Onderstaand het logje van MBam:
Code: Selecteer alles
Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org
Databaseversie: 7477
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
16-8-2011 20:33:19
mbam-log-2011-08-16 (20-33-19).txt
Scantype: Volledige scan (C:\|)
Objecten gescand: 234691
Verstreken tijd: 28 minuut/minuten, 45 seconde(n)
Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 3
Registerwaarden geïnfecteerd: 2
Registerdata geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 1
Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\CLSID\{8W331234-U375-D761-B5TC-145XVSU12367} (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8W331234-U375-D761-B5TC-145XVSU12367} (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Active Setup\Installed Components\{8W331234-U375-D761-B5TC-145XVSU12367} (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.HMCPol.Gen) -> Value: Policies -> Quarantined and deleted successfully.
Registerdata geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Mappen geïnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)
Bestanden geïnfecteerd:
c:\program files\Adobe\Updater (Backdoor.HMCPol.Gen) -> Quarantined and deleted successfully.
Maar ik lees onderstaande info op BleepingComputer:
Wat is jullie advies?I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
Though the trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS