched.exe\“”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“GoogleToolbarNotifier”
“hkey”=“HKCU”
“command”=“C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe”
“key”=“SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run”
“item”=“Res”
“hkey”=“HKLM”
“command”=“C:\\Program Files\\USB Disk Win98 Driver\\Res.EXE”
“path”=“C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\Adobe Reader Snelle start.lnk”
“backup”=“C:\\WINDOWS\\pss\\Adobe Reader Snelle start.lnkCommon Startup”
“command”=“C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE ”
“item”=“Adobe Reader Snelle start”
“path”=“C:\\Documents and Settings\\All Users\\Menu Start\\Programma's\\Opstarten\\BlueSoleil.lnk”
“backup”=“C:\\WINDOWS\\pss\\BlueSoleil.lnkCommon Startup”
“command”=“C:\\PROGRA~1\\IVTCOR~1\\BLUESO~1\\BLUESO~1.EXE ”
“item”=“BlueSoleil”
==== Task Scheduler Jobs ======================
C:\WINDOWS\tasks\AppleSoftwareUpdate.job –a–c— C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-83265092-2990293034-2559932795-1007Core.job –a–c— C:\Documents and Settings\manon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-83265092-2990293034-2559932795-1007UA.job –a–c— C:\Documents and Settings\manon\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job –ah-c— C:\Program Files\Microsoft Security Client\MpCmdRun.exe
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ndibdjnfmopecpmkdieinmbadjfpblof - No path found
YouTube - manon - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - manon - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Trackers on this page - manon - Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Gmail - manon - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
“Start Page”=“http://www.google.com/webhp?hl=nl”
No DefaultScope Set For HKCU
New Values:
“Start Page”=“http://www.google.com/webhp?hl=nl”
“DefaultScope”=“{6A1806CD-94D4-4689-BA73-E35EA1EA9990}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{5BFE9EDA-43A4-4406-AC64-DF39EB1223B9} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS”
{6575846F-1D65-4E0F-BE76-1F68DD71BF66} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC”
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url=“http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}”
{B4570F89-90E0-4367-BE03-E7EB3DF5F7DF} Unknown Url=“Not_Found”
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-83265092-2990293034-2559932795-1007\Software\Microsoft\Internet Explorer\SearchScopes\{B4570F89-90E0-4367-BE03-E7EB3DF5F7DF} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
==== HijackThis Entries ======================
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra ‘Tools’ menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1ABA5FAC-1417-422B-BA82-45C35E2C908B} (20-20 3D Viewer for IKEA) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_IKEA_Win32.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6770.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1353790306718
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {888078C6-70B2-4F88-8EE7-1F50DDEA6120} (CeWe Color AG & Co. OHG Control) - https://as.photoprintit.de/ips-opdata/activex/ImageUploader6.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FsUsbExService - Teruten - C:\WINDOWS\system32\FsUsbExService.Exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - c:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
==== Empty IE Cache ======================
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\janneke\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\janneke\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\manon\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Documents and Settings\manon\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\WINDOWS\TEMP successfully emptied
==== Deleting Files / Folders ======================
“C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat” not found
fazantje

12-02-2013 21:58

Hoi Marcel,
Download TDSSKiller hier en plaats het op je bureaublad.
Voordat je TDSSKiller uitvoert is het raadzaam om de onderstaande handleiding van TDSSKiller te raadplegen.
Dubbelklik op TDSSKiller.exe om de tool te starten. (Indien je TDSSKiller als ZIP bestand hebt gedownload dien je deze eerst uit te pakken).
Als er door TDSSkiller een update wordt gevonden klikt u op de knop “Load update”
Een nieuwe versie van TDSSkiller zal nu gedownload worden en sla deze op het bureaublad op.
Start nu TDSSkiller opnieuw.
Klik op “Change parameters” en zorg dat de onderstaande opties allemaal aangevinkt zijn.
Klik op de knop “Start Scan” en volg de instructies.
Gebruik nooit de "Delete“ of ”Quarantaine“ optie bij een ”Fail signature" melding.
Wanneer er een herstart nodig was, vind je de logfile in C:\TDSSKiller.___log.txt
Voeg dit log-bestand toe aan het volgende bericht.
Succes,
Huib;)

Dit topic is gesloten, er kunnen geen reacties meer worden geplaatst.

logjes ivm ukash virus

marcel

fazantje

marcel

marcel

fazantje

marcel

marcel

Ben

marcel

fazantje