ik heb een virus dat een boel andere virusen op mijn computer download.
en opent een IE venster dat zogenaamd deze computer is die gescant word
dan zegt hij dat ik virusen heb en een antivirus moet downloaden
Hier is mijn malwarebytes log:
Het gaat om dit betsnd
Ik heb me pc al eens geformateerd maar ik denk dat hij zich op alle usb's etc verstopt want die hebben allemaal een autorun.inf bestand dat niet weg of open wil en ik heb een internetloze pc geinfecteerd met hetzelfde virus.
Kan iemand mij vertellen hoe ik dit virus kan tegehouden?
en opent een IE venster dat zogenaamd deze computer is die gescant word
dan zegt hij dat ik virusen heb en een antivirus moet downloaden
Hier is mijn malwarebytes log:
Code:
Malwarebytes' Anti-Malware 1.39
Database version: 2523
Windows 5.1.2600 Dodatek Service Pack 2
2009-08-11 14:05:06
mbam-log-2009-08-11 (14-05-06).txt
Scan type: Quick Scan
Objects scanned: 75090
Time elapsed: 3 minute(s), 20 second(s)
Memory Processes Infected: 4
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 15
Memory Processes Infected:
C:\WINDOWS\system32\net.net (Trojan.Downloader) -> Unloaded process successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\osnwmarexc.tmp (Trojan.TDSS) -> Unloaded process successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\rasvsnet.tmp (Trojan.TDSS) -> Unloaded process successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\av care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Documents and Settings\Olek\Menu Start\Programy\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\Program Files\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\osnwmarexc.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\rasvsnet.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\AV Care\AVCare.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\Olek\menu start\Programy\AV Care\AV Care.lnk (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\avc.ico (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\AVCare.ini (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\PP.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\Uninstall.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\b.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Pulpit\AV Care.lnk (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.Het gaat om dit betsnd
Code:
Malwarebytes' Anti-Malware 1.39
Database version: 2523
Windows 5.1.2600 Dodatek Service Pack 2
2009-08-11 14:08:28
mbam-log-2009-08-11 (14-08-28).txt
Scan type: Quick Scan
Objects scanned: 74678
Time elapsed: 1 minute(s), 34 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)Ik heb me pc al eens geformateerd maar ik denk dat hij zich op alle usb's etc verstopt want die hebben allemaal een autorun.inf bestand dat niet weg of open wil en ik heb een internetloze pc geinfecteerd met hetzelfde virus.
Kan iemand mij vertellen hoe ik dit virus kan tegehouden?
