Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vundo / popup infection


  • This topic is locked This topic is locked
52 replies to this topic

#1 mattom

mattom

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 21 May 2009 - 04:59 PM

To start with i was directed to this part of the forum by quietman7.

I had some problem and posted in the "help I'm infected".
The first thing I noticed that something was not right. Was that my USB-stick wasn't showing up at "this computer" anymore. Thought it was kinda strange and than i got some errors.
1. C:\\Windows\System32\Faviheki.dll cannot be found

2. C:\\Windows\System32\Regizogu cannot be found

3. Exeption processing message : C0000013 Parameters = 75b0bf7c 4 75b0b7c 75b0bf7c




He helped me trough several steps and I'll try to explain it as good as I can.
The following post is the topic where quietman7 assisted me with my problem.

http://www.bleepingcomputer.com/forums/t/228031/error-messages/

Apparently malwarebytes wasn't able to stop this.


Now I'll try to explain my situation right now.

So I installed Malwarebytes to get rid of all the infections my computer had. This includes this annoying "malware Doctor". I've been reading about this "malware doctor" and it should be removable with this malwarebytes. However it doesn't , Malwarebytes does detect it together with some other things. Here's my log of the last scan i did just before making this topic.

Malwarebytes log


Malwarebytes' Anti-Malware 1.36
Database versie: 2154
Windows 5.1.2600 Service Pack 3

21/05/2009 23:53:12
mbam-log-2009-05-21 (23-53-08).txt

Scan type: Snelle Scan
Objecten gescand: 93014
Verstreken tijd: 4 minute(s), 56 second(s)

Geheugenprocessen ge´nfecteerd: 1
Geheugenmodulen ge´nfecteerd: 1
Registersleutels ge´nfecteerd: 2
Registerwaarden ge´nfecteerd: 3
Registerdata bestanden ge´nfecteerd: 3
Mappen ge´nfecteerd: 1
Bestanden ge´nfecteerd: 4

Geheugenprocessen ge´nfecteerd:
c:\program Files\ThunMail\testabd.exe (Spyware.OnlineGamer) -> No action taken.

Geheugenmodulen ge´nfecteerd:
c:\program Files\ThunMail\testabd.dll (Trojan.Agent2) -> No action taken.

Registersleutels ge´nfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f30b5e7e-cfbb-44fb-a947-226e5a7a4290} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f30b5e7e-cfbb-44fb-a947-226e5a7a4290} (Trojan.BHO) -> No action taken.

Registerwaarden ge´nfecteerd:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svc (Spyware.OnlineGamer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Malware Doctor (Rogue.MalwareDoc) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Malware Doctor (Rogue.MalwareDoc) -> No action taken.

Registerdata bestanden ge´nfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Spyware.OnlineGamer) -> Data: c:\progra~1\thunmail\testabd.dll -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableRegistryTools (Hijack.Regedit) -> Bad: (1) Good: (0) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> No action taken.

Mappen ge´nfecteerd:
C:\Program Files\ThunMail (Spyware.OnlineGamer) -> No action taken.

Bestanden ge´nfecteerd:
C:\Program Files\ThunMail\testabd.dll (Spyware.OnlineGamer) -> No action taken.
C:\Program Files\ThunMail\testabd.exe (Spyware.OnlineGamer) -> No action taken.
C:\WINDOWS\system32\sft.res (Malware.Trace) -> No action taken.
C:\Documents and Settings\LocalService\Application Data\916653139.exe (Rogue.MalwareDoc) -> No action taken.


Now malewarebytes does ask to restart so action can be taken against the infections but after 5 min the malware doctor pops up again.


I followed the steps in the topic "Preparation Guide For Use Before Using Hijackthis and other Malware Removal Tools, Instructions for receiving help in cleaning your computer"

and now i'm at the last stap my log.

DDS.TXT LOG




DDS (Ver_09-05-14.01) - NTFSx86
Run by Matthias at 23:39:20,71 on do 21/05/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_11
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2047.1442 [GMT 2:00]

AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6451C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5B56C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F437B4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F74C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4389C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D708AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D53C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFEA6C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4DC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E83374-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5C8BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859EC054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F29A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E89054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D40DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDCA64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E27C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF26DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6B51C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F08C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8606BC44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5A6DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1A054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA96DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F78C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F71DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D77CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F73584-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F5242C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85F3A58C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF751C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4E8A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FC7794-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFC464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F617E4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F05DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DECDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9E57C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0035C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEC4C4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6FA7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DDF644-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2F89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF98A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E45B84-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3FA6C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4451C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1A52C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F8EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB06DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2EC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E218AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E25DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E354D4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6ADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D35C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1AD44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D306F4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2835C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6EC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5BDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7CA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5FA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D64A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EAA42C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E43DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBFA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9A1BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E27DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D646EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF8C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D27374-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CA97CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA49BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E85A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3D364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AB2CE4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F456A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7E524-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBC35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6435C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D44054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F5C49C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7DDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FC2544-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE28BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E70C3C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E07C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3E054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7D73C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FFADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86011DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4089C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1ABB4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D44DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D553AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E30C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D66054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5D35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F09624-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0DDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2A054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE46EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C624-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0D6CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F716DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F75B64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E976DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8E35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D63A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E26A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D7251C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2D054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A188C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB76DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BCA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C8A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E578B4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE9C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1785C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C8B64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F28DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBBC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEA524-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6E6EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F239A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F1AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3CA64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0635C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ECC35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6A51C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D49C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F64054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D31C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E39C3C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8835C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1F464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E35DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7C364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E86DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA935C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FCF9A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AE89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4346C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5B89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E83DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D639A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F446DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1789C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6089C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D638FC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4A89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ECA70C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F47DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1D84C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85CFD30C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0FA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6651C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B36C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EAD6F4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0153C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1DB04-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE3C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2135C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D65DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F24DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E806DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D50054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D70DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FD9A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6BCB4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E176DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE9C4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AAA7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E55A7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5AB64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2079C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC551C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E26A74-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F31C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7652C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED77DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CF364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D31DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F52DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E4151C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6CC44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D60A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E15054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E20DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0C2A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5953C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E59A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F80A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F8BC24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D39DDC-FFA4-00DD-0D24-347CA8A3377C}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\LocalService\Application Data\916653139.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\AshEvtSvc.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\uTorrent\uTorrent.exe
c:\program Files\ThunMail\testabd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Matthias\Bureaublad\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://google.icq.com/search/results/?q=STAUYRANT%20AALST
uWindow Title = Microsoft Internet Explorer aangeboden door Telenet Internet
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
mSearchAssistant =
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
uURLSearchHooks: ICQ Toolbar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\progra~1\icqtoo~1\toolbaru.dll
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Aanmelden - Help: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Windows Live Toolbar Helper: {bdbd1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
BHO: 1 (0x1) - No File
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: Microsoft copyright: {f30b5e7e-cfbb-44fb-a947-226e5a7a4290} - lklf32.dll
TB: Acer eDataSecurity Management: {5cbe3b7c-1e47-477e-a7dd-396db0476e29} - c:\windows\system32\eDStoolbar.dll
TB: Windows Live Toolbar: {bdad1dad-c946-4a17-adc1-64b5b4ff55d0} - c:\program files\windows live toolbar\msntb.dll
TB: ICQ Toolbar: {855f3b16-6d32-4fe6-8a56-bbb695989046} - c:\progra~1\icqtoo~1\toolbaru.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: &Discuss: {bdeade7f-c265-11d0-bced-00a0c90ab50f} - shdocvw.dll
uRun: [ASUS SmartDoctor] c:\program files\asus\smartdoctor\SmartDoctor.exe /start
uRun: [MsnMsgr] "c:\program files\windows live\messenger\MsnMsgr.Exe" /background
uRun: [updateMgr] "c:\program files\adobe\acrobat 7.0\reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
uRun: [ICQ] "c:\program files\icq6\ICQ.exe" silent
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Malware Doctor] c:\documents and settings\localservice\application data\916653139.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [LaunchApp] Alaunch
mRun: [ntiMUI] c:\program files\newtech infosystems\nti cd & dvd-maker 7\ntiMUI.exe
mRun: []
mRun: [IMJPMIG8.1] "c:\windows\ime\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
mRun: [IMEKRMIG6.1] c:\windows\ime\imkr6_1\IMEKRMIG.EXE
mRun: [MSPY2002] c:\windows\system32\ime\pintlgnt\ImScInst.exe /SYNC
mRun: [PHIME2002ASync] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /SYNC
mRun: [PHIME2002A] c:\windows\system32\ime\tintlgnt\TINTSETP.EXE /IMEName
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRun: [Acer Empowering Technology Monitor] c:\windows\system32\SysMonitor.exe
mRun: [eDataSecurity Loader] c:\acer\empowering technology\edatasecurity\eDSloader.exe 1
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [avgnt] "c:\program files\antivir personaledition classic\avgnt.exe" /min
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [Alcmtr] ALCMTR.EXE
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Malware Doctor] c:\documents and settings\localservice\application data\916653139.exe
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
dRun: [svc] c:\program files\thunmail\testabd.exe
StartupFolder: c:\docume~1\matthias\menust~1\progra~1\opstar~1\openof~1.lnk - c:\program files\openoffice.org 3\program\quickstart.exe
StartupFolder: c:\docume~1\matthias\menust~1\progra~1\opstar~1\xfire.lnk - c:\program files\xfire\Xfire.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\acerwl~1.lnk - c:\program files\acer wlan 11g usb dongle\ZDWlan.exe
StartupFolder: c:\docume~1\alluse~1\menust~1\progra~1\opstar~1\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
uPolicies-system: DisableRegistryTools = 1 (0x1)
uPolicies-system: DisableTaskMgr = 1 (0x1)
IE: &Windows Live Search - c:\program files\windows live toolbar\msntb.dll/search.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Openen in een nieuwe achtergrondtab - c:\program files\windows live toolbar\components\nl-be\msntabres.dll.mui/229?d8d4eb88b5e94e68a3be6b7160a0ab25
IE: Openen in een nieuwe voorgrondtab - c:\program files\windows live toolbar\components\nl-be\msntabres.dll.mui/230?d8d4eb88b5e94e68a3be6b7160a0ab25
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {E59EB121-F339-4851-A3BA-FE49C35617C2} - c:\program files\icq6\ICQ.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\yinsthelper.dll
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
AppInit_DLLs: ,c:\progra~1\thunmail\testabd.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\docume~1\matthias\applic~1\mozilla\firefox\profiles\07jnsvee.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\documents and settings\all users\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: c:\documents and settings\matthias\application data\mozilla\firefox\profiles\07jnsvee.default\extensions\npdyyno@dyyno.com\plugins\npDyyno.dll
FF - plugin: c:\program files\dyyno\dyyno player\npvlc.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npDyyno.dll
FF - plugin: c:\program files\octoshape streaming services\matthias\octoprogram-l03-nms0806110_sua_900\npoctoshape.dll
FF - plugin: c:\program files\octoshape streaming services\matthias\octoprogram-l03-nms0806260_sua_000\npoctoshape.dll
FF - plugin: c:\program files\octoshape streaming services\matthias\octoprogram-l03-nms0810164_sua_000\npoctoshape.dll

============= SERVICES / DRIVERS ===============

R1 avgio;avgio;c:\program files\antivir personaledition classic\avgio.sys [2006-12-1 11840]
R2 AntiVirScheduler;AntiVir PersonalEdition Classic Scheduler;c:\program files\antivir personaledition classic\sched.exe [2006-12-1 68865]
R2 AntiVirService;AntiVir PersonalEdition Classic Guard;c:\program files\antivir personaledition classic\avguard.exe [2006-12-1 151297]
R2 AshEvtSvc;AshEvtSvc;c:\windows\system32\ashevtsvc.exe -k netsvcs --> c:\windows\system32\AshEvtSvc.exe -k netsvcs [?]
R2 McrdSvc;Media Center Extender Service;c:\windows\ehome\mcrdsvc.exe [2005-8-17 99328]
R3 avgntflt;avgntflt;c:\program files\antivir personaledition classic\avgntflt.sys [2006-12-1 52032]
S3 bqda;bqda;\??\c:\documents and settings\matthias\bureaublad\wow gliter\bqda.sys --> c:\documents and settings\matthias\bureaublad\wow gliter\bqda.sys [?]
S3 Video3D;ASUS Video3D Service;c:\windows\system32\drivers\video3d32.sys --> c:\windows\system32\drivers\Video3D32.sys [?]

