Ga naar inhoud

Aanbevolen berichten


Hi, De link werkte niet en dacht via google een werkende link te vinden maar vond daarbij de volgende waarschuwing:argh:

Ik heb malware report van gisteravond ook nog toegevoegd.



[TD]Dial-a-fix does not work with any Windows OS higher than Windows XP. This includes Windows Vista, Windows 7.

Dial-a-fix also has a critical unpatched bug that will delete your C:\Documents folder.

It is highly recommended to read the Warnings page before downloading and using this software.




Malwarebytes Anti-Malware

Malwarebytes : Free anti-malware download

Databaseversie: v2013.09.24.08

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Shirley :: EIGENAAR-8B348D [administrator]

24-9-2013 19:15:26

mbam-log-2013-09-24 (19-15-26).txt

Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 545821

Verstreken tijd: 6 uur/uren, 52 minuut/minuten, 36 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 2

C:\Program Files\rcpsetup_onlyad3.exe (PUP.Optional.RegCleanerPro) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Succesvol in quarantaine geplaatst en verwijderd.


  • Reacties 30
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen


Ok, wil je dan deze proberen?

Download 51a76de01d28c-Icon_Windows_Repair_All_in_One.pngWindows Repair all in one

Belangrijk! plaats deze op het bureaublad.

Dubbelklik om het programma te starten

Windows 7 en Vista gebruikers rechtsklik -> uitvoeren als Administrator.

Indien gevraagd, ga akkoord dat SFC (System File Check) gestart wordt.

Ga naar Start Repairs en klik op start.

Selecteer de volgende items en klik op restart system when finished:



Goede morgen, ik heb gedaan wat je zei! en nu maar hopen dat het nu een keer afgelopen is:adore:

Starting Repairs...

Start (27-9-2013 6:42:44)

04 - Repair WMI

Start (27-9-2013 6:42:44)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:47:50)

05 - Repair Windows Firewall

Start (27-9-2013 6:47:50)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:48:03)

12 - Repair Winsock & DNS Cache

Start (27-9-2013 6:48:03)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:48:16)

14 - Repair Proxy Settings

Start (27-9-2013 6:48:16)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:48:20)

16 - Repair Windows Updates

Start (27-9-2013 6:48:20)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:49:41)

20 - Repair MSI (Windows Installer)

Start (27-9-2013 6:49:41)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:49:54)

25 - Restore Important Windows Services

Start (27-9-2013 6:49:54)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:49:58)

26 - Set Windows Services To Default Startup

Start (27-9-2013 6:49:58)

Running Repair Under Current User Account

Running Repair Under System Account

Done (27-9-2013 6:50:15)

Cleaning up empty logs...

All Selected Repairs Done.

Done (27-9-2013 6:50:15)

Total Repair Time: 00:07:31


Running Repair Under Current User Account


Hi, mmm we zijn er denk ik nog niet (zie report). Het blijft rommelen op de PC?

Malwarebytes Anti-Malware

Databaseversie: v2013.09.27.01

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Shirley :: EIGENAAR-8B348D [administrator]

29-9-2013 20:43:21

mbam-log-2013-09-29 (20-43-21).txt

Scan type: Volledige scan (C:\|D:\|I:\|K:\|Z:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 548863

Verstreken tijd: 7 uur/uren, 24 minuut/minuten, 16 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 1

HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 2

C:\Documents and Settings\Shirley\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 31

C:\Program Files\SweetPacks\SweetPacksToolbarHelper.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2229.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\2258.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Succesvol in quarantaine geplaatst en verwijderd.



Ik kreeg deze er ook nog over heen! Update uitgevoerd en Elvira vond ook weer wat (zie report). Het blijft maar aan de gang... Weeet jij waar ik wijs aan doe?

Avira Free Antivirus

Report file date: maandag 30 september 2013 12:33

The program is running as an unrestricted full version.

Online services are available.

