Vraag & Antwoord

Beveiliging & privacy

popup internet explorer

Anoniem
None
40 antwoorden
  • Neen, tot nu toe is alles dik in orde, nog altyd geen popup gehad..
    Egt bedankt!!
  • mooi zo.
  • Hallo,

    Ik heb hetzelfdeprobleem met mijn pc.
    Ik zie iedereen steeds die 2 log's plaatsen, is er nog geen handigere manier om dit weer ongedaan te krijgen? Kanme voorstellen dat jullie die ook vervelend vinden om steeds te moeten uitzoeken….

    Hier in ieder geval de 2 log's:

    [b:7cce03da09]HJT[/b:7cce03da09]
    [quote:7cce03da09]Logfile of HijackThis v1.99.1
    Scan saved at 18:21:08, on 8-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    D:\Program Files\Nero 7\InCD\InCDsrv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    d:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Logitech\MouseWare\system\em_exec.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    D:\Program Files\Nero 7\InCD\InCD.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    D:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    D:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Documents and Settings\Arjen L\Bureaublad\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nu.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.nu.nl/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] D:\Program Files\Nero 7\InCD\InCD.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [RemoteControl] "d:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "d:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [AdminRoadTickIdol] C:\Documents and Settings\All Users\Application Data\mix each admin road\corn boob.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LDM] d:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [BOOBGPL] C:\DOCUME~1\ARJENL~1\APPLIC~1\SECOND~1\LoveBatReadme.exe
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = D:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Snelstart HP Image Zone.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Openen in een nieuwe achtergrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/229?f5743e2693774bcea6548b77b88dd7e8
    O8 - Extra context menu item: Openen in een nieuwe voorgrondtab - res://C:\Program Files\Windows Live Toolbar\Components\nl-nl\msntabres.dll.mui/230?f5743e2693774bcea6548b77b88dd7e8
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1157313868406
    O18 - Protocol: bw+0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {D68BF6E0-D312-4963-8E99-9709B0ACEFC5} - d:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero 7\InCD\InCDsrv.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
    O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
    O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScsiAccess - Unknown owner - d:\Program Files\Photodex\CompuPicPro\ScsiAccess.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    [/quote:7cce03da09]

    En dan [b:7cce03da09]Combofix[/b:7cce03da09]:
    [quote:7cce03da09]Arjen L - 07-01-08 18:14:18,31 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Arjen L\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2006-12-08 to 2007-01-08 ))))))))))))))))))))))))))))))))))


    2007-01-07 21:19 <DIR> d——– C:\Documents and Settings\Arjen L\Application Data\SecondFreeAim
    2007-01-07 11:09 <DIR> d——– C:\Program Files\SecondFreeAim
    2007-01-07 11:09 <DIR> d——– C:\Documents and Settings\All Users\Application Data\mix each admin road
    2007-01-05 00:52 <DIR> d——– C:\WINDOWS\WBEM
    2007-01-05 00:52 <DIR> d——– C:\WINDOWS\system32\nl-nl
    2007-01-05 00:51 <DIR> d–h-c— C:\WINDOWS\ie7
    2007-01-05 00:50 121,856 ——— C:\WINDOWS\system32\xmllite.dll
    2007-01-05 00:49 <DIR> d——– C:\WINDOWS\network diagnostic
    2006-12-27 17:16 <DIR> d——– C:\Program Files\Common Files\PCSuite
    2006-12-27 17:16 <DIR> d——– C:\Program Files\Common Files\Nokia
    2006-12-27 17:14 <DIR> d–hs—- C:\Config.Msi
    2006-12-27 17:14 <DIR> d——– C:\Program Files\PC Connectivity Solution
    2006-12-27 17:12 9,216 –a—— C:\WINDOWS\system32\drivers\nmwcdc.sys
    2006-12-27 17:12 4,608 –a—— C:\WINDOWS\system32\nmwcdlog.dll
    2006-12-27 17:12 30,720 –a—— C:\WINDOWS\system32\nmwcdcocls.dll
    2006-12-27 17:12 138,240 –a—— C:\WINDOWS\system32\drivers\nmwcd.sys
    2006-12-27 17:12 12,800 –a—— C:\WINDOWS\system32\drivers\nmwcdcm.sys
    2006-12-27 17:12 <DIR> d——– C:\Program Files\Nokia
    2006-12-13 15:56 <DIR> d——– C:\Program Files\Common Files\Avery


