PDA

Volledige versie bekijken : escan antivirus



smile and die
28 januari 2005, 18:39
ik heb zoals ze mij in een andere thread hadden gezegd escan gedownload, nu heeft hij gescanned, maar om deze virussen te deleten moet ik het eerst kopen wordt er gezegd.
is dit normaal????

Exit
28 januari 2005, 23:50
wrs wel jaa, tzal geen freeware zijn ....

j .
29 januari 2005, 01:07
Het is betalend, maar geeft je wel een lijst van verdachte bestanden. Post de gevonden viruslijst eens hier.

N.B. Er bestaan startpaginakapers die meer dan een startpagina kunnen instellen(willekeurig uit een lijst gekozen). Ze gebruiken vaak een trojaans virus om informatie te versturen of binnen te halen. Al je problemen hebben wel degelijk met elkaar te maken aangezien hetzelfde bestand maar niet weg te krijgen is.

R@ -= G D D =-
29 januari 2005, 01:36
Download en installeer eens AVG free edition.
Lichte antivirus die ze werk goed doet.


http://www.grisoft.com

smile and die
29 januari 2005, 12:20
j., idd het gaat em om het virus downloader trojan die ervoor zorgt dat mijn startpagina constant gewijzigd wordt.

smile and die
29 januari 2005, 12:30
File C:\WINDOWS\system32\JQuzpp.exe infected by "Trojan.Win32.Agent.az" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\telcmd.exe infected by "Trojan-Proxy.Win32.Agent.cx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\hicom.exe infected by "Trojan-Proxy.Win32.Agent.cx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\gxytkaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\system32\JQuzpp.exe infected by "Trojan.Win32.Agent.az" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\telcmd.exe infected by "Trojan-Proxy.Win32.Agent.cx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\hicom.exe infected by "Trojan-Proxy.Win32.Agent.cx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\SYSTEM32\VDMT16.SYS infected by "Backdoor.Win32.Haxdoor.bh" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\jgsyoaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\msuvlwrr.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\KILLAPPS.EXE tagged as not-a-virus:RiskWare.Tool.KillApp.b. No Action Taken.
File C:\WINDOWS\System32\ieexec.exe infected by "Trojan.Win32.Zapchast" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\wtl32a.exe infected by "Trojan-Clicker.Win32.Agent.bd" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\hicomd.exe infected by "Trojan-Proxy.Win32.Agent.cx" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\sqoqaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\vdvulaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\vuqxpaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\vmhelper.exe infected by "not-a-virus:AdWare.AdSrve.b" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\srvuaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\aamiaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\djwovaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\cz.dll infected by "Backdoor.Win32.Haxdoor.bh" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\hz.dll infected by "Backdoor.Win32.Haxdoor.bh" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\wz.dll infected by "Backdoor.Win32.Haxdoor.be" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\glpbdpvb.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\aieiegei.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\pkvbaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mtqwwaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\piyoaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mcrmtaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\spurcvnb.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\ardasaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\pjnuraaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\gthdtaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\drdkqkje.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\pghnaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\jnvklaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\ayrjyypp.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\gpiplaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\sgvaaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\aahjgjve.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mccaiekp.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\mcsxiaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\dqfqwyfl.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\jpctaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\sbdxvaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\puqiaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\gxytkaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\gpaaaaaa.exe infected by "not-a-virus:AdWare.WinAD.p" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\instsrv.exe tagged as not-a-virus:RiskWare.Tool.ServiceRunner.f. No Action Taken.
File C:\WINDOWS\System32\ysbinstall.exe infected by "Trojan-Downloader.Win32.IstBar.gv" Virus. Action Taken: No Action Taken.
File C:\WINDOWS\System32\Yxijqj.exe infected by "not-a-virus:AdWare.DealHelper.v" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\temp.fr1AC5\istsvc .exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\kIAcZZ.exe infected by "Trojan-Downloader.Win32.IstBar.gn" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\tmp2.tmp infected by "Trojan-Downloader.Win32.Agent.hp" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\tmp6.tmp infected by "not-a-virus:Porn-Dialer.Win32.Salc" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\tmp7.tmp infected by "Trojan-Downloader.Win32.Small.aha" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\tmp8.tmp infected by "not-a-virus:Porn-Downloader.Win32.TibSystems" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\fi6NtG1.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\optimize.exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\dealhelper.exe infected by "Trojan-Downloader.Win32.Agent.hw" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\sidefind.exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\sahagent.exe infected by "not-a-virus:AdWare.Sahat.h" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\temp.fr7B76 infected by "not-a-virus:AdWare.ShopAtHome.b" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\Temp\bb.exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\TF 7B15GE\istdownload[1].exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\a579ad77[1].js infected by "Trojan-Downloader.JS.Small.af" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\optimize[1].exe infected by "Trojan-Downloader.Win32.Dyfuca.du" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\sahagent[2].exe infected by "not-a-virus:AdWare.Sahat.h" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\sidefind13[2].dll infected by "not-a-virus:AdWare.ToolBar.SideFind" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\ysb[2].dll infected by "not-a-virus:AdWare.ToolBar.YourSiteBar.b" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\G1 INOLYJ\bb[1].exe infected by "not-a-virus:AdWare.BargainBuddy.l" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\EL 16ZU18\secure[1].exe infected by "not-a-virus:AdWare.DealHelper.v" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\EL 16ZU18\version[1].exe infected by "Trojan-Downloader.Win32.Agent.hw" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\EL 16ZU18\dealhelper[1].exe infected by "Trojan-Downloader.Win32.Agent.hw" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\TB JB95KE\sfbho13[1].dll infected by "not-a-virus:AdWare.ToolBar.SideFind" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\TB JB95KE\istrecover[1].exe infected by "Trojan-Downloader.Win32.IstBar.go" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\TB JB95KE\ncase_new[1].exe infected by "not-a-virus:AdWare.180Solutions" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\SN DBUUZ9\BHO[1].dll infected by "not-a-virus:AdWare.ToolBar.BHO.j" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\SN DBUUZ9\sidefind[1].exe infected by "Trojan-Downloader.Win32.IstBar.gen" Virus. Action Taken: No Action Taken.
File C:\DOCUME~1\Jelle\LOCALS~1\TEMPOR~1\Content.IE5\SN DBUUZ9\istsvc[1].exe infected by "Trojan-Downloader.Win32.IstBar.gm" Virus. Action Taken: No Action Taken.