Licensee : Avira Free Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Microsoft Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : EIGENAAR-8B348D

Version information:

BUILD.DAT : 55009 Bytes 29-8-2013 18:03:00

AVSCAN.EXE : 639032 Bytes 2-9-2013 12:30:13

AVSCANRC.DLL : 52280 Bytes 2-9-2013 12:30:13

LUKE.DLL : 65080 Bytes 2-9-2013 12:30:35

AVSCPLR.DLL : 92216 Bytes 2-9-2013 12:30:14

AVREG.DLL : 250424 Bytes 2-9-2013 12:30:12

avlode.dll : 497720 Bytes 2-9-2013 12:30:11

avlode.rdf : 26846 Bytes 28-8-2013 11:23:36

VBASE000.VDF : 66736640 Bytes 4-4-2013 13:28:18

VBASE001.VDF : 2201600 Bytes 30-4-2013 07:23:01

VBASE002.VDF : 2751488 Bytes 28-5-2013 12:45:06

VBASE003.VDF : 2162688 Bytes 21-6-2013 11:39:56

VBASE004.VDF : 3903488 Bytes 23-7-2013 10:01:21

VBASE005.VDF : 6822912 Bytes 29-8-2013 11:35:26

VBASE006.VDF : 2293248 Bytes 24-9-2013 11:24:39

VBASE007.VDF : 2048 Bytes 24-9-2013 11:24:39

VBASE008.VDF : 2048 Bytes 24-9-2013 11:24:39

VBASE009.VDF : 2048 Bytes 24-9-2013 11:24:39

VBASE010.VDF : 2048 Bytes 24-9-2013 11:24:40

VBASE011.VDF : 2048 Bytes 24-9-2013 11:24:40

VBASE012.VDF : 2048 Bytes 24-9-2013 11:24:40

VBASE013.VDF : 2048 Bytes 24-9-2013 11:24:40

VBASE014.VDF : 282112 Bytes 26-9-2013 11:24:49

VBASE015.VDF : 359424 Bytes 28-9-2013 04:11:02

VBASE016.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE017.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE018.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE019.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE020.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE021.VDF : 2048 Bytes 28-9-2013 04:11:02

VBASE022.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE023.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE024.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE025.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE026.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE027.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE028.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE029.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE030.VDF : 2048 Bytes 28-9-2013 04:11:03

VBASE031.VDF : 114176 Bytes 30-9-2013 10:10:39

Engine version :

AEVDF.DLL : 102774 Bytes 13-6-2013 18:37:45

AESCRIPT.DLL : 516478 Bytes 26-9-2013 17:24:53

AESCN.DLL : 131446 Bytes 26-3-2013 13:53:41

AESBX.DLL : 1245560 Bytes 23-8-2013 12:28:20

AERDL.DLL : 688504 Bytes 13-6-2013 18:37:44

AEPACK.DLL : 749945 Bytes 13-9-2013 10:53:23

AEOFFICE.DLL : 205181 Bytes 8-8-2013 14:57:37

AEHEUR.DLL : 6156666 Bytes 26-9-2013 17:24:52

AEHELP.DLL : 266617 Bytes 27-8-2013 16:14:24

AEGEN.DLL : 446839 Bytes 6-9-2013 11:44:12

AEEXP.DLL : 328055 Bytes 13-9-2013 10:53:23

AEEMU.DLL : 393587 Bytes 19-9-2012 13:42:55

AECORE.DLL : 201081 Bytes 23-8-2013 12:28:15

AEBB.DLL : 53619 Bytes 6-11-2012 07:20:34

AVWINLL.DLL : 23608 Bytes 2-9-2013 12:30:06

AVPREF.DLL : 48184 Bytes 2-9-2013 12:30:11

AVREP.DLL : 175672 Bytes 2-9-2013 12:30:12

AVARKT.DLL : 258104 Bytes 2-9-2013 12:30:07

AVEVTLOG.DLL : 165432 Bytes 2-9-2013 12:30:09

SQLITE3.DLL : 397088 Bytes 19-9-2012 17:17:40

AVSMTP.DLL : 60472 Bytes 2-9-2013 12:30:14

NETNT.DLL : 13368 Bytes 2-9-2013 12:30:36

RCIMAGE.DLL : 4788792 Bytes 2-9-2013 12:30:06

RCTEXT.DLL : 66616 Bytes 2-9-2013 12:30:06

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Reporting...........................: default

Primary action......................: Interactive

Secondary action....................: Ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:, D:,

Process scan........................: on

Extended process scan...............: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Limit recursion depth...............: 20

Smart extensions....................: on

Macrovirus heuristic................: on

File heuristic......................: extended

Start of the scan: maandag 30 september 2013 12:33

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

Starting search for hidden objects.

