Hallo beste mensen van helpmij, mijn zoon heeft bij het msn'en (Windows Life Messenger) op een bestandje geklikt waarin iets stond over nokia en ben jij dit op deze foto
en ja hoor! zijn pc is nu besmet.
Telkens wanneer hij nu op msn is, verstuurd hij bestandjes naar zijn online contacten en kan hij pas weer verder gaan na afsluiten en opnieuw opstarten van msn.
Ik probeer nu al een paar dagen het virus weg te krijgen, maar dit is blijkbaar een hardnekkige.
Ik heb gescant met Adaware, Spybot and Destroy en de virusscanner Avast! en de online scanner van Kaspersky.
Alles wat gevonden is met Adaware, Spybot en Avast heb ik verwijderd.
Kaspersky blijft echter van alles vinden en ik weet niet hoe ik dat kan verwijderen. Erachter staat iets van skipped en eerlijk gezegd weet ik niet wat dat is
Hier is een log van kaspersky en ik hoop dat iemand mij kan helpen.
Tuesday, November 13, 2007 4:09:14 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.84.0
Kaspersky Anti-Virus database last update: 13/11/2007
Kaspersky Anti-Virus database records: 429162
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
Scan Statistics
Total number of scanned objects 77574
Number of viruses found 3
Number of infected objects 11 / 0
Number of suspicious objects 0
Duration of the scan process 01:09:11
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Geschiedenis\History.IE5\MSHist012007111320071114\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temp\~DFC960.tmp Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temp\~DFEB7B.tmp Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\K1QF4H6F\17PHolmes[1].cmt Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\OL81E7S5\dance2[1].jpg Infected: Backdoor.Win32.SdBot.cgz skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\YEF3HOBF\wr-1-1148[1].jpg Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\Documents and Settings\Jan Arts\ntuser.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\ir-1-1148.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP250\A0038854.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP250\A0038889.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP253\change.log Object is locked skipped
C:\WINDOWS\ccSvcHst.exe Infected: Backdoor.Win32.SdBot.cgz skipped
C:\WINDOWS\Dance_dec_jpg.zip/www.Dance_dec_jpg_Msn.com Infected: Backdoor.Win32.SdBot.cgz skipped
C:\WINDOWS\Dance_dec_jpg.zip ZIP: infected - 1 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\mrofinu1148.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\WINDOWS\mrofinu1148.exe.tmp Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{8A45F645-ACF0-475C-82EF-CC6D8A815005}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_488.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Op voorhand hartelijk dank.
Gr. Wilma
en ja hoor! zijn pc is nu besmet.Telkens wanneer hij nu op msn is, verstuurd hij bestandjes naar zijn online contacten en kan hij pas weer verder gaan na afsluiten en opnieuw opstarten van msn.
Ik probeer nu al een paar dagen het virus weg te krijgen, maar dit is blijkbaar een hardnekkige.
Ik heb gescant met Adaware, Spybot and Destroy en de virusscanner Avast! en de online scanner van Kaspersky.
Alles wat gevonden is met Adaware, Spybot en Avast heb ik verwijderd.
Kaspersky blijft echter van alles vinden en ik weet niet hoe ik dat kan verwijderen. Erachter staat iets van skipped en eerlijk gezegd weet ik niet wat dat is
Hier is een log van kaspersky en ik hoop dat iemand mij kan helpen.
Tuesday, November 13, 2007 4:09:14 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 1 (Build 2600)
Kaspersky Online Scanner version: 5.0.84.0
Kaspersky Anti-Virus database last update: 13/11/2007
Kaspersky Anti-Virus database records: 429162
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
D:\
Scan Statistics
Total number of scanned objects 77574
Number of viruses found 3
Number of infected objects 11 / 0
Number of suspicious objects 0
Duration of the scan process 01:09:11
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Geschiedenis\History.IE5\MSHist012007111320071114\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temp\~DFC960.tmp Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temp\~DFEB7B.tmp Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\K1QF4H6F\17PHolmes[1].cmt Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\OL81E7S5\dance2[1].jpg Infected: Backdoor.Win32.SdBot.cgz skipped
C:\Documents and Settings\Jan Arts\Local Settings\Temporary Internet Files\Content.IE5\YEF3HOBF\wr-1-1148[1].jpg Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\Documents and Settings\Jan Arts\ntuser.dat Object is locked skipped
C:\Documents and Settings\Jan Arts\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Geschiedenis\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\ir-1-1148.exe Infected: Trojan-Downloader.Win32.Small.gll skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP250\A0038854.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP250\A0038889.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\System Volume Information\_restore{C78A737E-5B1B-4BB2-AF44-66EABB161256}\RP253\change.log Object is locked skipped
C:\WINDOWS\ccSvcHst.exe Infected: Backdoor.Win32.SdBot.cgz skipped
C:\WINDOWS\Dance_dec_jpg.zip/www.Dance_dec_jpg_Msn.com Infected: Backdoor.Win32.SdBot.cgz skipped
C:\WINDOWS\Dance_dec_jpg.zip ZIP: infected - 1 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\mrofinu1148.exe Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\WINDOWS\mrofinu1148.exe.tmp Infected: Trojan-Downloader.Win32.Agent.fak skipped
C:\WINDOWS\SoftwareDistribution\EventCache\{8A45F645-ACF0-475C-82EF-CC6D8A815005}.bin Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_488.dat Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Op voorhand hartelijk dank.
Gr. Wilma