=============== Created Last 30 ================

2009-05-21 22:29 136 a------- c:\windows\system32\vp_setup.exe.bat
2009-05-21 22:29 --dshr-- c:\program files\ThunMail
2009-05-21 22:28 61,440 a------- c:\windows\system32\vp_setup.exe
2009-05-21 22:15 29,184 a------- c:\windows\system32\lklf32.dll
2009-05-21 20:07 708 a------- c:\windows\system32\sft.res
2009-05-21 20:07 29,184 a------- c:\windows\system32\jhxm32.dll
2009-05-20 22:39 --d----- c:\docume~1\matthias\applic~1\TeamViewer
2009-05-20 22:39 --d----- c:\program files\TeamViewer
2009-05-20 22:39 --d----- c:\documents and settings\matthias\temp
2009-05-20 19:14 --d-h--- c:\windows\system32\GroupPolicy
2009-05-20 12:30 32,768 a------- c:\windows\system32\AshEvtSvc.exe
2009-05-20 12:30 32,768 a------- c:\windows\system32\service-466.exe
2009-05-19 17:53 --d----- c:\docume~1\matthias\applic~1\Malwarebytes
2009-05-19 17:53 15,504 a------- c:\windows\system32\drivers\mbam.sys
2009-05-19 17:53 38,496 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-19 17:53 --d----- c:\program files\Malwarebytes' Anti-Malware
2009-05-19 17:53 --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2009-05-19 16:13 107 a------- C:\xcrashdump.dat
2009-05-18 19:57 --d-hr-- c:\documents and settings\matthias\Onlangs geopend
2009-05-17 14:56 --d----- c:\program files\DVDVideoSoft
2009-05-17 14:56 --d----- c:\program files\common files\DVDVideoSoft
2009-05-16 21:12 --d----- c:\docume~1\matthias\applic~1\Octoshape
2009-04-29 23:19 41,808 a------- c:\windows\system32\xfcodec.dll
2009-04-27 18:58 --d----- c:\program files\common files\SWF Studio
2009-04-27 18:58 --dsh--- c:\docume~1\matthias\applic~1\.#

==================== Find3M ====================

2009-05-11 16:40 496,142 a------- c:\windows\system32\perfh013.dat
2009-05-11 16:40 93,808 a------- c:\windows\system32\perfc013.dat
2009-03-06 16:23 285,696 a------- c:\windows\system32\pdh.dll
2009-03-03 02:16 826,368 a------- c:\windows\system32\wininet.dll
2007-07-25 23:58 262,144 a------- c:\documents and settings\matthias\WoW-2.0.5.6320-to-2.0.6.6337-enGB-patch.exe
2007-05-19 12:52 0 -------- c:\documents and settings\matthias\WoW-2.0.3.6299-to-2.0.5.6320-enGB-patch.exe
2008-11-08 00:37 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\geschiedenis\history.ie5\mshist012008110720081108\index.dat

============= FINISH: 23:39:53,32 ===============







Thanks for reading and I hope you can help me


Greetings

mattom

Attached Files



BC AdBot (Login to Remove)

 


#2 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 29 May 2009 - 06:35 PM

Hi matton,

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java SE Runtime Environment (JRE) 6 Update 13.
  • Click the "Download" button to the right.
  • At the Select Platform and Language for your download drop down box
    Select Windows and Mult-Language
  • Check the box that says: "Accept License Agreement" then press Continue ( Selecting Windows will give you the 32 bit version. )
  • The page will refresh.
  • Click on the link to download Windows Offline Installation, Multi-language jre-6u13-windows-i586-p.exe and save to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
    Examples of older versions in Add or Remove Programs:
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    Java™ 6 Update 11
    Java™ 6 Update 5
    Java™ 6 Update 7
  • Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-6u13-windows-i586-p.exe to install the newest version.

Geheugenprocessen ge´nfecteerd:
c:\program Files\ThunMail\testabd.exe (Spyware.OnlineGamer) -> No action taken.

Geheugenmodulen ge´nfecteerd:
c:\program Files\ThunMail\testabd.dll (Trojan.Agent2) -> No action taken.

Registersleutels ge´nfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f30b5e7e-cfbb-44fb-a947-226e5a7a4290} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f30b5e7e-cfbb-44fb-a947-226e5a7a4290} (Trojan.BHO) -> No action taken.



Malwarebytes' Anti-Malware 1.36
Database versie: 2154


There is a new version of Malwarebytes 1.37 and its Database version 2192. Please update it. :)

Your MBAM log shows "No action taken". :thumbup2:
This usually occurs if you forget to click "Remove Selected" and instead only clicked "Save Logfile.
Please read this thread and rescan again only using the (Quick Scan) in normal mode and check all items found for removal.
Don't forgot to reboot afterwards. Failure to reboot normally (not into safe mode) will prevent MBAM from removing all the malware.
After performing the new scan, click the Logs tab and copy/paste the contents of the new report in your next reply along with a Hijackthis log (not the DDS logs).

Edited by SifuMike, 29 May 2009 - 06:45 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#3 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 07:21 AM

Sorry it took me so long to reply but i was a weekend out

First of all I want to thank you for the reply and let's get to work.


1. Delete old versions of Java and update Java

So , I deleted all the java's I had and downloaded the .Exe
After that I followed your steps -> Install without web browser open & programs closed.

