Mededeling

Collapse
No announcement yet.

virusscanner

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • virusscanner

    Na een update van Avast deed mijn email (Eudora) het niet meer. Emphyrio heeft mij hierbij geholpen en nu doet Eudora het weer. Avast is nu wel van mijn computer af. Emphyrio raadde mij BitDefender aan. Ik heb dit gedownload maar krijg het alleen maar in het Roemeens. Ik kan de taal niet veranderen. Heb het nu weer verwijderd want ik kan helaas geen Roemeens... Emphyrio heeft mij doorverwezen naar dit deel van het forum.

    Ik ben dus eigenlijk op zoek naar een goede, nieuwe (gratis) virusscanner (in het Nederlands ipv in het Roemeens). Wie kan mij helpen? Ik heb voor de zekerheid wel alle logjes gemaakt:

    Malwarebytes Anti-Malware
    www.malwarebytes.org

    Scandatum: 17-5-2015
    Scantijd: 9:24:54
    Logbestand: mbamlog.txt
    Beheerder: Ja

    Versie: 2.01.6.1022
    Malware Gegevensbestand: v2015.05.16.06
    Rootkit Gegevensbestand: v2015.05.16.01
    Licentie: Gratis
    Malwarebescherming: Uitgeschakeld
    Kwaadaardige Website Bescherming: Uitgeschakeld
    Zelfbescherming: Uitgeschakeld

    Besturingssysteem: Windows Vista Service Pack 2
    Processor: x86
    Bestandssysteem: NTFS
    Gebruiker: Myrthe

    Scantype: Aangepaste Scan
    Resultaat: Voltooid
    Objecten Gescand: 256879
    Verstreken Tijd: 1 m, 30 s

    Geheugen: Uitgeschakeld
    Opstarten: Uitgeschakeld
    Bestandssysteem: Uitgeschakeld
    Archieven: Uitgeschakeld
    Rootkits: Ingeschakeld
    Heuristiek: Ingeschakeld
    POP: Ingeschakeld
    POA: Ingeschakeld

    Processen: 0
    (Geen kwaadaardige items gedetecteerd)

    Modules: 0
    (Geen kwaadaardige items gedetecteerd)

    Registersleutels: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerwaardes: 0
    (Geen kwaadaardige items gedetecteerd)

    Registerdata: 0
    (Geen kwaadaardige items gedetecteerd)

    Mappen: 0
    (Geen kwaadaardige items gedetecteerd)

    Bestanden: 0
    (Geen kwaadaardige items gedetecteerd)

    Fysieke Sectoren: 0
    (Geen kwaadaardige items gedetecteerd)


    (end)

    # AdwCleaner v4.204 - Logbestand aangemaakt 17/05/2015 op 09:29:24
    # Laatste update 12/05/2015 door Xplode
    # Database : 2015-05-12.2 [Server]
    # Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (x86)
    # Gebruikersnaam : Myrthe - PC_VAN_MYRTHE
    # Gestart vanuit : C:\Users\Myrthe\Desktop\adwcleaner_4.204.exe
    # Optie : Verwijderen

    ***** [ Services ] *****


    ***** [ Bestanden / Mappen ] *****


    ***** [ Geplande taken ] *****


    ***** [ Snelkoppelingen ] *****


    ***** [ Register ] *****

    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Jotzey
    Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{65739FA2-0444-4AB2-B598-872406539EBD}
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
    Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF
    Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.com
    Gegevens Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>;*.local

    ***** [ Webbrowsers ] *****

    -\\ Internet Explorer v9.0.8112.16514


    -\\ Mozilla Firefox v


    -\\ Google Chrome v42.0.2311.152


    *************************

    AdwCleaner[R0].txt - [2844 bytes] - [17/05/2015 09:28:25]
    AdwCleaner[S0].txt - [2805 bytes] - [17/05/2015 09:29:24]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2864 bytes] ##########