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-01-05 00:57 ——– d——– C:\Program Files\Internet Explorer
    2006-12-30 19:10 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Vso
    2006-12-29 15:09 12990 –a—— C:\Documents and Settings\Arjen L\Application Data\Microsoft Excel.CAL
    2006-12-27 17:16 ——– d——– C:\Program Files\Common Files
    2006-12-25 12:35 ——– d——– C:\Program Files\Java
    2006-12-22 04:21 48776 –a—— C:\WINDOWS\system32\S32EVNT1.DLL
    2006-12-22 04:21 115000 –a—— C:\WINDOWS\system32\drivers\SYMEVENT.SYS
    2006-12-22 04:21 ——– d——– C:\Program Files\Symantec
    2006-12-19 23:25 ——– d——– C:\Program Files\Common Files\Adobe
    2006-12-19 23:25 ——– d——– C:\Documents and Settings\Arjen L\Application Data\AdobeUM
    2006-12-18 21:44 ——– d——– C:\Program Files\Common Files\Symantec Shared
    2006-12-17 09:44 ——– d——– C:\Documents and Settings\Arjen L\Application Data\BitTorrent
    2006-12-13 16:19 ——– d——– C:\Program Files\Outlook Express
    2006-12-13 16:19 ——– d——– C:\Program Files\Common Files\System
    2006-12-13 16:12 ——– d—s—- C:\Documents and Settings\Arjen L\Application Data\Microsoft
    2006-12-13 14:05 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Macromedia
    2006-12-12 16:34 ——– d–h—– C:\Program Files\InstallShield Installation Information
    2006-12-07 17:19 ——– d——– C:\Documents and Settings\Arjen L\Application Data\ATI
    2006-12-07 17:15 ——– d——– C:\Program Files\ATI Technologies
    2006-12-06 22:03 32768 –a—— C:\WINDOWS\vtrdrv.exe
    2006-12-06 04:49 ——– d——– C:\Program Files\Windows Media Player
    2006-12-06 04:49 ——– d——– C:\Program Files\Windows Media Connect 2
    2006-11-27 09:45 60416 ——— C:\WINDOWS\system32\tzchange.exe
    2006-11-23 20:22 ——– d——– C:\Program Files\MSN Messenger
    2006-11-17 16:54 ——– d——– C:\Program Files\Norton AntiVirus
    2006-11-15 10:57 ——– d——– C:\Program Files\MSXML 4.0
    2006-11-12 16:18 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Apple Computer
    2006-11-11 20:38 ——– d——– C:\Program Files\iTunes
    2006-11-11 20:38 ——– d——– C:\Program Files\iPod
    2006-11-11 20:37 ——– d——– C:\Program Files\QuickTime
    2006-11-11 17:22 ——– d——– C:\Program Files\Adobe
    2006-11-11 17:22 ——– d——– C:\Documents and Settings\Arjen L\Application Data\Adobe
    2006-11-11 17:11 ——– d——– C:\Documents and Settings\Arjen L\Application Data\CyberLink
    2006-11-11 17:10 ——– d——– C:\Program Files\Cyberlink
    2006-11-08 06:07 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-11-07 21:03 6049280 ——— C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 ——— C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 ——— C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 –a—— C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 –a—— C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 ——— C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 –a—— C:\WINDOWS\system32\msls31.dll
    2006-11-07 03:27 382976 –a—— C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 –a—— C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 –a—— C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 –a—— C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 –a—— C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 –a—— C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 –a—— C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 –a—— C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 –a—— C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 –a—— C:\WINDOWS\system32\ieakui.dll
    2006-11-06 11:35 531568 –a—— C:\WINDOWS\system32\RmActivate_isv.exe
    2006-11-06 11:35 523376 –a—— C:\WINDOWS\system32\RmActivate.exe
    2006-11-06 11:35 519280 –a—— C:\WINDOWS\system32\SecProc_isv.dll
    2006-11-06 11:35 518768 –a—— C:\WINDOWS\system32\SecProc.dll
    2006-11-06 11:35 358000 –a—— C:\WINDOWS\system32\RmActivate_ssp.exe
    2006-11-06 11:35 354416 –a—— C:\WINDOWS\system32\RmActivate_ssp_isv.exe
    2006-11-06 11:35 323696 –a—— C:\WINDOWS\system32\msdrm.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp_isv.dll
    2006-11-06 11:35 192624 –a—— C:\WINDOWS\system32\SecProc_ssp.dll
    2006-11-04 14:14 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2006-11-02 23:35 8271872 –a—— C:\WINDOWS\system32\wmploc.dll
    2006-11-02 22:53 99840 –a—— C:\WINDOWS\system32\wmpshell.dll
    2006-11-02 22:52 257536 –a—— C:\WINDOWS\system32\wmerror.dll
    2006-11-02 22:50 7680 –a—— C:\WINDOWS\system32\asferror.dll
    2006-11-02 11:52 42496 ——— C:\WINDOWS\system32\wpdshextres.dll
    2006-11-01 17:52 81920 –a—— C:\Documents and Settings\Arjen L\Application Data\ezpinst.exe
    2006-11-01 17:52 7176 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.cat
    2006-11-01 17:52 47360 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.sys
    2006-11-01 17:52 34 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.log
    2006-11-01 17:52 1144 –a—— C:\Documents and Settings\Arjen L\Application Data\pcouffin.inf
    2006-10-26 11:06 13029 –a—— C:\Documents and Settings\Arjen L\Application Data\Door lijstscheidingstekens gescheiden waarden (Windows).CAL
    2006-10-23 10:19 51060 –a—— C:\WINDOWS\system32\pdf995mon.dll
    2006-10-23 10:19 118784 –a—— C:\WINDOWS\system32\pdfmona.dll
    2006-10-20 02:39 714752 –a—— C:\WINDOWS\system32\sxs.dll
    2006-10-19 20:38 831048 –a—— C:\WINDOWS\system32\WudfUpdate_01005.dll
    2006-10-19 19:59 33977 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_HP_CounterReport_Update_HPSU.log
    2006-10-19 19:58 2128 –a—— C:\Documents and Settings\Arjen L\Application Data\HPSU_48BitScanUpdate.log
    2006-10-19 19:57 361 –a—— C:\Documents and Settings\Arjen L\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
    2006-10-19 19:57 2472 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_HP_ISRegionListUpdatelog_HPSU.log
    2006-10-19 19:57 0 –a—— C:\Documents and Settings\Arjen L\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
    2006-10-19 19:54 3704 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_IZClosingDiscError.log
    2006-10-19 19:54 2896 –a—— C:\Documents and Settings\Arjen L\Application Data\PatchUpdate_InstantShareJPG.log
    2006-10-19 19:53 84698 –a—— C:\Documents and Settings\Arjen L\Application Data\Update_HP_RedboxHprblog_HPSU.log
    2006-10-19 19:50 139264 –a—— C:\WINDOWS\system32\hpzjrd01.dll
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\wdfmgr.exe
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\uwdf.exe
    2006-10-18 21:47 991744 –a—— C:\WINDOWS\system32\drmv2clt.dll
    2006-10-18 21:47 937984 –a—— C:\WINDOWS\system32\WMNetMgr.dll
    2006-10-18 21:47 767488 ——— C:\WINDOWS\system32\WMVSENCD.dll
    2006-10-18 21:47 757248 –a—— C:\WINDOWS\system32\WMADMOD.dll
    2006-10-18 21:47 656896 ——— C:\WINDOWS\system32\WMVXENCD.dll
    2006-10-18 21:47 63488 –a—— C:\WINDOWS\system32\wpdmtpus.dll
    2006-10-18 21:47 629760 –a—— C:\WINDOWS\system32\wpd_ci.dll
    2006-10-18 21:47 613376 ——— C:\WINDOWS\system32\wmpmde.dll
    2006-10-18 21:47 603648 –a—— C:\WINDOWS\system32\WMSPDMOD.dll
    2006-10-18 21:47 542720 –a—— C:\WINDOWS\system32\blackbox.dll
    2006-10-18 21:47 535040 ——— C:\WINDOWS\system32\wmdrmsdk.dll
    2006-10-18 21:47 429056 –a—— C:\WINDOWS\system32\wmdrmdev.dll