2. Update my Anti-Malware and make sure your read the guide.

- I read the guide make sure I did everything fine step by step and this is the result

Anti-Malware log


Malwarebytes' Anti-Malware 1.37
Database versie: 2206
Windows 5.1.2600 Service Pack 3

1/06/2009 2:04:46
mbam-log-2009-06-01 (02-04-46).txt

Scan type: Snelle Scan
Objecten gescand: 94960
Verstreken tijd: 4 minute(s), 25 second(s)

Geheugenprocessen ge´nfecteerd: 0
Geheugenmodulen ge´nfecteerd: 0
Registersleutels ge´nfecteerd: 3
Registerwaarden ge´nfecteerd: 0
Registerdata bestanden ge´nfecteerd: 0
Mappen ge´nfecteerd: 1
Bestanden ge´nfecteerd: 2

Geheugenprocessen ge´nfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen ge´nfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels ge´nfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f30b5e7e-cfbb-44fb-a947-226e5a7a4290} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AshEvtSvc (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\avast!Antivirus (Trojan.Agent) -> Quarantined and deleted successfully.

Registerwaarden ge´nfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden ge´nfecteerd:
(Geen kwaadaardige items gevonden)

Mappen ge´nfecteerd:
C:\WINDOWS\system32\sysloc (Trojan.BHO) -> Quarantined and deleted successfully.

Bestanden ge´nfecteerd:
C:\WINDOWS\system32\vp_setup.exe.bat (Malware.Trace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce122730.dat (Worm.KoobFace) -> Quarantined and deleted successfully.


3. watch attachment


Thank you for reading.

Attached Files



#4 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 11:33 AM

Hi mattom,

We will run ComboFix.

You should NOT use Combofix unless you have been instructed to do so by a Malware Removal Expert.
It is intended by its creator to be used under the guidance and supervision of an Malware Removal Expert, not for private use.

Using this tool incorrectly could lead to disastrous problems with your operating system such as preventing it from ever starting again.
Please read Combofix's Disclaimer.
Further, ComboFix logs are not permitted outside the HijackThis forums and then only when requested by a HJT Team member.

You need to disable your Avira AntiVir Antivirus before running ComboFix, as it will prevent it from running.

To disable Avira Antivirus:
Please navigate to the system tray on the bottom right hand corner and look for an open white umbrella on red background (looks to this: Posted Image )
  • right click it-> untick the option AntiVir Guard enable.
  • You should now see a closed, white umbrella on a red background (looks to this: Posted Image )
You succesfully disabled the AntiVir Guard.


Note: If you already have a copy of ComboFix on your system it is essential that you delete it before downloading this copy.

Please visit this webpage for instructions for downloading and running ComboFix:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix

To work properly, you must install ComboFix on the Desktop..
Post the log from ComboFix in your next reply,

A caution - ComboFix may reset a number of Internet Explorer's settings, including making IE the default browser.
ComboFix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal and increase security. If this is an issue or makes it difficult for you -- please tell me.
Have no other programs running. Your Task Bar should be clear of any program entries including your Browser.
Do not run Combofix more than once.
Do not touch your mouse/keyboard until the scan has completed, as this may cause the process to stall or your computer to lock.
The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.
Even when ComboFix appears to be doing nothing, look at your Drive light. If it is flashing, Combofix is still at work.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#5 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 01:21 PM

Starting combofix right now


Brb

#6 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 01:24 PM

Good. :thumbup2:
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#7 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 01:57 PM