The scan of running processes will be started:

Scan process 'PresentationFontCache.exe' - '29' Module(s) have been scanned

Scan process 'DLS.exe' - '106' Module(s) have been scanned

Scan process 'OSPPSVC.EXE' - '26' Module(s) have been scanned

Scan process 'vssvc.exe' - '36' Module(s) have been scanned

Scan process 'OUTLOOK.EXE' - '196' Module(s) have been scanned

Scan process 'avscan.exe' - '92' Module(s) have been scanned

Scan process 'avcenter.exe' - '72' Module(s) have been scanned

Scan process 'HPNetworkCommunicatorCom.exe' - '68' Module(s) have been scanned

Scan process 'RunDll32.exe' - '55' Module(s) have been scanned

Scan process 'WindowsSearch.exe' - '66' Module(s) have been scanned

Scan process 'Rundll32.exe' - '49' Module(s) have been scanned

Scan process 'Skype.exe' - '97' Module(s) have been scanned

Scan process 'WISPTIS.EXE' - '32' Module(s) have been scanned

Scan process 'msmsgs.exe' - '43' Module(s) have been scanned

Scan process 'MPAPI3s.exe' - '24' Module(s) have been scanned

Scan process 'DymoQuickPrint.exe' - '61' Module(s) have been scanned

Scan process 'ScanToPCActivationApp.exe' - '51' Module(s) have been scanned

Scan process 'PcSync2.exe' - '51' Module(s) have been scanned

Scan process 'KPNBackupOnline.exe' - '67' Module(s) have been scanned

Scan process 'iPodService.exe' - '29' Module(s) have been scanned

Scan process 'SERVIC~1.EXE' - '48' Module(s) have been scanned

Scan process 'ctfmon.exe' - '25' Module(s) have been scanned

Scan process 'jusched.exe' - '21' Module(s) have been scanned

Scan process 'olycamdetect.exe' - '26' Module(s) have been scanned

Scan process 'iTunesHelper.exe' - '64' Module(s) have been scanned

Scan process 'HPWuSchd2.exe' - '19' Module(s) have been scanned

Scan process 'LAUNCH~1.EXE' - '60' Module(s) have been scanned

Scan process 'lwbwheel.exe' - '21' Module(s) have been scanned

Scan process 'avgnt.exe' - '68' Module(s) have been scanned

Scan process 'MobileBroadband.exe' - '225' Module(s) have been scanned

Scan process 'RunDLL32.exe' - '52' Module(s) have been scanned

Scan process 'SOUNDMAN.EXE' - '25' Module(s) have been scanned

Scan process 'RTHDCPL.EXE' - '37' Module(s) have been scanned

Scan process 'tv_w32.exe' - '40' Module(s) have been scanned

Scan process 'alg.exe' - '33' Module(s) have been scanned

Scan process 'AVWEBGRD.EXE' - '47' Module(s) have been scanned

Scan process 'TeamViewer.exe' - '108' Module(s) have been scanned

Scan process 'Explorer.EXE' - '103' Module(s) have been scanned

Scan process 'wmiprvse.exe' - '48' Module(s) have been scanned

Scan process 'mbamgui.exe' - '29' Module(s) have been scanned

Scan process 'avshadow.exe' - '26' Module(s) have been scanned

Scan process 'VmbService.exe' - '81' Module(s) have been scanned

Scan process 'SearchIndexer.exe' - '56' Module(s) have been scanned

Scan process 'UsbClientService.exe' - '25' Module(s) have been scanned

Scan process 'BackupFP.exe' - '37' Module(s) have been scanned

Scan process 'TeamViewer_Service.exe' - '78' Module(s) have been scanned

Scan process 'svchost.exe' - '55' Module(s) have been scanned

Scan process 'sqlwriter.exe' - '28' Module(s) have been scanned

Scan process 'sqlbrowser.exe' - '17' Module(s) have been scanned

Scan process 'ReiGuard.exe' - '36' Module(s) have been scanned

Scan process 'daemonu.exe' - '31' Module(s) have been scanned

Scan process 'nvsvc32.exe' - '37' Module(s) have been scanned

Scan process 'NitroPDFDriverService8.exe' - '19' Module(s) have been scanned

Scan process 'sqlservr.exe' - '46' Module(s) have been scanned

Scan process 'GoogleCrashHandler.exe' - '21' Module(s) have been scanned

Scan process 'sqlservr.exe' - '57' Module(s) have been scanned

Scan process 'mbamservice.exe' - '38' Module(s) have been scanned

Scan process 'mbamscheduler.exe' - '27' Module(s) have been scanned

Scan process 'BackupSC.exe' - '23' Module(s) have been scanned

Scan process 'jqs.exe' - '32' Module(s) have been scanned

Scan process 'DymoPnpService.exe' - '43' Module(s) have been scanned

Scan process 'LoggerServer.exe' - '23' Module(s) have been scanned

Scan process 'mDNSResponder.exe' - '28' Module(s) have been scanned

Scan process 'BecHelperService.exe' - '52' Module(s) have been scanned

Scan process 'AppleMobileDeviceService.exe' - '65' Module(s) have been scanned

Scan process 'avguard.exe' - '80' Module(s) have been scanned

Scan process 'sched.exe' - '39' Module(s) have been scanned

Scan process 'spoolsv.exe' - '67' Module(s) have been scanned

Scan process 'svchost.exe' - '37' Module(s) have been scanned

Scan process 'svchost.exe' - '32' Module(s) have been scanned

Scan process 'svchost.exe' - '159' Module(s) have been scanned

Scan process 'svchost.exe' - '40' Module(s) have been scanned

Scan process 'svchost.exe' - '54' Module(s) have been scanned

Scan process 'lsass.exe' - '59' Module(s) have been scanned

Scan process 'services.exe' - '27' Module(s) have been scanned

Scan process 'winlogon.exe' - '80' Module(s) have been scanned

Scan process 'csrss.exe' - '14' Module(s) have been scanned

Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting to scan executable files (registry):

The registry was scanned ( '2313' files ).

Starting the file scan:

Begin scan in 'C:\' <WINDOWS>


[DETECTION] Is the TR/Trash.Gen Trojan


[DETECTION] Is the TR/Drop.Softomat.AN Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll

[DETECTION] Is the TR/Trash.Gen Trojan

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll

[DETECTION] Is the TR/Drop.Softomat.AN Trojan

Begin scan in 'D:\' <NIET GEBRUIKEN!!>

Beginning disinfection:

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054436.dll

[DETECTION] Is the TR/Drop.Softomat.AN Trojan

[NOTE] The file was moved to the quarantine directory under the name '5612d006.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054435.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '4e85ffa1.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054434.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '1cdaa549.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054433.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '7aedea8b.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054432.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '3f69c7b5.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054431.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '4072f5d4.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054430.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '0ccad99e.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054429.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '70d299ce.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054428.exe

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '5d88b683.qua'!

C:\System Volume Information\_restore{4E61869D-4283-4286-BE2B-0AA8A81CDCD4}\RP206\A0054427.dll

[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '44e08d1a.qua'!


[DETECTION] Is the TR/Drop.Softomat.AN Trojan

[NOTE] The file was moved to the quarantine directory under the name '287aa1ed.qua'!


[DETECTION] Is the TR/Trash.Gen Trojan

[NOTE] The file was moved to the quarantine directory under the name '59c39878.qua'!

End of the scan: maandag 30 september 2013 14:53

Used time: 2:19:23 Hour(s)

The scan has been done completely.

14552 Scanned directories

1163966 Files were scanned

12 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 Files were deleted

0 Viruses and unwanted programs were repaired

12 Files were moved to quarantine

0 Files were renamed

0 Files cannot be scanned

1163954 Files not concerned

16098 Archives were scanned

0 Warnings

12 Notes

552050 Objects were scanned with rootkit scan

0 Hidden objects were found




Het zit in de prullenbak en in je systemrestore, leeg de prullenbak en zet je systeemherstel even uit, en zet het daarna weer aan.

Dit is toch goede info?

Master boot sector HD0

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!


