Coen53
-
Items
8 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door Coen53
-
-
kloppen deze logjes?
computer werkt redelijk, internet gaat vooral erg sloom.
-
Malwarebytes' Anti-Malware 1.46
Databaseversie: 4052
Windows 6.1.7600 (Safe Mode)
Internet Explorer 8.0.7600.16385
14-9-2010 18:27:01
mbam-log-2010-09-14 (18-27-01).txt
Scantype: Snelle scan
Objecten gescand: 127815
Verstreken tijd: 4 minuut/minuten, 33 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 5
Registerwaarden geïnfecteerd: 0
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 3
Bestanden geïnfecteerd: 22
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> No action taken.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> No action taken.
Registerwaarden geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\components (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge (Spyware.MarketScore) -> No action taken.
Bestanden geïnfecteerd:
C:\Users\Coen\AppData\Local\Temp\noeramwxcs.exe (Trojan.Agent.Gen) -> No action taken.
C:\Program Files\RelevantKnowledge\install.rdf (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlls64.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlph.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\rlxf.dll (Spyware.MarketScore) -> No action taken.
C:\Program Files\RelevantKnowledge\components\rlxg.dll (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> No action taken.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> No action taken.
C:\Users\Coen\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> No action taken.
C:\Users\Coen\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> No action taken.
C:\Users\Coen\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> No action taken.
C:\Users\Coen\.COMMgr\complmgr.exe (Trojan.Agent) -> No action taken.
C:\Users\Coen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Security Tool.LNK (Rogue.SecurityTool) -> No action taken.
C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> No action taken.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:21:45, on 14-9-2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
--
End of file - 5926 bytes
-
juist ik ren even naar boven om te proberen
---------- Post toegevoegd om 15:58 ---------- Vorige post was om 15:51 ----------
Bedankt het is gelukt!
Het logboekje:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:55:38, on 14-9-2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Safe mode
Running processes:
C:\Windows\system32\userinit.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = DAEMON-Search.com :: STARTPAGE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:5577
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [coexwsanmr.exe] "C:\Users\Coen\AppData\Local\Temp\coexwsanmr.exe"
O4 - HKCU\..\Run: [handlerfix70700en00.exe] C:\Users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\handlerfix70700en00.exe
O4 - HKCU\..\Run: [COM+ Manager] "C:\Users\Coen\.COMMgr\complmgr.exe"
O4 - HKCU\..\Run: [Metropolis] rundll32.exe C:\Users\Coen\AppData\Local\Temp\sshnas21.dll,GetHandle
O4 - HKCU\..\Run: [YXE7DXCQ37] C:\Users\Coen\AppData\Local\Temp\Cld.exe
O4 - HKCU\..\Run: [OTGV1DNWQQ] C:\Users\Coen\AppData\Local\Temp\Clj.exe
O4 - HKCU\..\RunOnce: [37794] "C:\Users\Coen\AppData\Local\37794.exe" 5 38
O4 - Startup: Antimalware Doctor.lnk = Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\handlerfix70700en00.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll C:\PROGRA~1\Google\GOOGLE~4\GO36F4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: Google Desktop Manager 5.9.1005.12335 (GoogleDesktopManager-051210-111108) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: TabletServicePen - Wacom Technology, Corp. - C:\Windows\system32\Pen_Tablet.exe
--
End of file - 6959 bytes
Thx
-
Beste allemaal
Alweer heb ik last van een malware progammatje.
Nou goed volgens mij heb ik ze allebij (security tools en anti malware doctor) waarvan de eerste actief bezig is.
Ik heb HiJackThis gedownload en geinstaleerd maar kan hem niet openen omdat de malware met iets opkomt en HiJackThis dan word afgesloten.
Ik heb windows 7 en het lukt me niet hem te openen als administrator. hoe doe ik dit zodat ik het progammatje kan laten draaien?
Alvast bedankt
Groeten Coen
-
Alles doet het weer goed
Erg bedankt!
-
Hieronder het logje.
Zover ik zie werkt alles weer zoals het hoort, behalve firefox
Alvast bedankt!!
ComboFix 10-07-04.04 - Coen 05-07-2010 11:52:43.1.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.31.1043.18.1919.1338 [GMT 2:00]
Gestart vanuit: c:\users\Coen\Desktop\ComboFix.exe
SP: SUPERAntiSpyware *enabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7}
.
ADS - Windows: deleted 24 bytes in 1 streams.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F
c:\users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\enemies-names.txt
c:\users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\local.ini
c:\users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\lsrslt.ini
.
(((((((((((((((((((( Bestanden Gemaakt van 2010-06-05 to 2010-07-05 ))))))))))))))))))))))))))))))
.