Here's the result

ComboFix 09-05-31.06 - Matthias 01/06/2009 8:41.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.32.1043.18.2047.1655 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Matthias\Bureaublad\ComboFix.exe
AV: Avira AntiVir PersonalEdition *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85AB2CE4-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85CFD30C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) {85F3A58C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000000-0000-0000-0000-000000000000}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {00000246-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {859EC054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BE28BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85BF26DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85C5BDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CA97CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85CF8C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1A054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1A52C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D1ABB4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D27374-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2D464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D2F89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D306F4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D31C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D31DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D35C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D39DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3D364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D3FDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D40DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4389C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D44054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D44DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D49C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4A89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4C624-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4DC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D4E8A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D50054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D53C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D553AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5953C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5A6DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5AB64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5B56C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5B89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5C8BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5D35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D5FA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D60A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D638FC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D639A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D63A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6435C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6451C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D646EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D64A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D65DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D66054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6651C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6A51C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D6ADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D708AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D70DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85D7251C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DDF644-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DE46EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEA524-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DEC4C4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DECDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF751C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DF98A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFC464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85DFE9C4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0035C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0153C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E07C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0B36C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0C2A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E0FA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E15054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E176DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1785C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1789C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1AD44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1D84C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1DB04-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1EA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E1F464-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2079C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E20DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2135C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E218AC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E25DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E26A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E26A74-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E27C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E27DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2835C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E2A054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E30C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E354D4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E35DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E39C3C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E4151C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E43DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E45B84-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E55A7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E578B4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E59A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6B51C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6BCB4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6CC44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6E6EC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E6EC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E70C3C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7C364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7CA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7D73C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7DDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E7E524-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E806DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E83374-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E83DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E85A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E86DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8835C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E89054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E8E35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E93054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E976DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9A1BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9E57C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85E9EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA49BC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA6DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA935C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EA96DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EAA42C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EAD6F4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB06DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EB76DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBBC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBC35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EBFA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EC551C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ECA70C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ECC35C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85ED77DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85EFEA6C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F05DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0635C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F08C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F09624-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0D6CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F0DDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F1AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F239A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F24DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F28DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F29A64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2AA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2D054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F2EC1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F31C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3CA64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3E054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F3FA6C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4089C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4346C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F437B4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F4451C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F446DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F456A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F47DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F5242C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F52DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F5C49C-FFA4-0100-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6089C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F617E4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F64054-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F6FA7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F716DC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F71DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F73584-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F74C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F75B64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7652C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F78C24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F7CDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F80A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F8BC24-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85F8EDDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FC2544-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FC7794-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FCF9A4-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FD9A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FDCA64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE3C1C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FE9C2C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {85FFADDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {86011DDC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {8606BC44-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AAA7C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860AE89C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860BCA5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C8A5C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860C8B64-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860CF364-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {860D77CC-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {864A188C-FFA4-00DD-0D24-347CA8A3377C}
AV: Avira AntiVir PersonalEdition Classic *On-access scanning enabled* (Updated) {FFDFF540-FFA4-00DD-0D24-347CA8A3377C}
.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Matthias\Application Data\.#
c:\documents and settings\Matthias\Application Data\WeatherDPA
c:\documents and settings\Matthias\Application Data\WeatherDPA\Weather\WeatherStartup.xml
c:\documents and settings\Matthias\jdk-6u13-javafx-1_1_1-windows-i586.exe
c:\program files\Mozilla Firefox\plugins\npclntax_ZangoSA.dll
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\Config.xml
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\db\Aliases.dbs
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\db\Sites.dbs
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\report\aggr_storage.xml
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\report\send_storage.xml
c:\windows\system32\config\systemprofile\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
c:\windows\system32\config\systemprofile\Application Data\Zango
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\avatar.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\btntrans.idx
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\btntrans1.dat
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\buttondir.txt
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\components.cdf
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\cursors.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_1000.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_2000.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_3000.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bar.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_bbar1.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_logos.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_buttons_other.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\d_icons_weather.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\default.cdf
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_511745-514279.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-ca.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_bidzC_ZT_IE-us.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_categorize.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_comparison.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-Mails.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_explorer-people.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_favorites.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_Games.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_Hide.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_hotbarcom.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_Hotmail.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_hsskin.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_jemster.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_jemsterie.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_jemsteruk.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_jobsearch.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_Mails.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_MobileSidewalk.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_new.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_premium.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_reun.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_ringtones.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_SearchBoxTrapper.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_searchfor.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_searchgo.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_weather.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Default_yellowpages.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\editblbuttons.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-548964.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\email-def-511724-9595.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\email-t1-bg.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\icons2.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\ie_games_icon.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\ie_video.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\keywords.idx
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\keywords1.dat
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\layout.cdf
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\linkpathlegal.txt
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\progress.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\s_icons_buttons.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\sales_buttons.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\sdfmodifier.xml
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\t2_bg.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\theweb.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\top7.cdf
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\Top7_theweb.mnu
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\tsd_bg.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\zango_btn.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\2\zango_ie_menu.res
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\avatar.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\BtnTrans1.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\buttondir.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\cursors.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_1000.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_2000.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_3000.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bar.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_bbar1.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_logos.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_buttons_other.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\d_icons_weather.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\default.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\editblbuttons.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\email-t1-bg.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\icons2.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_games_icon.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\ie_video.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\keywords1.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\layout.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\linkpathlegal.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\progress.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\s_icons_buttons.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\sales_buttons.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.txt
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\samplegroups2.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\sdfmodifier.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\t2_bg.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\top7.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\tsd_bg.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_btn.xip
c:\windows\system32\config\systemprofile\Application Data\Zango\v3.0\Zango\static\DownLoad\zango_ie_menu.xip
c:\windows\system32\drivers\ovfsthxtrxusbupmbyionomnjsarnagjhdsyyu.sys
c:\windows\system32\ovfsthldomwvunehntogyhdxndbwanesnemtot.dat
c:\windows\system32\ovfsthpbjorodclfyykfxdvoepelblccrqjgqc.dll
c:\windows\system32\ovfsthtrxpdjabbhyxdhynilocmgboduovkdvo.dat
c:\windows\system32\ovfsthyiqvsbqoxcmnfiolbsrreybwusgfapak.dll
c:\windows\system32\ovfsthyuduhwbqsgqlibyocaccwfqvqmewvome.dll
C:\xcrashdump.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_ovfsthukvustnadkvyqfqntvmanoksltruircn
-------\Legacy_ASHEVTSVC
-------\Legacy_AVAST!ANTIVIRUS


(((((((((((((((((((( Bestanden Gemaakt van 2009-05-01 to 2009-06-01 ))))))))))))))))))))))))))))))
.

2009-05-31 23:55 . 2009-05-31 23:55 -------- d-----w- c:\program files\JavaFX
2009-05-31 23:54 . 2009-05-31 23:54 -------- d-----w- c:\program files\Sun
2009-05-31 23:39 . 2009-05-31 23:40 -------- d-----w- c:\documents and settings\Matthias\.SunDownloadManager
2009-05-27 19:13 . 2009-05-27 19:14 -------- d-----w- c:\program files\Movies Moreno
2009-05-27 11:11 . 2009-05-27 11:26 180 ----a-w- C:\487656.bat
2009-05-27 06:25 . 2009-05-27 06:25 -------- d-----w- c:\documents and settings\Matthias\LocalLow
2009-05-27 06:25 . 2009-05-27 06:25 -------- d-----w- c:\documents and settings\Matthias\Local Settings\Application Data\TVU Networks
2009-05-27 06:25 . 2009-05-27 06:25 -------- d-----w- c:\documents and settings\All Users\Application Data\TVU Networks
2009-05-27 03:24 . 2009-06-01 05:08 -------- d--h--r- c:\documents and settings\Matthias\Onlangs geopend
2009-05-27 02:48 . 2009-05-26 02:18 105 ----a-w- C:\tj.vbs
2009-05-23 15:11 . 2009-05-23 15:11 -------- d-----w- c:\program files\iPod
2009-05-23 15:11 . 2009-05-23 15:11 -------- d-----w- c:\program files\iTunes
2009-05-23 15:11 . 2009-05-23 15:11 -------- d-----w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-23 15:10 . 2009-05-23 15:10 -------- d-----w- c:\program files\Bonjour
2009-05-23 15:09 . 2009-03-26 13:23 1900544 ----a-w- c:\windows\system32\usbaaplrc.dll
2009-05-23 15:08 . 2009-05-23 15:08 75048 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 8.1.1.10\SetupAdmin.exe
2009-05-20 20:39 . 2009-05-20 20:39 -------- d-----w- c:\documents and settings\Matthias\Application Data\TeamViewer
2009-05-20 20:39 . 2009-05-20 20:39 -------- d-----w- c:\program files\TeamViewer
2009-05-20 20:39 . 2009-05-20 20:39 -------- d-----w- c:\documents and settings\Matthias\temp
2009-05-20 17:14 . 2009-05-20 17:14 -------- d--h--w- c:\windows\system32\GroupPolicy
2009-05-19 15:53 . 2009-05-19 15:53 -------- d-----w- c:\documents and settings\Matthias\Application Data\Malwarebytes
2009-05-19 15:53 . 2009-05-26 11:19 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-05-19 15:53 . 2009-05-26 11:20 40160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-19 15:53 . 2009-05-31 23:58 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-05-19 15:53 . 2009-05-19 15:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-05-17 12:56 . 2009-05-17 12:56 -------- d-----w- c:\program files\Common Files\DVDVideoSoft
2009-05-17 12:56 . 2009-05-17 12:56 -------- d-----w- c:\program files\DVDVideoSoft
2009-05-16 19:12 . 2009-05-16 19:12 -------- d-----w- c:\documents and settings\Matthias\Application Data\Octoshape
2009-05-04 13:03 . 2009-05-04 13:03 59904 ----a-w- c:\windows\system32\zlib1.dll
2009-05-04 12:53 . 2009-05-04 12:53 286720 ----a-w- c:\windows\system32\libcurl.dll
2009-05-04 12:53 . 2009-05-04 12:53 196608 ----a-w- c:\windows\system32\ssleay32.dll
2009-05-04 12:53 . 2009-05-04 12:53 1028096 ----a-w- c:\windows\system32\libeay32.dll
2009-05-04 12:53 . 2009-05-04 12:53 143360 ----a-w- c:\windows\system32\libexpatw.dll