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 9.0.8112.16514
    Run by Myrthe at 9:33:40 on 2015-05-17
    .
    ============== Running Processes ================
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\atieclxx.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    C:\Windows\system32\AERTSrv.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    C:\Windows\servicing\TrustedInstaller.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Users\Myrthe\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Glary Utilities 5\Integrator.exe
    C:\Program Files\Bitdefender\Antivirus Free Edition\Install\Installer.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil32_17_0_0_169_ActiveX.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.startpagina.nl/
    uSearch Bar = Preserve
    BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:\program files\canon\easy-webprint ex\ewpexbho.dll
    BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:\program files\canon\easy-webprint ex\ewpexhlp.dll
    uRun: [GUDelayStartup] "c:\program files\glary utilities 5\StartupManager.exe" -delayrun
    uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe
    mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [InstallerLauncher] "c:\program files\bitdefender\antivirus free edition\install\setuplauncher.exe" /run:"c:\program files\bitdefender\antivirus free edition\install\Installer.exe"
    mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: SoftwareSASGeneration = dword:1
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {41861299-EAB2-4DCC-986C-802AE12AC499} - hxxps://srs.hs-ipabo.edu/REPORTS/Reserved.ReportViewerWebControl.axd?ReportSession=tux5vvi5sguatw45m2q0treq&ControlID=5ec4cc6e393f442 c84b87bde294fdc26&Culture=1043&UICulture=9&ReportStack=1&OpType=PrintCab
    DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} - hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect121.cab
    TCP: NameServer = 195.121.1.34 195.121.1.66
    TCP: Interfaces\{2612DCE8-B7A2-4BDE-AF1D-1D4CA3ECC9C3} : DHCPNameServer = 195.121.1.34 195.121.1.66
    TCP: Interfaces\{4A85FA0D-A5E3-471F-B0A8-AD8E4C4648D7} : DHCPNameServer = 192.168.2.1
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
    Notify: FastAccess - <no file>
    LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\42.0.2311.152\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    .
    ============= SERVICES / DRIVERS ===============
    .
    R? avckf;avckf
    R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
    R? FACAP;facap, FastAccess Video Capture
    R? gzflt;gzflt
    R? gzserv;Bitdefender Antivirus Free Edition
    R? MBAMService;MBAMService
    R? MBAMWebAccessControl;MBAMWebAccessControl
    R? Origin Client Service;Origin Client Service
    R? Revoflt;Revoflt
    R? SkypeUpdate;Skype Updater
    R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
    S? AERTFilters;Andrea RT Filters Service
    S? AMD External Events Utility;AMD External Events Utility
    S? avc3;avc3
    S? FontCache;Windows Font Cache Service
    S? GUBootStartup;GUBootStartup
    S? MBAMProtector;MBAMProtector
    S? RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter
    S? RtNdPt60;Realtek NDIS Protocol Driver
    S? SBSDWSCService;SBSD Security Center Service
    .
    =============== Created Last 30 ================
    .
    2015-05-17 07:33:14 19232 ----a-w- c:\programdata\1431847994.2804.bin
    2015-05-17 07:28:11 -------- d-----w- C:\AdwCleaner
    2015-05-17 07:17:11 58408 ----a-w- c:\programdata\1431846904.bdinstall.bin
    2015-05-17 07:15:03 37408 ----a-w- c:\programdata\1431846902.bdinstall.bin
    2015-05-17 07:12:49 171622 ----a-w- c:\programdata\1431846686.bdinstall.bin
    2015-05-17 07:12:36 34198 ----a-w- c:\programdata\1431846752.bdinstall.bin
    2015-05-17 07:11:58 1461992 ----a-w- c:\windows\system32\WdfCoInstaller01009.dll
    2015-05-17 07:11:56 633344 ----a-w- c:\windows\system32\drivers\avc3.sys
    2015-05-17 07:11:56 486536 ----a-w- c:\windows\system32\drivers\avckf.sys
    2015-05-17 07:11:56 242504 ----a-w- c:\windows\system32\drivers\avchv.sys
    2015-05-17 07:11:56 -------- d-----w- c:\program files\Bitdefender
    2015-05-17 07:11:47 355744 ----a-w- c:\windows\system32\drivers\trufos.sys
    2015-05-17 07:11:47 164952 ----a-w- c:\windows\system32\drivers\gzflt.sys
    2015-05-15 06:26:34 34198 ----a-w- c:\programdata\1431671186.bdinstall.bin
    2015-05-15 06:23:34 30144 ----a-w- c:\programdata\1431669142.2244.bin
    2015-05-15 06:13:51 9201616 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{3f8c6eb9-8930-4cac-9dd3-84efed379e7d}\mpengine.dll
    2015-05-15 05:57:45 2333 ----a-w- c:\programdata\1431669142.6004.bin
    2015-05-15 05:57:43 9925 ----a-w- c:\programdata\1431669142.5956.bin
    2015-05-15 05:57:43 507 ----a-w- c:\programdata\1431669142.5964.bin
    2015-05-15 05:57:08 14495 ----a-w- c:\programdata\1431669142.5688.bin
    2015-05-15 05:53:44 7665 ----a-w- c:\programdata\1431669142.4180.bin
    2015-05-15 05:53:34 3510 ----a-w- c:\programdata\1431669142.4136.bin
    2015-05-15 05:52:22 49300 ----a-w- c:\programdata\1431669142.3980.bin
    2015-05-14 15:33:32 44898 ----a-w- c:\programdata\1431617470.bdinstall.bin
    2015-05-14 15:06:42 44904 ----a-w- c:\programdata\1431615979.bdinstall.bin
    2015-05-14 15:06:19 -------- d-----w- c:\users\myrthe\appdata\roaming\QuickScan
    .
    ==================== Find3M ====================
    .
    2015-05-17 07:24:54 119512 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
    2015-04-15 15:09:27 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2015-04-15 15:09:27 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2015-04-14 07:37:50 51928 ----a-w- c:\windows\system32\drivers\mwac.sys
    2015-04-14 07:37:44 92888 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
    2015-04-14 07:37:42 23256 ----a-w- c:\windows\system32\drivers\mbam.sys
    2015-02-24 02:23:36 246920 ------w- c:\windows\system32\MpSigStub.exe
    2008-06-21 17:31:08 50688 ----a-w- c:\program files\ATF-Cleaner.exe
    .
    ============= FINISH: 9:36:04,57 ===============
    GMER 2.1.19357 - http://www.gmer.net
    Rootkit scan 2015-05-17 10:01:34
    Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 SAMSUNG_HD103SJ rev.1AJ10001 931,51GB
    Running: 0fusrsxp.exe; Driver: C:\Users\Myrthe\AppData\Local\Temp\kgdcyuob.sys