    2006-10-18 21:47 414208 –a—— C:\WINDOWS\system32\msscp.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\WMVADVE.DLL
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\WMVADVD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wdfapi.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MPG4DMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP4SDMOD.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\MP43DMOD.dll
    2006-10-18 21:47 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2006-10-18 21:47 35840 –a—— C:\WINDOWS\system32\wpdconns.dll
    2006-10-18 21:47 356352 –a—— C:\WINDOWS\system32\wpdsp.dll
    2006-10-18 21:47 348672 –a—— C:\WINDOWS\system32\wmdrmnet.dll
    2006-10-18 21:47 33792 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2006-10-18 21:47 321536 –a—— C:\WINDOWS\system32\mswmdm.dll
    2006-10-18 21:47 317440 ——— C:\WINDOWS\system32\MP4SDECD.dll
    2006-10-18 21:47 314880 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2006-10-18 21:47 295936 ——— C:\WINDOWS\system32\wmpeffects.dll
    2006-10-18 21:47 284160 ——— C:\WINDOWS\system32\PortableDeviceApi.dll
    2006-10-18 21:47 276992 –a—— C:\WINDOWS\system32\audiodev.dll
    2006-10-18 21:47 27136 –a—— C:\WINDOWS\system32\mspmsnsv.dll
    2006-10-18 21:47 2603008 ——— C:\WINDOWS\system32\WpdShext.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MPG4DECD.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\MP43DECD.dll
    2006-10-18 21:47 2450944 –a—— C:\WINDOWS\system32\wmvcore.dll
    2006-10-18 21:47 242688 –a—— C:\WINDOWS\system32\wmpasf.dll
    2006-10-18 21:47 229376 –a—— C:\WINDOWS\system32\cewmdm.dll
    2006-10-18 21:47 222208 –a—— C:\WINDOWS\system32\WMASF.dll
    2006-10-18 21:47 212992 ——— C:\WINDOWS\system32\MFPLAT.dll
    2006-10-18 21:47 211456 –a—— C:\WINDOWS\system32\qasf.dll
    2006-10-18 21:47 204288 –a—— C:\WINDOWS\system32\wmpsrcwp.dll
    2006-10-18 21:47 199168 ——— C:\WINDOWS\system32\PortableDeviceWMDRM.dll
    2006-10-18 21:47 179712 –a—— C:\WINDOWS\system32\msnetobj.dll
    2006-10-18 21:47 175616 –a—— C:\WINDOWS\system32\mspmsp.dll
    2006-10-18 21:47 166912 ——— C:\WINDOWS\system32\PortableDeviceTypes.dll
    2006-10-18 21:47 1661440 –a—— C:\WINDOWS\system32\wmpencen.dll
    2006-10-18 21:47 1574912 ——— C:\WINDOWS\system32\WMVENCOD.dll
    2006-10-18 21:47 157184 –a—— C:\WINDOWS\system32\wmidx.dll
    2006-10-18 21:47 154624 –a—— C:\WINDOWS\system32\wpdmtp.dll
    2006-10-18 21:47 1543680 ——— C:\WINDOWS\system32\WMVDECOD.dll
    2006-10-18 21:47 1382912 ——— C:\WINDOWS\system32\WMVSDECD.dll
    2006-10-18 21:47 133632 ——— C:\WINDOWS\system32\WPDShServiceObj.dll
    2006-10-18 21:47 1329152 –a—— C:\WINDOWS\system32\WMSPDMOE.dll
    2006-10-18 21:47 132096 ——— C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
    2006-10-18 21:47 130048 ——— C:\WINDOWS\system32\wmpps.dll
    2006-10-18 21:47 11264 –a—— C:\WINDOWS\system32\LAPRXY.dll
    2006-10-18 21:47 1117696 –a—— C:\WINDOWS\system32\WMADMOE.dll
    2006-10-18 21:47 101888 ——— C:\WINDOWS\system32\PortableDeviceClassExtension.dll
    2006-10-18 20:03 100864 –a—— C:\WINDOWS\system32\logagent.exe
    2006-10-18 20:00 249856 ——— C:\WINDOWS\system32\drmupgds.exe
    2006-10-18 20:00 17408 ——— C:\WINDOWS\system32\wpdshextautoplay.exe
    2006-10-17 12:06 78336 –a—— C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 –a—— C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 ——— C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 –a—— C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 –a—— C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 –a—— C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 ——— C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 ——— C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 –a—— C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 ——— C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 –a—— C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 –a—— C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 ——— C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 13:41 144384 –a—— C:\WINDOWS\system32\nwprovau.dll
    2006-10-12 02:47 307200 –a—— C:\WINDOWS\system32\atiiiexx.dll
    2006-10-12 02:44 260608 –a—— C:\WINDOWS\system32\ati2dvag.dll
    2006-10-12 02:38 90112 –a—— C:\WINDOWS\system32\ati2evxx.dll
    2006-10-12 02:38 41984 –a—— C:\WINDOWS\system32\ati2edxx.dll
    2006-10-12 02:38 26112 –a—— C:\WINDOWS\system32\Ati2mdxx.exe
    2006-10-12 02:38 118784 –a—— C:\WINDOWS\system32\atipdlxx.dll
    2006-10-12 02:38 106496 –a—— C:\WINDOWS\system32\Oemdspif.dll
    2006-10-12 02:37 430080 –a—— C:\WINDOWS\system32\ati2evxx.exe
    2006-10-12 02:36 53248 –a—— C:\WINDOWS\system32\ATIDDC.DLL
    2006-10-12 02:31 2518336 –a—— C:\WINDOWS\system32\ati3duag.dll
    2006-10-12 02:26 1092960 –a—— C:\WINDOWS\system32\ativvaxx.dll
    2006-10-12 02:22 6684672 –a—— C:\WINDOWS\system32\atioglx1.dll
    2006-10-12 02:22 303104 –a—— C:\WINDOWS\system32\ATIDEMGR.dll
    2006-10-12 02:20 5148672 –a—— C:\WINDOWS\system32\atioglxx.dll
    2006-10-12 02:15 221184 –a—— C:\WINDOWS\system32\atikvmag.dll
    2006-10-12 02:14 17408 –a—— C:\WINDOWS\system32\atitvo32.dll
    2006-10-12 02:10 294912 –a—— C:\WINDOWS\system32\ati2cqag.dll
    2006-10-11 21:05 520192 ——— C:\WINDOWS\system32\ati2sgag.exe
    2006-10-11 17:26 58880 –a—— C:\WINDOWS\system32\pnrpnsp.dll
    2006-10-11 17:26 553984 –a—— C:\WINDOWS\system32\p2psvc.dll
    2006-10-11 17:26 313344 –a—— C:\WINDOWS\system32\p2pgraph.dll
    2006-10-11 17:26 153088 –a—— C:\WINDOWS\system32\p2p.dll
    2006-10-11 17:26 116224 –a—— C:\WINDOWS\system32\p2pnetsh.dll
    2006-10-11 17:26 104960 –a—— C:\WINDOWS\system32\p2pgasvc.dll
    2006-10-11 15:56 118784 -r——- C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe
    2006-10-10 08:54 50688 –a—— C:\WINDOWS\system32\nmwcdcls.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.5008\\GoogleToolbarNotifier.exe"
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "LDM"="d:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"
    "BOOBGPL"="C:\\DOCUME~1\\ARJENL~1\\APPLIC~1\\SECOND~1\\LoveBatReadme.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "SoundMAXPnP"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMax4PNP.exe"
    "SoundMAX"="\"C:\\Program Files\\Analog Devices\\SoundMAX\\Smax4.exe\" /tray"
    "ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
    "Logitech Utility"="Logi_MwX.Exe"
    "zBrowser Launcher"="C:\\Program Files\\Logitech\\iTouch\\iTouch.exe"
    "HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "InCD"="D:\\Program Files\\Nero 7\\InCD\\InCD.exe"
    "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
    "Adobe Photo Downloader"="\"D:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
    "HP Software Update"="D:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
    "RemoteControl"="\"d:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
    "LanguageShortcut"="\"d:\\Program Files\\CyberLink\\PowerDVD\\Language\\Language.exe\""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
    "PCSuiteTrayApplication"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -startup"
    "AdminRoadTickIdol"="C:\\Documents and Settings\\All Users\\Application Data\\mix each admin road\\corn boob.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000004