.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-01 03:23 . 2009-02-05 15:47 -------- d-----w- c:\documents and settings\Matthias\Application Data\Xfire
2009-05-31 23:54 . 2009-02-02 16:56 410984 ----a-w- c:\windows\system32\deploytk.dll
2009-05-31 23:54 . 2006-12-01 11:55 -------- d-----w- c:\program files\Java
2009-05-31 23:33 . 2006-12-01 12:50 -------- d-----w- c:\documents and settings\All Users\Application Data\AntiVir PersonalEdition Classic
2009-05-27 19:09 . 2007-04-24 18:13 75096 ----a-w- c:\windows\system32\drivers\avipbb.sys
2009-05-26 18:22 . 2007-07-26 16:18 -------- d-----w- c:\program files\Windows Live Safety Center
2009-05-24 01:35 . 2007-01-15 17:39 -------- d-----w- c:\program files\mIRC
2009-05-23 22:37 . 2009-02-26 22:39 -------- d-----w- c:\documents and settings\Matthias\Application Data\uTorrent
2009-05-23 15:11 . 2007-09-13 19:23 -------- d-----w- c:\program files\Common Files\Apple
2009-05-21 17:51 . 2007-04-02 12:37 -------- d-----w- c:\documents and settings\Matthias\Application Data\BitTorrent
2009-05-20 18:44 . 2006-12-06 11:26 -------- d-----w- c:\program files\World of Warcraft
2009-05-20 18:08 . 2006-12-09 07:56 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP
2009-05-17 15:57 . 2009-02-05 15:47 -------- d-----w- c:\program files\Xfire
2009-05-11 14:40 . 2006-08-11 10:54 496142 ----a-w- c:\windows\system32\perfh013.dat
2009-05-11 14:40 . 2006-08-11 10:54 93808 ----a-w- c:\windows\system32\perfc013.dat
2009-05-10 17:05 . 2008-04-18 14:00 -------- d-----w- c:\program files\CCleaner
2009-05-03 14:29 . 2009-03-03 16:22 8 ----a-w- c:\windows\system32\nvModes.dat
2009-04-30 14:39 . 2007-10-01 11:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help
2009-04-29 21:19 . 2009-04-29 21:19 41808 ----a-w- c:\windows\system32\xfcodec.dll
2009-04-27 16:58 . 2009-04-27 16:58 -------- d-----w- c:\program files\Common Files\SWF Studio
2009-04-14 21:14 . 2009-03-04 16:25 -------- d-----w- c:\program files\World of Warcraft Public Test
2009-03-26 13:23 . 2007-11-28 12:41 36864 ----a-w- c:\windows\system32\drivers\usbaapl.sys
2009-03-19 14:32 . 2009-03-19 14:32 23400 ----a-w- c:\documents and settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}\x86\x86\GEARAspiWDM.sys
2009-03-19 14:32 . 2006-09-19 12:44 23400 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-03-06 14:23 . 2004-09-02 13:00 285696 ----a-w- c:\windows\system32\pdh.dll
.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS SmartDoctor"="c:\program files\ASUS\SmartDoctor\SmartDoctor.exe" [2006-03-24 1073152]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"updateMgr"="c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 313472]
"ICQ"="c:\program files\ICQ6\ICQ.exe" [2008-09-01 173304]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LaunchApp"="Alaunch" [X]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-09-29 67584]
"ntiMUI"="c:\program files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 45056]
"IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2004-09-02 208952]
"IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2004-09-02 44032]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-09-02 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-09-02 455168]
"Acer Empowering Technology Monitor"="c:\windows\system32\SysMonitor.exe" [2006-04-18 49152]
"eDataSecurity Loader"="c:\acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2006-03-17 345088]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-09-16 8491008]
"avgnt"="c:\program files\AntiVir PersonalEdition Classic\avgnt.exe" [2008-07-17 266497]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-09-16 81920]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-05-31 148888]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2007-09-16 1626112]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-03-21 16126464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Acer WLAN 11g USB Dongle.lnk - c:\program files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 745472]
Adobe Reader Speed Launch.lnk - c:\program files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-9-23 29696]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.0-enGB-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\WoW-1.12.x-to-2.0.1-enGB-patch-downloader.exe"=
"c:\\Program Files\\World of Warcraft\\Launcher.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\mIRC\\mirc.exe"=
"c:\\Program Files\\BitTorrent\\bittorrent.exe"=
"c:\\Program Files\\World of Warcraft\\BackgroundDownloader.exe"=
"c:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"c:\\Program Files\\ICQ6\\ICQ.exe"=
"c:\\Program Files\\Sony\\Vegas 7.0\\VegSrv70.exe"=
"c:\\Documents and Settings\\Matthias\\Local Settings\\Application Data\\Dyyno Receiver\\DPPM.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\Tortun\\gui.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Acer\\Empowering Technology\\ePerformance\\MemCheck.exe"=
"c:\\WINDOWS\\ATKKBService.exe"=
"c:\\Program Files\\TeamViewer\\Version4\\TeamViewer.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader
"6112:TCP"= 6112:TCP:Blizzard Downloader

