geïnfecteerd of niet?

Status
Niet open voor verdere reacties.
E

Evadoc

Gebruiker
Lid geworden
19 feb 2011
Berichten
6
Ik krijg een pop-up dat ik een virusinfectie heb met een vermelding van ms.exe . Ik heb mijn virusscanner er op losgelaten (McAfee) en die vond iets en heeft het opgelost. Toch blijft de popup terugkomen. En ja, ook de vuilbak is helemaal leeg en de temp internet geschiedenis ook.
 
Prima! Zal ik doen!
Dit is btw de boodschap in de popup:

Message : Alerte VirusScan !

Date et heure : 19/02/2011 22:Nom46:10

Nom : C:\Documents and Settings\u0064437\ms.exe

Ecté et tant que : DétGeneric.dx!vzy

État : Supprimé
 
En nu in het nederlands? :P

Marreh, grote kans dat Malwarebytes 'em pakt als virus, ik zie morgen het resultaat wel.
 
Kijk aan er zit dus toch vuiligheid op de laptop:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5817

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20/02/2011 13:07:34
mbam-log-2011-02-20 (13-06-55).txt

Scan type: Full scan (C:\|)
Objects scanned: 279369
Time elapsed: 52 minute(s), 38 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 30

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> No action taken.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413 (Worm.AutoRun) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) -> No action taken.

Files Infected:
c:\xdx.exe (Trojan.Agent) -> No action taken.
c:\documents and settings\u0064437\bnet.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\dq.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\serv.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\serv8.exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\local settings\temporary internet files\Content.IE5\CPFF3ZFQ\serv8[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\local settings\temporary internet files\Content.IE5\HO7MZKWV\dq[1].exe (Trojan.Downloader) -> No action taken.
c:\documents and settings\u0064437\local settings\temporary internet files\Content.IE5\YEDTFSS2\bnet[1].exe (Trojan.Downloader) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe (Spyware.Passwords.XGen) -> No action taken.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413\syitm.exe (Trojan.Downloader) -> No action taken.
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP340\A0109285.exe (Worm.Palevo) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP340\A0109286.exe (Trojan.Autorun) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP341\A0109317.exe (Trojan.Autorun) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109726.exe (Worm.Palevo) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109591.exe (Worm.Palevo) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109592.exe (Worm.Palevo) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109719.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109720.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109727.exe (Trojan.Autorun) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109736.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109737.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109747.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109748.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109749.exe (Trojan.Downloader) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109766.exe (Worm.Palevo) -> No action taken.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109767.exe (Spyware.Passwords.XGen) -> No action taken.
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> No action taken.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413\Desktop.ini (Worm.AutoRun) -> No action taken.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) -> No action taken.
 
Waarom is er nog niks tegen gedaan dan? Malwarebytes hoort ze namelijk automatisch te verwijderen, of in de quarantaine te plaatsen..
 
Er stonden 3 bestandjes in quarantaine. Die zijn verwijderd. Oa een backdoor.agent 2x
 
Blijkbaar de 1e x niet goed uitgevoerd want die rottigheid kwam terug. Nog een x gedaan en nu is wel alles verwijderd (denk ik).
Dit is het logje:
Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5817

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

20/02/2011 16:11:23
mbam-log-2011-02-20 (16-11-23).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 279113
Time elapsed: 40 minute(s), 47 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 29

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413 (Worm.AutoRun) -> Quarantined and deleted successfully.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) -> Quarantined and deleted successfully.

Files Infected:
c:\xdx.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\u0064437\bnet.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\u0064437\dq.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\u0064437\serv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\u0064437\serv8.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\u0064437\local settings\temporary internet files\Content.IE5\CPFF3ZFQ\serv8[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413\syitm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP340\A0109285.exe (Worm.Palevo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP340\A0109286.exe (Trojan.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP341\A0109317.exe (Trojan.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109726.exe (Worm.Palevo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109591.exe (Worm.Palevo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109592.exe (Worm.Palevo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109719.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109720.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109727.exe (Trojan.Autorun) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109736.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109737.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109747.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109748.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109749.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109766.exe (Worm.Palevo) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP344\A0109767.exe (Spyware.Passwords.XGen) -> Quarantined and deleted successfully.
c:\system volume information\_restore{58a29326-4882-429b-aa4d-1ff09c896476}\RP345\A0109859.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
c:\RECYCLER\s-1-5-21-0243556031-888888379-781863308-1413\Desktop.ini (Worm.AutoRun) -> Quarantined and deleted successfully.
c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) -> Quarantined and deleted successfully.
 
Kijk. Dat is al beter. Scan nu nog een keer volledig, en als 'ie dan niks vind, kan je er wel vanuit gaan dat het spul weg is.
 
Deze week nog een keertje gescand en er nog 3 uit gehaald, daarna nogmaals en toen was t schoon. Opgelost dus. Oef!
Bedankt voor de assistentie!
 
Status
Niet open voor verdere reacties.
                    Steun ons                    

Nieuwste berichten

Terug
Bovenaan Onderaan