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "PcSync"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
    "PcSync"="D:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Preloader van browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Cache-daemon voor onderdeelcategorieën"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\81405E019DFFDA79.job
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Controleren op updates voor Windows Live Toolbar.job
    C:\WINDOWS\tasks\HPpromotions journeysoftware.job
    C:\WINDOWS\tasks\Norton AntiVirus - Run Full System Scan - Arjen L.job
    C:\WINDOWS\tasks\XoftSpySE.job

    Completion time: 07-01-08 18:16:29.00
    C:\ComboFix.txt … 07-01-08 18:16
    [/quote:7cce03da09]

    Alvast bedankt!

    Arjen
  • Je hebt een lop infectie.

    Start HJT opnieuw en doe een systemscan only, vink onderstaande regels aan sluit alle vensters behalve HJT en klik dan op fix checked.

    [b:1cea92a23a]
    O4 - HKLM\..\Run: [AdminRoadTickIdol] C:\Documents and Settings\All Users\Application Data\mix each admin road\corn boob.exe
    O4 - HKCU\..\Run: [BOOBGPL] C:\DOCUME~1\ARJENL~1\APPLIC~1\SECOND~1\LoveBatReadme.exe[/b:1cea92a23a]

    Start op in veilige modus.

    http://users.telenet.be/marcvn/spyware/1378056.htm


    Start je verkenner en verwijder deze bestanden.

    C:\Documents and Settings\All Users\Application Data\[b:1cea92a23a]mix each admin road\corn boob.exe[/b:1cea92a23a]
    C:\DOCUME~1\ARJENL~1\APPLIC~1\[b:1cea92a23a]SECOND~1\LoveBatReadme.exe[/b:1cea92a23a]


    Open Kladblok, en kopieer en plak de vetgedrukte tekst in een leeg venster :
    [b:1cea92a23a]@echo off
    attrib -h %windir%\tasks\*.job
    echo Lop Jobs deleted >logit.txt
    dir /B "%windir%\tasks\????????9???????.job" >>logit.txt
    del "%windir%\tasks\????????9???????.job"
    dir /B "%windir%\tasks\????????8???????.job" >>logit.txt
    del "%windir%\tasks\????????8???????.job"
    cls
    exit [/b:1cea92a23a]

    Ga naar Bestand > Opslaan als, en sla het op met als naam fix.bat op je Bureaublad,
    type: "alle typen", en klik op OK

    Sluit Kladblok, ga naar je Bureaublad en dubbelklik op fix.bat
    Op je Bureaublad verschijnt een tekstbestandje (logit.txt)
    Post de inhoud daarvan straks hier.

    Start opnieuw op in normale modus en plaats een nieuw logje.
    Juisterr
  • Hi Guys,

    Nou ik heb dus ook hetzelfde probleem als hierboven. Zou top zijn als iemand mij hier ook vanaf kan helpen. Thanx alvast!

    Hierbij de logs

    Logfile of HijackThis v1.99.1
    Scan saved at 19:06, on 07-01-13
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchosts.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\{48AC8CB8-05D8-1043-0124-06111420001f}\Update.exe
    C:\WINDOWS\system32\nfomon\nfomon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\DOCUME~1\Bas\APPLIC~1\PPATCH~1\winword.exe
    C:\Program Files\a?sembly\d?dplay.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Everest Poker\Everest Poker.exe
    C:\Documents and Settings\Bas\Bureaublad\combofix.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\cmd.exe
    C:\Program Files\Hijack This\hijackthis.exe
    C:\WINDOWS\system32\findstr.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=DW
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default.aspx?c=nl&l=nl&s=gen
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
    R3 - URLSearchHook: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
    O2 - BHO: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O2 - BHO: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38AC8~1\Bar888.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Bar888 - {C1B4DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\COMMON~1\{38AC8~1\Bar888.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [{48AC8CB8-05D8-1043-0124-06111420001f}] "C:\Program Files\Common Files\{48AC8CB8-05D8-1043-0124-06111420001f}\Update.exe" te-110-12-0000245
    O4 - HKLM\..\Run: [IpWins] C:\Program Files\Ipwindows\ipwins.exe
    O4 - HKLM\..\Run: [Nfo] C:\WINDOWS\system32\nfomon\nfomon.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Swrm] "C:\DOCUME~1\Bas\APPLIC~1\PPATCH~1\winword.exe" -vt yazb
    O4 - HKCU\..\Run: [Cxpdmrg] C:\Program Files\a?sembly\d?dplay.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/SITE/xupload/XUpload.ocx
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: COM+ Messages - Unknown owner - C:\WINDOWS\system32\svchosts.exe" -e te-110-12-0000245 (file missing)
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

    "Bas" - 07-01-13 19:05:21 Service Pack 2
    ComboFix 07-01-14 - Running from: "C:\Documents and Settings\Bas\Bureaublad"

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\Program Files\Common Files\Yazzle1122OinAdmin.exe
    C:\Program Files\Common Files\Yazzle1122OinUninstaller.exe
    C:\Program Files\Ipwindows\ipwins.dll
    C:\Program Files\Ipwindows\ipwins.exe
    C:\WINDOWS\system32\unsvchosts.lzma
    C:\Program Files\Inetget2
    C:\Program Files\Outerinfo
    C:\Program Files\Ipwindows
    C:\WINDOWS\system32\svchosts.exe
    C:\Program Files\Common Files\{38AC8~1
    C:\Program Files\Common Files\{48AC8~1
    ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
    Folders Quarantined:
    C:\qoobox\purity\DOCUME~1
    C:\qoobox\purity\DOCUME~1\Bas
    C:\qoobox\purity\DOCUME~1\Bas\Application Data
    C:\qoobox\purity\DOCUME~1\Bas\Application Data\from.txt
    C:\qoobox\purity\DOCUME~1\Bas\Application Data\PPATCH~1
    C:\qoobox\purity\DOCUME~1\Bas\Application Data\PPATCH~1\winword.exe
    C:\qoobox\purity\DOCUME~1\Bas\Application Data\PPATCH~1\??pPatch
    C:\qoobox\purity\Program Files\ASEMBL~1
    C:\qoobox\purity\Program Files\ASEMBL~1\d?dplay.exe