S3 bqda;bqda;\??\c:\documents and settings\Matthias\Bureaublad\Wow gliter\bqda.sys --> c:\documents and settings\Matthias\Bureaublad\Wow gliter\bqda.sys [?]
.
Inhoud van de 'Gedeelde Taken' map

2009-05-23 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-06-01 c:\windows\Tasks\Controleren op updates voor Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]

2009-05-26 c:\windows\Tasks\OGADaily.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]

2009-06-01 c:\windows\Tasks\OGALogon.job
- c:\windows\system32\OGAVerify.exe [2008-12-31 16:04]
.
- - - - ORPHANS VERWIJDERD - - - -

SafeBoot-procexp90.Sys


.
------- Bijkomende Scan -------
.
uStart Page = hxxp://google.icq.com/search/results/?q=STAUYRANT%20AALST
uSearchMigratedDefaultURL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
uInternet Settings,ProxyOverride = *.local
uInternet Settings,ProxyServer = http=localhost:7171
IE: &Windows Live Search - c:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Openen in een nieuwe achtergrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/229?d8d4eb88b5e94e68a3be6b7160a0ab25
IE: Openen in een nieuwe voorgrondtab - c:\program files\Windows Live Toolbar\Components\nl-be\msntabres.dll.mui/230?d8d4eb88b5e94e68a3be6b7160a0ab25
DPF: {4E218431-2F07-40BD-A9D3-035324C1F13F} - hxxp://webserver.dyyno.com/DyynoClient/DyynoCAB.CAB
FF - ProfilePath - c:\documents and settings\Matthias\Application Data\Mozilla\Firefox\Profiles\07jnsvee.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - ICQ Search
FF - prefs.js: keyword.URL - hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npbittorrent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npDyyno.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-01 08:50
Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond
verborgen bestanden: 0

**************************************************************************
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

[HKEY_USERS\S-1-5-21-1426878460-1891827813-817041066-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ěĽÇ|    ĽÇ|¨Ľ9~*]
"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Windows\AutorunsDisabled]
"Appinit_Dlls"="c:\\windows\\system32\\regizogu.dll c:\\WINDOWS\\system32\\pedisasa.dll c:\\windows\\system32\\mejiyolo.dll"
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------

- - - - - - - > 'explorer.exe'(3752)
c:\windows\system32\MSNCHATHOOK.DLL
c:\windows\system32\sysenv.dll
c:\windows\system32\CryptoAPI.dll
c:\windows\system32\MFC71U.DLL
c:\program files\Xfire\xfire_toucan_36913.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\windows\system32\rundll32.exe
c:\acer\Empowering Technology\ePerformance\MemCheck.exe
c:\program files\Xfire\Xfire.exe
c:\program files\AntiVir PersonalEdition Classic\sched.exe
c:\program files\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\windows\ATKKBService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\ehome\mcrdsvc.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\WGATray.exe
c:\program files\Windows Live\Messenger\usnsvc.exe
.
**************************************************************************
.
Voltooingstijd: 2009-06-01 8:54 - machine werd herstart
ComboFix-quarantined-files.txt 2009-06-01 06:54

Pre-Run: 4.507.344.896 bytes beschikbaar
Post-Run: 5.706.874.880 bytes beschikbaar

WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect /usepmtimer

571 --- E O F --- 2009-05-21 17:30

#8 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 02:04 PM

c:\documents and settings\Matthias\Bureaublad\ComboFix.exe



I need you to do some tranlation for me, as my German is not good. I asked that ComboFix must be run from the desktop. Is Bureaublad the same as desktop?
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#9 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 02:13 PM

its dutch haha and ye sure i'll translate what you need.

Bureaublad is desktop yes



Also small side note : my Usb-Disk is showing himself again and i'm able to open it

Edited by mattom, 01 June 2009 - 02:15 PM.


#10 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 03:01 PM

Hi mattom,

I should have know it was dutch by the letter. I can see it now. :thumbup2:

Please show hidden files and folders
  • Please go to VirSCAN.org FREE on-line scan service
  • Copy and paste the following file path into the "Suspicious files to scan"box on the top of the page:
    • c:\documents and settings\Matthias\Bureaublad\Wow gliter\bqda.sys
      C:\487656.bat
      C:\tj.vbs
  • Click on the Upload button
  • Once the Scan is completed, click on the "Copy to Clipboard" button. This will copy the link of the report into the Clipboard.
  • Paste the contents of the Clipboard in your next reply.
If VirScan.org server is too busy, please submit the file to VirusTotal instead.

Edited by SifuMike, 01 June 2009 - 03:02 PM.

If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#11 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 03:11 PM

