Hallo
Hierbij 2 logjes. 1 van exterminate this ( ik kan niets verwijderen want blijkbaar moest ik betalen hiervoor)
en 1 log van malware waarbij ik alles kon verwijderen of in quarantaine zetten.
Exterminate It! Antimalware 2.02
Database: 16-12-2011 (8358665 signatures)
Exterminate It! - Easy to use Antispyware. Malware removal tool.
System Information:
Windows: 5.1.2600 Service Pack 2
Scan Type: Full Scan
Folders:
X:\
Scan Log:
15:32:47.703 Start Scan
15:33:46.828 Found Bancos Downloader, Hacker Tool, Spyware, Trojan X:\I386\system32\network.exe
15:33:49.828 Found Bancos.IFR Trojan X:\I386\system32\smss.exe
15:33:50.265 Found Bancos.IFR Trojan X:\I386\system32\winlogon.exe
15:33:59.343 Found Disabled My Music Menu Hijacker HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, Start_ShowMyMusic
15:33:59.343 Found Disabled My Pictures Menu Hijacker HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced, Start_ShowMyPics
15:33:59.359 Found Disabled Appearance tab from Display in Control Panel Hijacker HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system, NoDispAppearancePage
15:38:32.578 Found Agent Backdoor, Trojan X:\I386\system32\SPOOLSV.EXE
15:43:09.343 Found Winlogon Shell Hijacker HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon, Shell
15:51:45.796 End Scan
Summary:
Scan Duration: 0:18:58.093
Threats Detected: 8
Malwarebytes' Anti-Malware
Malwarebytes : Free anti-malware, anti-virus and spyware removal download
Database version:
Windows 5.1.2600
Internet Explorer 6.0.2800.5512
2011-12-17 18:45:04
mbam-log-2011-12-17 (18-45-04).txt
Scan type: Quick scan
Objects scanned: 79298
Time elapsed: 20 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
x:\I386\System32\keybtray.exe (Malware.Packer.Gen) -> 1604 -> Unloaded process successfully.
Memory Modules Infected:
x:\I386\System32\wzcsvc.dll (Trojan.FakeAV) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{3F4DACA4-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3F4DACA7-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3F4DACA0-160D-11D2-A8E9-00104B365C9F} (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\VBScript.RegExp (Malware.Packer.Gen) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (PUM.Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
x:\I386\System32\wzcsvc.dll (Trojan.FakeAV) -> Quarantined and deleted successfully.
x:\I386\System32\keybtray.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
x:\I386\System32\msxml2.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
x:\I386\System32\vbscript.dll (Malware.Packer.Gen) -> Quarantined and deleted successfully.
x:\I386\System32\fdco1.dll (Malware.Packer.GenX) -> Quarantined and deleted successfully.
b:\Temp\HBCD\Opera\opera.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
x:\I386\System32\sfcfiles.dll (Trojan.Patched) -> Quarantined and deleted successfully.
Helaas blijft het probleem hetzelfde. Je ziet het lege bureaublad, hij gaat over naar login scherm. Bij aanloggen gaat hij direct over naar " instellingen worden opgeslaan".
Via safe modus kan ik ook niets doen. ( hij gaat in safe modus en 2 seconden erna terug naar loginscherm maar dan met administrator erbij. Via administrator kan ik ook niet aanloggen)
vorige configuratie die wel werkte kan ik kiezen maar ook hiermee is het probleem niet verholpen.
Systeemherstel heb ik kunnen doen via boot cd maar ook hiermee is het niet verholpen.
any suggestions?
Linda
Daarom dat ik nog ff wacht om een nieuwe installatie te doen 