    ((((((((((((((((((((((((((((((( Files Created from 2006-12-13 to 2007-01-13 ))))))))))))))))))))))))))))))))))


    2007-01-13 19:08 <DIR> d——– C:\WINDOWS\erdnt
    2007-01-13 19:03 <DIR> d——– C:\Program Files\Hijack This
    2007-01-12 23:45 57,344 –a—— C:\WINDOWS\system32\xvdjh.dll
    2007-01-12 23:45 2 –a—— C:\WINDOWS\system32\wnscpcc.exe
    2007-01-12 17:12 <DIR> d–h—– C:\WINDOWS\system32\nfomon
    2007-01-12 17:12 <DIR> d–h—– C:\Program Files\Common Files\Uninstall Information
    2007-01-12 17:12 <DIR> d–h—– C:\DOCUME~1\ALLUSE~1\Application Data\nfo
    2007-01-12 12:57 28,672 –a—— C:\WINDOWS\system32\drivers\CO_Mon.sys
    2007-01-11 18:17 92,485 –a—— C:\tdd.exe
    2007-01-11 14:32 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Adobe
    2007-01-06 00:40 <DIR> d——– C:\Program Files\Everest Poker
    2006-12-24 15:52 <DIR> d——– C:\DOCUME~1\Brenda\Application Data\Toshiba
    2006-12-13 09:33 <DIR> d——– C:\Program Files\Hyves Kwekker


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-01-13 14:49 ——– d——– C:\Program Files\Common Files\symantec shared
    2007-01-12 17:38 ——– d——– C:\Program Files\norton systemworks
    2007-01-11 14:32 ——– d——– C:\Program Files\Common Files\adobe
    2007-01-11 14:18 ——– d——– C:\Documents and Settings\Bas\Application Data\adobeum
    2006-12-11 21:14 ——– d——– C:\Program Files\windows media connect 2
    2006-12-03 16:00 ——– d——– C:\Documents and Settings\Bas\Application Data\toshiba
    2006-12-03 15:54 ——– d——– C:\Program Files\toshiba
    2006-11-21 10:43 ——– d——– C:\Program Files\msxml 4.0
    2006-11-20 17:49 ——– d–h—– C:\Program Files\installshield installation information
    2006-11-20 17:49 ——– d——– C:\Program Files\samsung
    2006-11-08 06:07 679424 –a—— C:\WINDOWS\system32\inetcomm.dll
    2006-11-04 14:14 1245696 –a—— C:\WINDOWS\system32\msxml4.dll
    2006-11-02 23:35 8271872 –a—— C:\WINDOWS\system32\wmploc.dll
    2006-11-02 22:53 99840 –a—— C:\WINDOWS\system32\wmpshell.dll
    2006-11-02 22:52 257536 –a—— C:\WINDOWS\system32\wmerror.dll
    2006-11-02 22:50 7680 –a—— C:\WINDOWS\system32\asferror.dll
    2006-11-02 11:52 42496 ——— C:\WINDOWS\system32\wpdshextres.dll
    2006-10-20 02:39 714752 –a—— C:\WINDOWS\system32\sxs.dll
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\wdfmgr.exe
    2006-10-18 21:58 8704 –a—— C:\WINDOWS\system32\uwdf.exe
    2006-10-18 21:47 991744 –a—— C:\WINDOWS\system32\drmv2clt.dll
    2006-10-18 21:47 937984 –a—— C:\WINDOWS\system32\wmnetmgr.dll
    2006-10-18 21:47 767488 ——— C:\WINDOWS\system32\wmvsencd.dll
    2006-10-18 21:47 757248 –a—— C:\WINDOWS\system32\wmadmod.dll
    2006-10-18 21:47 656896 ——— C:\WINDOWS\system32\wmvxencd.dll
    2006-10-18 21:47 63488 –a—— C:\WINDOWS\system32\wpdmtpus.dll
    2006-10-18 21:47 629760 –a—— C:\WINDOWS\system32\wpd_ci.dll
    2006-10-18 21:47 613376 ——— C:\WINDOWS\system32\wmpmde.dll
    2006-10-18 21:47 603648 –a—— C:\WINDOWS\system32\wmspdmod.dll
    2006-10-18 21:47 542720 –a—— C:\WINDOWS\system32\blackbox.dll
    2006-10-18 21:47 535040 ——— C:\WINDOWS\system32\wmdrmsdk.dll
    2006-10-18 21:47 429056 –a—— C:\WINDOWS\system32\wmdrmdev.dll
    2006-10-18 21:47 414208 –a—— C:\WINDOWS\system32\msscp.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvadve.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmvadvd.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmoe2.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wmsdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\wdfapi.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\mpg4dmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\mp4sdmod.dll
    2006-10-18 21:47 4096 –a—— C:\WINDOWS\system32\mp43dmod.dll
    2006-10-18 21:47 37376 –a—— C:\WINDOWS\system32\wmdmps.dll
    2006-10-18 21:47 35840 –a—— C:\WINDOWS\system32\wpdconns.dll
    2006-10-18 21:47 356352 –a—— C:\WINDOWS\system32\wpdsp.dll
    2006-10-18 21:47 348672 –a—— C:\WINDOWS\system32\wmdrmnet.dll
    2006-10-18 21:47 33792 –a—— C:\WINDOWS\system32\wmdmlog.dll
    2006-10-18 21:47 321536 –a—— C:\WINDOWS\system32\mswmdm.dll
    2006-10-18 21:47 317440 ——— C:\WINDOWS\system32\mp4sdecd.dll
    2006-10-18 21:47 314880 –a—— C:\WINDOWS\system32\wmpdxm.dll
    2006-10-18 21:47 295936 ——— C:\WINDOWS\system32\wmpeffects.dll
    2006-10-18 21:47 284160 ——— C:\WINDOWS\system32\portabledeviceapi.dll
    2006-10-18 21:47 27136 –a—— C:\WINDOWS\system32\mspmsnsv.dll
    2006-10-18 21:47 2603008 ——— C:\WINDOWS\system32\wpdshext.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\mpg4decd.dll
    2006-10-18 21:47 259072 ——— C:\WINDOWS\system32\mp43decd.dll
    2006-10-18 21:47 2450944 –a—— C:\WINDOWS\system32\wmvcore.dll
    2006-10-18 21:47 242688 –a—— C:\WINDOWS\system32\wmpasf.dll
    2006-10-18 21:47 229376 –a—— C:\WINDOWS\system32\cewmdm.dll
    2006-10-18 21:47 222208 –a—— C:\WINDOWS\system32\wmasf.dll
    2006-10-18 21:47 212992 ——— C:\WINDOWS\system32\mfplat.dll
    2006-10-18 21:47 211456 –a—— C:\WINDOWS\system32\qasf.dll
    2006-10-18 21:47 204288 –a—— C:\WINDOWS\system32\wmpsrcwp.dll
    2006-10-18 21:47 199168 ——— C:\WINDOWS\system32\portabledevicewmdrm.dll
    2006-10-18 21:47 179712 –a—— C:\WINDOWS\system32\msnetobj.dll
    2006-10-18 21:47 175616 –a—— C:\WINDOWS\system32\mspmsp.dll
    2006-10-18 21:47 166912 ——— C:\WINDOWS\system32\portabledevicetypes.dll
    2006-10-18 21:47 1661440 –a—— C:\WINDOWS\system32\wmpencen.dll
    2006-10-18 21:47 1574912 ——— C:\WINDOWS\system32\wmvencod.dll
    2006-10-18 21:47 157184 –a—— C:\WINDOWS\system32\wmidx.dll
    2006-10-18 21:47 154624 –a—— C:\WINDOWS\system32\wpdmtp.dll
    2006-10-18 21:47 1543680 ——— C:\WINDOWS\system32\wmvdecod.dll
    2006-10-18 21:47 1382912 ——— C:\WINDOWS\system32\wmvsdecd.dll
    2006-10-18 21:47 133632 ——— C:\WINDOWS\system32\wpdshserviceobj.dll
    2006-10-18 21:47 1329152 –a—— C:\WINDOWS\system32\wmspdmoe.dll
    2006-10-18 21:47 132096 ——— C:\WINDOWS\system32\portabledevicewiacompat.dll
    2006-10-18 21:47 130048 ——— C:\WINDOWS\system32\wmpps.dll
    2006-10-18 21:47 11264 –a—— C:\WINDOWS\system32\laprxy.dll
    2006-10-18 21:47 1117696 –a—— C:\WINDOWS\system32\wmadmoe.dll
    2006-10-18 21:47 101888 ——— C:\WINDOWS\system32\portabledeviceclassextension.dll
    2006-10-18 20:03 100864 –a—— C:\WINDOWS\system32\logagent.exe
    2006-10-18 20:00 249856 ——— C:\WINDOWS\system32\drmupgds.exe
    2006-10-18 20:00 17408 ——— C:\WINDOWS\system32\wpdshextautoplay.exe
    2006-10-13 13:41 144384 –a—— C:\WINDOWS\system32\nwprovau.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "ModemOnHold"="C:\\Program Files\\NetWaiting\\netWaiting.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "Swrm"="\"C:\\DOCUME~1\\Bas\\APPLIC~1\\PPATCH~1\\winword.exe\" -vt yazb"
    "Cxpdmrg"="C:\\Program Files\\a?sembly\\d?dplay.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
    "SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_03\\bin\\jusched.exe"
    "SigmatelSysTrayApp"="stsystra.exe"
    "DVDLauncher"="\"C:\\Program Files\\CyberLink\\PowerDVD\\DVDLauncher.exe\""
    "Dell Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY"
    "Dell QuickSet"="C:\\Program Files\\Dell\\QuickSet\\quickset.exe"
    "ccApp"="C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe"
    "ccRegVfy"="C:\\Program Files\\Common Files\\Symantec Shared\\ccRegVfy.exe"
    "Symantec NetDriver Monitor"="C:\\PROGRA~1\\SYMNET~1\\SNDMon.exe /Consumer"
    "QD FastAndSafe"="C:\\Program Files\\Norton SystemWorks\\Norton CleanSweep\\QDCSFS.exe /startup"
    "UDC Integration"=""
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "Nfo"="C:\\WINDOWS\\system32\\nfomon\\nfomon.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    Usnsvc REG_MULTI_SZ usnsvc\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\Norton AntiVirus - Scan my computer.job
    C:\WINDOWS\tasks\Norton SystemWorks One Button Checkup.job
    C:\WINDOWS\tasks\Symantec NetDetect.job