C:\487656.bat


Bestand 487656.bat ontvangen op 2009.06.01 20:06:21 (UTC)
Antivirus Versie Laatst geŘpdatet Resultaat
a-squared 4.0.0.101 2009.06.01 -
AhnLab-V3 5.0.0.2 2009.06.01 -
AntiVir 7.9.0.180 2009.06.01 -
Antiy-AVL 2.0.3.1 2009.06.01 -
Authentium 5.1.2.4 2009.06.01 -
Avast 4.8.1335.0 2009.05.31 -
AVG 8.5.0.339 2009.06.01 -
BitDefender 7.2 2009.06.01 -
CAT-QuickHeal 10.00 2009.06.01 -
ClamAV 0.94.1 2009.06.01 -
Comodo 1230 2009.06.01 -
DrWeb 5.0.0.12182 2009.05.29 -
eSafe 7.0.17.0 2009.06.01 -
eTrust-Vet 31.6.6533 2009.06.01 -
F-Prot 4.4.4.56 2009.06.01 -
F-Secure 8.0.14470.0 2009.06.01 -
Fortinet 3.117.0.0 2009.06.01 -
GData 19 2009.06.01 -
Ikarus T3.1.1.57.0 2009.06.01 -
K7AntiVirus 7.10.749 2009.05.29 -
Kaspersky 7.0.0.125 2009.06.01 -
McAfee 5633 2009.06.01 -
McAfee+Artemis 5633 2009.06.01 -
McAfee-GW-Edition 6.7.6 2009.05.29 -
Microsoft 1.4701 2009.06.01 -
NOD32 4120 2009.06.01 -
Norman 6.01.05 2009.06.01 -
nProtect 2009.1.8.0 2009.06.01 -
Panda 10.0.0.14 2009.06.01 -
PCTools 4.4.2.0 2009.06.01 -
Prevx 3.0 2009.06.01 -
Rising 21.32.04.00 2009.06.01 -
Sophos 4.42.0 2009.06.01 -
Sunbelt 3.2.1858.2 2009.05.31 -
Symantec 1.4.4.12 2009.06.01 -
TheHacker 6.3.4.3.335 2009.06.01 -
TrendMicro 8.950.0.1092 2009.06.01 -
VBA32 3.12.10.6 2009.05.31 -
ViRobot 2009.6.1.1763 2009.06.01 -
VirusBuster 4.6.5.0 2009.05.31 -
Extra informatie
File size: 180 bytes
MD5...: a7c8e24709c4b45d02f22d38ccb6de30
SHA1..: 114cc15a5a58a5126bf11d35c40318422ca11eef
SHA256: 65fec5e72e518ad0259fa8bd9dcf8ab7fe865f9cf89d85fcbe8a2c5b785b3e57
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-


C:\tj.vbs


Bestand tj.vbs ontvangen op 2009.06.01 20:09:56 (UTC)
Antivirus Versie Laatst geŘpdatet Resultaat
a-squared 4.0.0.101 2009.06.01 -
AhnLab-V3 5.0.0.2 2009.06.01 -
AntiVir 7.9.0.180 2009.06.01 -
Antiy-AVL 2.0.3.1 2009.06.01 -
Authentium 5.1.2.4 2009.06.01 -
Avast 4.8.1335.0 2009.05.31 -
AVG 8.5.0.339 2009.06.01 -
BitDefender 7.2 2009.06.01 -
CAT-QuickHeal 10.00 2009.06.01 -
ClamAV 0.94.1 2009.06.01 -
Comodo 1230 2009.06.01 -
DrWeb 5.0.0.12182 2009.05.29 -
eSafe 7.0.17.0 2009.06.01 -
eTrust-Vet 31.6.6533 2009.06.01 -
F-Prot 4.4.4.56 2009.06.01 -
F-Secure 8.0.14470.0 2009.06.01 -
Fortinet 3.117.0.0 2009.06.01 -
GData 19 2009.06.01 -
Ikarus T3.1.1.57.0 2009.06.01 -
K7AntiVirus 7.10.749 2009.05.29 -
Kaspersky 7.0.0.125 2009.06.01 -
McAfee 5633 2009.06.01 -
McAfee+Artemis 5633 2009.06.01 -
McAfee-GW-Edition 6.7.6 2009.05.29 VBScript.Vulnerable.gen!High (suspicious)
Microsoft 1.4701 2009.06.01 -
NOD32 4120 2009.06.01 -
Norman 6.01.05 2009.06.01 -
nProtect 2009.1.8.0 2009.06.01 -
Panda 10.0.0.14 2009.06.01 -
PCTools 4.4.2.0 2009.06.01 -
Prevx 3.0 2009.06.01 -
Rising 21.32.04.00 2009.06.01 -
Sophos 4.42.0 2009.06.01 -
Sunbelt 3.2.1858.2 2009.05.31 -
Symantec 1.4.4.12 2009.06.01 -
TheHacker 6.3.4.3.335 2009.06.01 -
TrendMicro 8.950.0.1092 2009.06.01 -
VBA32 3.12.10.6 2009.05.31 -
ViRobot 2009.6.1.1763 2009.06.01 -
VirusBuster 4.6.5.0 2009.05.31 -
Extra informatie
File size: 105 bytes
MD5...: 3bb400831788b1ce609623f7e5604adf
SHA1..: 909350f8a4b341cfb5730cc260a38ed44cee3393
SHA256: 68368404f4dcbcf76b8545f5df476f4081ca404feaf23c62da00c94d6db31071
ssdeep: -<br>
PEiD..: -
TrID..: File type identification<br>Unknown!
PEInfo: -
PDFiD.: -
RDS...: NSRL Reference Data Set<br>-




Unfortunately it cant find this path

c:\documents and settings\Matthias\Bureaublad\Wow gliter\bqda.sys

#12 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 03:15 PM

Hi mattom,

I think that file is gone and thats why it is not finding it.

Looks good so far. :thumbup2:

Lets look for lingering viruses.

Please disable any running anti-virus program before running Kaspersky Online Scanner.
If you are unsure how to do this, see this topic: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/
Close any open browsers

Please do a scan with Kaspersky Online Scanner

You can refer to this animation by sundavis.


Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer.
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • In the drop down box labeled Files of type change the type to Text file.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.
This scanner will only scan. It does not remove any malware it finds.
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#13 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 01 June 2009 - 03:44 PM

Started the scan i've the feeling it's going to take allot of time.


I'm going to bed and let it scan


Gn i'll post the log tomorrow in the morning

#14 SifuMike

SifuMike

    malware expert


  • Members
  • 15,385 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Vancouver (not BC) WA (Not DC) USA
  • Local time:06:04 AM

Posted 01 June 2009 - 03:52 PM

Hi,


Yes, you are right. Kaspersky takes forever to complete. It is slow but through.

See you tormorrow. :thumbup2:
If I've saved you time & money,
please make a donation so I can keep helping people just like you! You can donate using a credit card and PayPal. Thank you!



Posted Image

Asking for help via Private Message or Mail will be ignored - So If you need help, post your problem in the forum.

#15 mattom

mattom
  • Topic Starter

  • Members
  • 34 posts
  • OFFLINE
  •  
  • Local time:03:04 PM

Posted 02 June 2009 - 06:37 AM

Hi


I've been scanning for 12 hours and it was still at 5% so i think this won't work :/


greetings mattom




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users