2010-07-05 09:59 . 2010-07-05 09:59 -------- d-----w- c:\users\Mcx1\AppData\Local\temp
2010-07-05 09:59 . 2010-07-05 09:59 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-07-01 14:34 . 2010-07-01 14:34 -------- d-----w- c:\program files\iPod
2010-07-01 14:34 . 2010-07-01 14:35 -------- d-----w- c:\program files\iTunes
2010-07-01 14:33 . 2010-07-01 14:33 -------- d-----w- c:\program files\QuickTime
2010-06-29 13:54 . 2010-06-29 13:54 -------- d-----w- c:\users\Coen\AppData\Roaming\Malwarebytes
2010-06-29 13:54 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-29 13:54 . 2010-06-29 13:54 -------- d-----w- c:\programdata\Malwarebytes
2010-06-29 13:54 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-29 13:54 . 2010-06-29 13:54 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-29 13:12 . 2010-06-29 13:12 286464 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\LocalCopy\{98796D19-7D58-5509-5112-C6AEBC3B7AB6}-yypwrevtssd.exe
2010-06-29 12:46 . 2010-06-29 16:02 -------- d-----w- c:\users\Coen\AppData\Local\urlhqlceq
2010-06-23 07:59 . 2009-11-25 10:47 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-23 07:59 . 2009-11-25 10:47 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-23 07:59 . 2009-11-25 10:47 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-23 07:59 . 2009-11-25 10:47 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-23 07:59 . 2009-11-25 10:47 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-20 09:13 . 2010-06-20 09:13 -------- d-----w- c:\program files\Bonjour
2010-06-15 18:01 . 2010-06-15 18:01 72504 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.2.0.61\SetupAdmin.exe
2010-06-14 20:13 . 2010-06-14 20:13 -------- d-----w- c:\windows\system32\Wat
2010-06-10 16:24 . 2010-05-01 14:49 2326528 ----a-w- c:\windows\system32\win32k.sys
2010-06-10 16:24 . 2010-03-05 07:42 67584 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-10 16:23 . 2010-05-21 05:18 977920 ----a-w- c:\windows\system32\wininet.dll
2010-06-10 16:23 . 2010-05-27 07:24 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-10 16:23 . 2010-05-27 03:49 293888 ----a-w- c:\windows\system32\atmfd.dll
2010-06-06 08:32 . 1999-05-29 08:08 45568 ----a-w- c:\windows\UniFish3.exe
2010-06-06 08:32 . 2010-06-06 08:32 -------- d-----w- c:\program files\Hasbro Interactive
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-05 09:47 . 2010-05-02 11:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar
2010-07-05 09:46 . 2009-08-19 16:28 -------- d-----w- c:\users\Coen\AppData\Roaming\WTablet
2010-07-03 20:22 . 2008-09-01 14:26 -------- d-----w- c:\users\Coen\AppData\Roaming\uTorrent
2010-07-03 13:45 . 2010-07-03 13:45 -------- d-----w- c:\program files\CCleaner
2010-07-01 14:34 . 2009-05-02 13:41 -------- d-----w- c:\program files\Common Files\Apple
2010-06-29 19:22 . 2010-04-26 14:04 -------- d-----w- c:\program files\Microsoft Security Essentials
2010-06-29 13:52 . 2009-11-28 02:53 691490 ----a-w- c:\windows\system32\perfh013.dat
2010-06-29 13:52 . 2009-11-28 02:53 130026 ----a-w- c:\windows\system32\perfc013.dat
2010-06-29 12:55 . 2008-08-10 13:03 -------- d-----w- c:\program files\SUPERAntiSpyware
2010-06-10 20:00 . 2008-01-31 15:49 -------- d-----w- c:\programdata\Microsoft Help
2010-06-06 20:04 . 2008-06-21 16:00 -------- d-----w- c:\users\Coen\AppData\Roaming\LimeWire
2010-06-06 08:32 . 2008-06-23 19:34 227 ----a-w- c:\windows\PowerReg.dat
2010-06-05 11:12 . 2008-09-13 16:03 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-01 17:37 . 2009-10-03 06:40 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-27 16:05 . 2010-05-17 14:08 138968 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2010-05-27 16:04 . 2010-05-17 14:08 214592 ----a-w- c:\windows\system32\PnkBstrB.exe
2010-05-27 15:24 . 2010-05-27 15:24 -------- d-----w- c:\program files\EA Sports
2010-05-27 15:24 . 2010-05-17 14:08 139152 ----a-w- c:\users\Coen\AppData\Roaming\PnkBstrK.sys
2010-05-27 15:24 . 2010-05-17 14:08 139152 ----a-w- c:\users\Coen\AppData\Roaming\PnkBstrK.sys
2010-05-27 15:23 . 2010-05-27 15:23 794408 ----a-w- c:\windows\system32\pbsvc.exe
2010-05-23 21:00 . 2010-05-23 21:00 -------- d-----w- c:\program files\SlySoft
2010-05-19 13:58 . 2008-07-06 12:56 -------- d-----w- c:\program files\Google
2010-05-18 14:35 . 2010-05-18 14:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 14:35 . 2010-05-18 14:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-17 14:08 . 2010-05-17 14:08 75064 ----a-w- c:\windows\system32\PnkBstrA.exe
2010-05-17 14:08 . 2010-05-17 14:07 2427248 ----a-w- c:\windows\system32\pbsvc_heroes.exe
2010-05-17 13:54 . 2010-05-17 13:54 -------- d-----w- c:\program files\EA Games
2010-05-13 15:33 . 2010-05-13 15:32 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-13 15:29 . 2010-05-13 15:29 -------- d-----w- c:\program files\Apple Software Update
2010-05-12 21:04 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-05-02 11:53 . 2008-07-04 15:10 691696 ----a-w- c:\windows\system32\drivers\sptd.sys
2010-04-26 13:48 . 2010-04-26 13:48 36489 ----a-w- c:\programdata\Microsoft\Windows Defender\LocalCopy\{CE0CBE1D-84B6-4BAB-A32E-9072C90E81DC}-camsxrewno.exe
2010-04-23 07:13 . 2010-05-26 09:37 2048 ----a-w- c:\windows\system32\tzres.dll
2010-04-19 18:47 . 2010-04-19 18:47 3062048 ----a-w- c:\windows\system32\usbaaplrc.dll
2010-04-19 18:47 . 2010-04-19 18:47 41984 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2010-01-31 14:41 . 2010-01-31 14:41 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-01-25 09:05 . 2009-01-17 17:25 2516 --sha-w- c:\windows\System32\KGyGaAvL.sys
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"Google Update"="c:\users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-06-15 133104]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-01-31 30192]
"MSSE"="c:\program files\Microsoft Security Essentials\msseces.exe" [2010-06-01 1093208]
"CloneCDTray"="c:\program files\SlySoft\CloneCD\CloneCDTray.exe" [2009-01-29 57344]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2007-04-19 11:41 294912 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~4\GoogleDesktopNetwork3.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Alias SketchBook Snapshot.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Alias SketchBook Snapshot.lnk
backup=c:\windows\pss\Alias SketchBook Snapshot.lnk.CommonStartup
backupExtension=.CommonStartup
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RKLauncher.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\RKLauncher.lnk
backup=c:\windows\pss\RKLauncher.lnk.CommonStartup
backupExtension=.CommonStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2009-02-27 15:10 35696 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-04-01 09:39 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
2009-07-14 01:14 144384 ----a-w- c:\windows\ehome\ehtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-06-15 18:53 133104 ----atw- c:\users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2010-06-15 14:33 141624 ----a-w- c:\program files\iTunes\iTunesHelper.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
2009-07-26 15:44 3883856 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2010-03-18 20:16 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
2007-10-01 10:53 4702208 ----a-w- c:\windows\RtHDVCpl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
2009-07-14 01:14 1173504 ----a-w- c:\program files\Windows Sidebar\sidebar.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
2007-08-03 12:22 1826816 ----a-w- c:\windows\SkyTel.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2009-08-05 15:39 149280 ----a-w- c:\program files\Java\jre6\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2008-08-10 13:06 1506544 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vptray]
2001-09-24 05:59 73728 ----a-w- c:\program files\NavNT\vptray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMPNSCFG]
2009-07-14 01:14 65024 ----a-w- c:\program files\Windows Media Player\wmpnscfg.exe
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2009-11-19 133104]
R3 GoogleDesktopManager-110309-193829;Google Desktop Manager 5.9.911.3589;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2010-01-31 30192]
R3 libusb0;LibUsb-Win32 - Kernel Driver, Version 0.1.12.1;c:\windows\system32\drivers\libusb0.sys [2007-03-20 16896]
R3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [2010-03-25 42368]
R3 PsSdk41;PsSdk41;c:\windows\system32\Drivers\pssdk41.sys [2008-09-27 36928]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-05-28 7408]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-06-14 1343400]
R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [2010-05-02 691696]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2008-05-28 8944]
S1 SAS***IL;SAS***IL;c:\program files\SUPERAntiSpyware\SAS***IL.sys [2008-05-28 55024]
S2 TabletServicePen;TabletServicePen;c:\windows\system32\Pen_Tablet.exe [2007-09-07 1373480]
S3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\DRIVERS\l160x86.sys [2007-12-17 46592]
S3 cmipci;CMI8738/8768 Audio Driver;c:\windows\system32\drivers\cmipci.sys [2009-07-13 37888]
.