    Completion time: 07-01-13 19:12:16

    Please let me know what to do !
  • Het is eigenlijk de bedoeling dat je een eigen topic begint en niet doorgaat in die van een andere topicstarter. Ik ga nu je logje bekijken, zo op het eerste gezicht is het niet hetzelfde probleem.

    momentje
  • Nu heb je eerst een logje gemaakt en daarna een combofix gedraait die het een en andere verwijderd heeft.


    Als je het nog niet hebt gedaan, ga naar start>configuratiescherm>software
    Deinstalleer MSN/Windows live messenger en herstart daarna je PC !!!

    Download [b:51702eec5c]ATF cleaner[/b:51702eec5c] (by Atribune)

    Dubbelklik op ATF cleaner om het programma te starten.
    Op het tabblad "Main", plaats je een vinkje bij [b:51702eec5c]Select All[/b:51702eec5c].
    Klik op de knop [b:51702eec5c]Empty Selected[/b:51702eec5c].

    Gebruik je ook Firefox als browser:
    Klik op tabblad "Firefox", plaats een vinkje bij [b:51702eec5c]Select All[/b:51702eec5c].
    Wil je de door Firefox opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    (dit verwijdert het vinkje bij "Firefox saved passwords";)
    Klik op de knop [b:51702eec5c]Empty Selected[/b:51702eec5c].

    Gebruik je ook Opera als browser:
    Klik op tabblad "Opera", plaats een vinkje bij [b:51702eec5c]Select All[/b:51702eec5c].
    Wil je de door Opera opgeslagen wachtwoorden behouden, dan klik je in het venster dat verschijnt op "No".
    Klik op de knop [b:51702eec5c]Empty Selected[/b:51702eec5c].
    Ga naar het tabblad "Main" en klik op de knop [b:51702eec5c]Exit[/b:51702eec5c] om het programma af te sluiten.