Goede morgen, Ik heb malware er weer over heen laten gaan. Sinds de laatste truk is het wel een stuk rustiger op de pc maar ik heb het gevoel er nog niet van af te zijn... De pc gaf ook nog 1x de eerder gemelde fout melding bij het opslaan van mail?

Wat denk jij er van?

Mooie zondag.

Malwarebytes Anti-Malware

Databaseversie: v2013.10.05.06

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Shirley :: EIGENAAR-8B348D [administrator]

5-10-2013 21:06:28

mbam-log-2013-10-05 (21-06-28).txt

Scan type: Volledige scan (C:\|D:\|I:\|Z:\|)

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 533201

Verstreken tijd: 5 uur/uren, 56 minuut/minuten, 18 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 4

HKCU\SOFTWARE\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> Succesvol in quarantaine geplaatst en verwijderd.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WNLT (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Registerwaarden gedetecteerd: 2

HKCU\SOFTWARE\WNLT|URL (PUP.Optional.InstallBrain.A) -> Data: MYSTART -> Succesvol in quarantaine geplaatst en verwijderd.

HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: Zoeken -> Succesvol in quarantaine geplaatst en verwijderd.

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 2

C:\Documents and Settings\All Users\Application Data\Conduit\IE (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.

Bestanden gedetecteerd: 8

C:\Documents and Settings\Shirley\Local Settings\Temp\nsl4F.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Local Settings\Temp\nsl54.exe (PUP.Optional.Conduit.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\Documents and Settings\Shirley\Local Settings\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\ARFC\wrtc.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\jmdp\stij.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\WNLT\Installation\SKSetup.exe (PUP.Optional.Perion) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\WNLT\Installation\Config.bin (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.

C:\WINDOWS\system32\WNLT\Installation\uninstaller.exe (PUP.Optional.InstallBrain.A) -> Succesvol in quarantaine geplaatst en verwijderd.



Download de 51deb689c0320-emsisoftemergencykit_100-4.pngEmsisoft Emergency Kit naar het bureaublad.

Klik hier voor de complete / uitgebreide handleiding van de Emsisoft Emergency Kit.

  • Dubbelklik op "EmsisoftEmergencyKit.exe", wanneer u een melding krijgt van het gebruikersaccountbeheer staat u dit toe.
  • Klik vervolgens op de knop "Accept & Extract" en de bestanden worden nu automatisch uitgepakt naar de systeemschijf "C:\\EEK".
  • Wanneer het uitpakken gereed is wordt er een snelkoppeling op het bureaublad aangemaakt en zal de Emsisoft Emergency Kit vanzelf openen.
  • Klik nu op de optie "Emergency Kit Scanner" en wanneer u de melding "Wilt u nu updaten?" krijgt klikt u op "Ja".
  • Wanneer de update gereed is klikt u in het linker menu op de optie "Computer Scannen".
  • Kies vervolgens de optie "Diep", deze scan kan geruime tijd in beslag nemen en gebruik bij voorkeur de computer niet voor andere bezigheden tijdens de scan.
  • Wanneer de scan gereed is zorg dat alle items staan aangevinkt en klik op de knop "Quarantaine".
  • Klik vervolgens op de knop "Rapport bekijken" en plaats de inhoud van dit bestand in uw volgende bericht. (Het logbestand is teven terug te vinden op de systeemschijf (C:\\EEK\\Run\\Reports) met de naam a2scan_130711-154142.txt


hi , zie hier het rapport alleen ik ben bang dat je nu niks ziet door dat ik daar voor recent malware er over had laten gaan?

Emsisoft Emergency Kit - Versie 4.0

Laatste Update: 25-9-2013 22:03:08

Gebruikersaccount: EIGENAAR-8B348D\Shirley


Scanmodus: Diepe scan

Objecten: Rootkits, Geheugen, Sporen, C:\, D:\

Detecteer PUPs: Aan

Scan archieven: Aan

ADS Scan: Aan

Bestandsextensiefilter: Uit

Geavanceerde cache: Aan

Directe schijftoegang: Uit

Scan gestart: 6-10-2013 20:17:24

Gescand: 485460

Gevonden: 0

Scan geëindigd: 6-10-2013 22:15:27

Scantijd: 1:58:03

  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.