    ---- Kernel code sections - GMER 2.1 ----

    .text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8FE10000, 0x2BFBF0, 0xE8000020]

    ---- User code sections - GMER 2.1 ----

    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!EnableWindow 76FFCD8B 5 Bytes JMP 6CC49ED4 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!DialogBoxParamW 770210B0 5 Bytes JMP 6CBA189B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!DialogBoxIndirectParamW 77022EF5 5 Bytes JMP 6CD99186 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!DialogBoxParamA 77038152 5 Bytes JMP 6CD99121 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!DialogBoxIndirectParamA 7703847D 5 Bytes JMP 6CD991EB C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!MessageBoxIndirectA 7704D4D9 5 Bytes JMP 6CD990A8 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!MessageBoxIndirectW 7704D5D3 5 Bytes JMP 6CD9902F C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!MessageBoxExA 7704D639 5 Bytes JMP 6CD98FCB C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3112] USER32.dll!MessageBoxExW 7704D65D 5 Bytes JMP 6CD98F67 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] kernel32.dll!CreateThread 7691CB0E 5 Bytes JMP 6CC075E3 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateDialogParamW 76FF72A2 5 Bytes JMP 6CD994F0 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!GetAsyncKeyState 76FF863C 5 Bytes JMP 6CBEDEDD C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!SetWindowsHookExW 76FF87AD 5 Bytes JMP 6CC425CC C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CallNextHookEx 76FF8E3B 5 Bytes JMP 6CC67FF1 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!UnhookWindowsHookEx 76FF98DB 5 Bytes JMP 6CC8ED14 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!EnableWindow 76FFCD8B 5 Bytes JMP 6CC49ED4 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DefWindowProcA 76FFDB88 7 Bytes JMP 6CC0980D C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateWindowExA 76FFDC2A 5 Bytes JMP 6CC13643 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateWindowExW 77001305 5 Bytes JMP 6CC703DF C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!GetKeyState 77008CB1 5 Bytes JMP 6CBEDDB3 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DefWindowProcW 770103B4 7 Bytes JMP 6CC68054 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!IsDialogMessageW 77010745 5 Bytes JMP 6CD99C4A C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateDialogParamA 770117AA 5 Bytes JMP 6CD994B8 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!IsDialogMessage 77011847 5 Bytes JMP 6CD99C22 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateDialogIndirectParamA 770126F1 5 Bytes JMP 6CD99528 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!CreateDialogIndirectParamW 77019A62 5 Bytes JMP 6CD99560 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!SetKeyboardState 77020987 5 Bytes JMP 6CD9A511 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxParamW 770210B0 5 Bytes JMP 6CBA189B C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxIndirectParamW 77022EF5 5 Bytes JMP 6CD99186 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!SendInput 77022F75 5 Bytes JMP 6CD9A4B9 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!EndDialog 7702326E 5 Bytes JMP 6CD99EF6 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!SetCursorPos 77036FB2 5 Bytes JMP 6CD9A592 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxParamA 77038152 5 Bytes JMP 6CD99121 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!DialogBoxIndirectParamA 7703847D 5 Bytes JMP 6CD991EB C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxIndirectA 7704D4D9 5 Bytes JMP 6CD990A8 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxIndirectW 7704D5D3 5 Bytes JMP 6CD9902F C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxExA 7704D639 5 Bytes JMP 6CD98FCB C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!MessageBoxExW 7704D65D 5 Bytes JMP 6CD98F67 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!keybd_event 7704D972 1 Byte [E9]
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] USER32.dll!keybd_event 7704D972 5 Bytes JMP 6CD9A476 C:\Windows\system32\IEFRAME.dll
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] SHELL32.dll!SHRestricted + D95 75DE89A8 4 Bytes [CF, 01, E7, 6B]
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] SHELL32.dll!SHRestricted + D9D 75DE89B0 8 Bytes [E0, 61, E6, 6B, 79, F7, E6, ...] {LOOPNZ 0x63; OUT 0x6b, AL; JNS 0xfffffffd; OUT 0x6b, AL}
    .text C:\Program Files\Internet Explorer\iexplore.exe[3168] ole32.dll!OleLoadFromStream 77171E80 5 Bytes JMP 6CD99954 C:\Windows\system32\IEFRAME.dll

    ---- User IAT/EAT - GMER 2.1 ----

    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [74187817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [741CB4F1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [7418BB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [7417F695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [741875E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [7417E7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [741B73F5] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [7418DA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [7417FFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [7417FF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [741771CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [7420CB00] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [741AC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [7417D968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [74176853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [7417687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll
    IAT C:\Windows\Explorer.EXE[3064] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [74182AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18813_none_9e51e050ca1696a 4\gdiplus.dll

    ---- EOF - GMER 2.1 ----

  • #2
    Installeer Bitdefender Free eens van hier:

    x86 (32 bits) versie: http://www.filedropper.com/antivirusfreeeditionx86

    x64 (64 bits) versie: http://www.filedropper.com/antivirusfreeeditionx64_2
    Last edited by Emphyrio; 17-05-15, 11:56.
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      Ik krijg weer de Roemeense versie. Er staat wel een balkje waar je de taal kunt veranderen maar daar kan ik niet op klikken. Dat werkt niet...

      Comment


      • #4
        Hier staat uitgelegd hoe je de englische taal insteld: http://forum.bitdefender.com/index.php?showtopic=48775
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Bitdefender installeren is mij toch even te moeilijk. Ik heb nu toch geprobeerd om Avast weer te installeren. E-mail doet het gelukkig nog. Geeft Avast mij ook genoeg bescherming?

          Comment


          • #6
            Dat wel (Bitdefender is eigenlijk beter ).
            Heb ik vroeger ook gehad, maar door hun voortdurend "genag" heb ik hem vervangen.

            Voor de rest alles ok?
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

              2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

              Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

              3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

              4) Allerlei tips en hints kan je hier raadplegen.


              Ik zet het topic op opgelost.

              Indien er niet meer gereageerd wordt, zal binnen een 5-tal dagen deze thread automatisch verplaatst worden
              naar de sectie "Afgesloten topics virusinfecties en is een reactie niet meer mogelijk
              Dit is gedaan om het forum netjes en overzichtelijk te houden.

              Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



              Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

              Emphyrio
              Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
              E Dev * McAfee verwijderen. * Ccleaner * E-Peek

              Comment

              Sorry, you are not authorized to view this page
              Working...
              X