    Download en installeer [b:51702eec5c]AVG Anti-Spyware[/b:51702eec5c].[list:51702eec5c]
    Na de installatie, open AVG Anti-Spyware:
    * onder "[b:51702eec5c]Status[/b:51702eec5c]", klik op [b:51702eec5c]Change state[/b:51702eec5c] naast "Resident shield". (wijzig van active naar [b:51702eec5c]inactive[/b:51702eec5c]!)
    * onder "[b:51702eec5c]Update[/b:51702eec5c]", klik op de [b:51702eec5c]Start update[/b:51702eec5c] knop.
    * onder "[b:51702eec5c]Scanner[/b:51702eec5c]", tab "Settings":[list:51702eec5c]- onder "How to act?", klik op "[u:51702eec5c]Recommended actions[/u:51702eec5c]" en selecteer [b:51702eec5c]Quarantine[/b:51702eec5c]. ([b:51702eec5c]ZEER BELANGRIJK![/b:51702eec5c])
    * onder "Reports", selecteer [b:51702eec5c]Automatically generate report after every scan[/b:51702eec5c] en [u:51702eec5c]verwijder[/u:51702eec5c] het vinkje bij [b:51702eec5c]Only if threats were found[/b:51702eec5c][/list:u:51702eec5c]
    Sluit AVG Anti-Spyware. Laat het [b:51702eec5c]nog niet[/b:51702eec5c] scannen.[/list:u:51702eec5c]

    Start op in veilige modus

    Start [b:51702eec5c]AVG Anti-Spyware[/b:51702eec5c].[list:51702eec5c]* Klik op [b:51702eec5c]Scan[/b:51702eec5c] en kies [b:51702eec5c]Complete System Scan[/b:51702eec5c].
    Na de scan; volg onderstaande instructies :
  • Ok alvast bedankt !

    Hier de report vd scan

    ———————————————————
    AVG Anti-Spyware - Scan Report
    ———————————————————

    + Created at: 20:13:17 14-1-2007

    + Scan result:



    HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : Cleaned with backup (quarantined).
    C:\Program Files\Common Files\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfo.ocx -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfomon.exe -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141239.dll -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141240.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141292.dll -> Adware.MaxSearch : Cleaned with backup (quarantined).
    C:\tdd.exe -> Adware.MaxSearch : Cleaned with backup (quarantined).
    C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll -> Adware.MyWay : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141547.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141548.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059293.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059294.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059295.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059296.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059297.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059298.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141288.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00144298.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144328.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144345.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144369.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144381.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144309.TXT -> TrackingCookie.Adtech : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\RECYCLER\NPROTECT\00144314.TXT -> TrackingCookie.Atdmt : Cleaned.
    C:\RECYCLER\NPROTECT\00144317.TXT -> TrackingCookie.Bfast : Cleaned.
    C:\RECYCLER\NPROTECT\00141976.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00143404.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00143885.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00144318.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144331.TXT -> TrackingCookie.Doubleclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144332.TXT -> TrackingCookie.Esomniture : Cleaned.
    C:\RECYCLER\NPROTECT\00144333.TXT -> TrackingCookie.Esomniture : Cleaned.
    C:\RECYCLER\NPROTECT\00143849.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00143850.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00143851.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144304.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144312.TXT -> TrackingCookie.Falkag : Cleaned.
    C:\RECYCLER\NPROTECT\00144313.TXT -> TrackingCookie.Falkag : Cleaned.
    C:\RECYCLER\NPROTECT\00144341.TXT -> TrackingCookie.Fastclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144363.TXT -> TrackingCookie.Fastclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144338.TXT -> TrackingCookie.Hitbox : Cleaned.
    C:\RECYCLER\NPROTECT\00144346.TXT -> TrackingCookie.Hitbox : Cleaned.
    C:\RECYCLER\NPROTECT\00144398.TXT -> TrackingCookie.Information : Cleaned.
    C:\RECYCLER\NPROTECT\00144364.TXT -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
    C:\RECYCLER\NPROTECT\00144407.TXT -> TrackingCookie.Onestat : Cleaned.
    C:\RECYCLER\NPROTECT\00144306.TXT -> TrackingCookie.Pointroll : Cleaned.
    C:\RECYCLER\NPROTECT\00144384.TXT -> TrackingCookie.Questionmarket : Cleaned.
    C:\RECYCLER\NPROTECT\00144389.TXT -> TrackingCookie.Revenue : Cleaned.
    C:\RECYCLER\NPROTECT\00144319.TXT -> TrackingCookie.Serving-sys : Cleaned.
    C:\RECYCLER\NPROTECT\00144399.TXT -> TrackingCookie.Serving-sys : Cleaned.
    C:\RECYCLER\NPROTECT\00144408.TXT -> TrackingCookie.Statcounter : Cleaned.
    C:\RECYCLER\NPROTECT\00139832.TXT -> TrackingCookie.Tacoda : Cleaned.
    C:\RECYCLER\NPROTECT\00144412.TXT -> TrackingCookie.Tacoda : Cleaned.
    C:\RECYCLER\NPROTECT\00144417.TXT -> TrackingCookie.Tradedoubler : Cleaned.
    C:\RECYCLER\NPROTECT\00144410.TXT -> TrackingCookie.Webtrendslive : Cleaned.
    C:\RECYCLER\NPROTECT\00143386.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143387.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143388.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143389.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143481.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143482.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143483.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143484.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143631.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143632.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143633.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143634.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143688.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143689.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143690.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143691.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143879.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143880.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143881.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143882.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143883.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00144302.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\WINDOWS\system32\wnscpcc.exe -> Trojan.Small : Cleaned with backup (quarantined).
    C:\Documents and Settings\All Users\Muziek\NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.zip/NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\Documents and Settings\All Users\Muziek\NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.zip/NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059185.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059185.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059186.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059186.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059187.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059187.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059188.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059188.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059189.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059189.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059190.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059190.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059191.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059191.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059192.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059192.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059193.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059193.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059194.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059194.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059195.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059195.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059196.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059196.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059197.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059197.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059198.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059198.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059199.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059199.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059200.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059200.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059201.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059201.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059202.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059202.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059203.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059203.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059204.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059204.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059205.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059205.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059206.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059206.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059208.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059208.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059209.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059209.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059210.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059210.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059211.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059211.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059212.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059212.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059213.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059213.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059214.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059214.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059215.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059215.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059216.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059216.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059217.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059217.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059218.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059218.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059219.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059219.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059220.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059220.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059221.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059221.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059222.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059222.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059223.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059223.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059224.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059224.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059225.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059225.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059226.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059226.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059227.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059227.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059228.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059228.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059229.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059229.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059230.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059230.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059231.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059231.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059232.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059232.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059233.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059233.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059234.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059234.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059235.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059235.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059236.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059236.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059237.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059237.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059238.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059238.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059239.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059239.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059240.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059240.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059241.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059241.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059242.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059242.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059243.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059243.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059244.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059244.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059245.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059245.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059246.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059246.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059247.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059247.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059248.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059248.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059249.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059249.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059250.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059250.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059251.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059251.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059252.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059252.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059253.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059253.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059254.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059254.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059255.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059255.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059256.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059256.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059257.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059257.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059258.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059258.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059259.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059259.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059260.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059260.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059261.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059261.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059262.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059262.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059263.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059263.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059264.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059264.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059265.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059265.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059266.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059266.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059267.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059267.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059268.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059268.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059269.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059269.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059270.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059270.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059271.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059271.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059272.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059272.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059273.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059273.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059274.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059274.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059275.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059275.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059276.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059276.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059277.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059277.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059278.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059278.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059279.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059279.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059280.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059280.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059281.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059281.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059282.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059282.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059283.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059283.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059284.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059284.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059285.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059285.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059287.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059287.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059290.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059291.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059299.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059299.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059300.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059300.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059301.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059301.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059302.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059302.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059303.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059303.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059304.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059304.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059305.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059305.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059306.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059306.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059307.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059307.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059308.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059308.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059309.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059309.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059310.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059310.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059311.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059311.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059312.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059312.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059313.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059313.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059314.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059314.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059315.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059315.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059316.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059316.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059317.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059317.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059318.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059318.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059319.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059319.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059320.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059320.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059321.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059321.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059322.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059322.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059323.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059323.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059324.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059324.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059325.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059325.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059326.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059326.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059328.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059328.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059329.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059329.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059330.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059330.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059331.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059331.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059332.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059332.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059333.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059333.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059334.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059334.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059335.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059335.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059336.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059336.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059337.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059337.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059338.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059338.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059339.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059339.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059340.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059340.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059341.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059341.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059343.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059343.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059344.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059344.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059345.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059345.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059346.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059346.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059347.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059347.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059348.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059348.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059349.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059349.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059350.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059350.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059351.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059351.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059352.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059352.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059353.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059353.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059354.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059354.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059355.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059355.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059356.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059356.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059357.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059357.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059358.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059358.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059359.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059359.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059360.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059360.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059361.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059361.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059362.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059362.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059363.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059363.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059364.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059364.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059365.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059365.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059366.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059366.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059367.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059367.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059368.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059368.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059369.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059369.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059370.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059370.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059371.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059371.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059372.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059372.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059373.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059373.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059374.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059374.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059375.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059375.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059376.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059376.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059377.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059377.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059378.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059378.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059379.EXE/td.exe -> Worm.Agent.v : Cleaned wi
  • volgens mij kwam m'n vorige bericht niet helemaal goed door