Inhoud van de 'Gedeelde Taken' map
2009-11-28 c:\windows\Tasks\Driver Robot.job
- c:\program files\Driver Robot\1.1.0.14\DriverRobot.exe [2009-11-28 12:53]
2010-07-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-11-19 14:36]
2010-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-19 14:36]
2010-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-11-19 14:36]
2010-07-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1551541229-928173531-1750534008-1000Core.job
- c:\users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-15 18:53]
2010-07-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1551541229-928173531-1750534008-1000UA.job
- c:\users\Coen\AppData\Local\Google\Update\GoogleUpdate.exe [2009-06-15 18:53]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.daemon-search.com/startpage
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5577
uSearchURL,(Default) = hxxp://www.google.com/search/?q=%s
FF - ProfilePath - c:\users\Coen\AppData\Roaming\Mozilla\Firefox\Profiles\esknjg27.default\
FF - prefs.js: browser.search.selectedEngine - DAEMON Search
FF - prefs.js: browser.startup.homepage - hxxp://www.daemon-search.com/startpage|Google
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - component: c:\users\Coen\AppData\Roaming\Mozilla\Firefox\Profiles\esknjg27.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll
FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1739.5352\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\users\Coen\AppData\Local\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: c:\users\Coen\AppData\Roaming\Mozilla\Firefox\Profiles\esknjg27.default\extensions\battlefieldheroespatcher@ea.com\platform\WINNT_x86-msvc\plugins\npBFHUpdater.dll
FF - plugin: c:\windows\system32\Wat\npWatWeb.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
.
- - - - ORPHANS VERWIJDERD - - - -
AddRemove-Euroglot 4.5 - c:\program files\Linguistic Systems\Euroglot Professional 4.5\uninstall.exe
AddRemove-BitTorrent DNA - c:\users\Coen\Program Files\DNA\btdna.exe
.
Voltooingstijd: 2010-07-05 12:03:42
ComboFix-quarantined-files.txt 2010-07-05 10:03
Pre-Run: 28.449.251.328 bytes beschikbaar
Post-Run: 28.144.558.080 bytes beschikbaar
- - End Of File - - CA3DB1900F8C20DCEC379D63415F042F
-
Hallo
Een paar dagen geleden kreeg ik te maken met het virus Antimalware doctor waarna ik wat problemen heb met wat internet mogelijkheden.
Ik heb het virus verwijderd met het programma MBAM (Malwarebytes Anti-Malware).
Veder geen problemen dacht ik maar ik had het mis. Google chrome/earth, internet explorer, msn en ithunes werken niet meer.
Ze werken wel, maar maken geen verbinding meer met internet.
De melding die ik krijg is (op ithunes): Ithunes kan geen verbinding maken met de ithunes store. Er heeft zich een time-out van de netwerkverbinding voorgedaan. Bij msn zegt hij dat het probleem de proxy en key poorten zijn. Mozilla werkt gewoon nog wel.
Help mij alsjeblieft
Alvast bedankt!
Coen
security tools probleem
in Archief Bestrijding malware & virussen
Geplaatst:
Ik heb het wel verwijderd, het logje had ik alleen voor het verwijderen opgeslagen.
nieuwe log (uitgebreide scan)
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Databaseversie: 4615
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
14-9-2010 20:36:26
mbam-log-2010-09-14 (20-36-26).txt
Scantype: Volledige scan (C:\|D:\|)
Objecten gescand: 258733
Verstreken tijd: 41 minuut/minuten, 17 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 1
Registersleutels geïnfecteerd: 4
Registerwaarden geïnfecteerd: 2
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 20
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
C:\Users\Coen\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
Registersleutels geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\OTGV1DNWQQ (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\YXE7DXCQ37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\metropolis (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\yxe7dxcq37 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
C:\Users\Coen\AppData\Local\37794.exe (Rogue.SecurityTool) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\stp8819c.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\sxcfgslr.exe (Rogue.SecuritySolutionsScanner) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\wnoeracsxm.exe (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clg.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Cli.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clj.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\coexwsanmr.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clf.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\17g3i7.exe (Trojan.Alureon) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clb.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Clc.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Cle.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Roaming\CAA7B7696394E04CBA00F31712BF9E3F\handlerfix70700en00.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Roaming\Microsoft\Windows\Templates\memory.tmp (Rootkit.Agent.Gen) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\hgqnaew.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Coen\AppData\Local\Temp\Cld.exe (Trojan.FakeAlert) -> Delete on reboot.