dit is een log van escan

Exit
29 januari 2005, 12:37
da ziet er nie te best uit die log ..... welke virussscanner hebt ge? probeer verschillende online scanners eens ....

Exit
29 januari 2005, 12:40
crap cleaner eens proberen

smile and die
29 januari 2005, 13:46
ik had norton, deze log is van escan, maar dat is dus betalend en kan ik dus niks mee doen, dus heb ik avast geinstalleerd nu.

j .
29 januari 2005, 18:10
Probeer ook eens(zoals Exit al zei):
Opstarten in veilige modus met netwerkondersteuning(F8 bij opstarten en kiezen)
ga dan naar http://housecall.trendmicro.com/housecall/start_corp.asp; ze zullen je vragen om iets te installeren: geef daarvoor toestemming. Na enkele minuten zie je dan in dat IE-venster je verschillende harde schijven e.d., dan kan je aanvinken en scannen.
Gebruik dan spybot/ad-aware (zie ook sticky voor hitman pro).
Ga ook in IE, en wis alle tijdelijke internetbestanden.
Ga naar C:\DOCUME~1\Jelle\LOCALS~1\Temp\ (plak het gewoon in de adresbalk), en stuur daar alles naar de prullenmand.
Gebruik dan opnieuw escan, en kijk eens of de lijst fel geminderd is.
Je hebt inderdaad heel wat besmette bestanden.
N.B. downloader trojan is meestal gewoon een algemene term: ze gebruiken die b.v. als ze de precieze naam niet kennen.
EDIT: Als escan nog bestanden vindt, stuur die dan zelf naar de prullenmand terwijl je nog in veilige modus zit. Als je ze niet ziet, moet je in configuratie> mapopties>weergave aanvinken: inhoud systeemmappen weergeven, verborgen bestanden en mappen weergeven
en dan opnieuw gaan kijken(wel verkenner sluiten/terug openen).