    ———————————————————
    AVG Anti-Spyware - Scan Report
    ———————————————————

    + Created at: 20:13:17 14-1-2007

    + Scan result:



    HKLM\SOFTWARE\Classes\VCCPGDATAACCESS.PgDataAccessCtrl.1 -> Adware.Delfin : Cleaned with backup (quarantined).
    C:\Program Files\Common Files\Uninstall Information\RemoveWebDP.exe -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfo.ocx -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfom.dll -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\nfomon\nfomon.exe -> Adware.DelphinMediaViewer : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141239.dll -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141240.exe -> Adware.Maxifiles : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141292.dll -> Adware.MaxSearch : Cleaned with backup (quarantined).
    C:\tdd.exe -> Adware.MaxSearch : Cleaned with backup (quarantined).
    C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll -> Adware.MyWay : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141547.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141548.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059293.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059294.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059295.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059296.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059297.dll -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059298.exe -> Adware.Softomate : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00141288.exe -> Downloader.Agent.bca : Cleaned with backup (quarantined).
    C:\RECYCLER\NPROTECT\00144298.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144328.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144345.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144369.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144381.TXT -> TrackingCookie.2o7 : Cleaned.
    C:\RECYCLER\NPROTECT\00144309.TXT -> TrackingCookie.Adtech : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
    C:\RECYCLER\NPROTECT\00144314.TXT -> TrackingCookie.Atdmt : Cleaned.
    C:\RECYCLER\NPROTECT\00144317.TXT -> TrackingCookie.Bfast : Cleaned.
    C:\RECYCLER\NPROTECT\00141976.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00143404.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00143885.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\RECYCLER\NPROTECT\00144318.TXT -> TrackingCookie.Bluestreak : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144331.TXT -> TrackingCookie.Doubleclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144332.TXT -> TrackingCookie.Esomniture : Cleaned.
    C:\RECYCLER\NPROTECT\00144333.TXT -> TrackingCookie.Esomniture : Cleaned.
    C:\RECYCLER\NPROTECT\00143849.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00143850.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00143851.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144304.TXT -> TrackingCookie.Euroclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144312.TXT -> TrackingCookie.Falkag : Cleaned.
    C:\RECYCLER\NPROTECT\00144313.TXT -> TrackingCookie.Falkag : Cleaned.
    C:\RECYCLER\NPROTECT\00144341.TXT -> TrackingCookie.Fastclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144363.TXT -> TrackingCookie.Fastclick : Cleaned.
    C:\RECYCLER\NPROTECT\00144338.TXT -> TrackingCookie.Hitbox : Cleaned.
    C:\RECYCLER\NPROTECT\00144346.TXT -> TrackingCookie.Hitbox : Cleaned.
    C:\RECYCLER\NPROTECT\00144398.TXT -> TrackingCookie.Information : Cleaned.
    C:\RECYCLER\NPROTECT\00144364.TXT -> TrackingCookie.Mediaplex : Cleaned.
    C:\Documents and Settings\Bas\Cookies\bas@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
    C:\RECYCLER\NPROTECT\00144407.TXT -> TrackingCookie.Onestat : Cleaned.
    C:\RECYCLER\NPROTECT\00144306.TXT -> TrackingCookie.Pointroll : Cleaned.
    C:\RECYCLER\NPROTECT\00144384.TXT -> TrackingCookie.Questionmarket : Cleaned.
    C:\RECYCLER\NPROTECT\00144389.TXT -> TrackingCookie.Revenue : Cleaned.
    C:\RECYCLER\NPROTECT\00144319.TXT -> TrackingCookie.Serving-sys : Cleaned.
    C:\RECYCLER\NPROTECT\00144399.TXT -> TrackingCookie.Serving-sys : Cleaned.
    C:\RECYCLER\NPROTECT\00144408.TXT -> TrackingCookie.Statcounter : Cleaned.
    C:\RECYCLER\NPROTECT\00139832.TXT -> TrackingCookie.Tacoda : Cleaned.
    C:\RECYCLER\NPROTECT\00144412.TXT -> TrackingCookie.Tacoda : Cleaned.
    C:\RECYCLER\NPROTECT\00144417.TXT -> TrackingCookie.Tradedoubler : Cleaned.
    C:\RECYCLER\NPROTECT\00144410.TXT -> TrackingCookie.Webtrendslive : Cleaned.
    C:\RECYCLER\NPROTECT\00143386.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143387.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143388.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143389.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143481.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143482.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143483.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143484.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143631.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143632.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143633.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143634.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143688.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143689.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143690.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143691.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143879.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143880.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143881.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143882.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00143883.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\RECYCLER\NPROTECT\00144302.TXT -> TrackingCookie.Yieldmanager : Cleaned.
    C:\WINDOWS\system32\wnscpcc.exe -> Trojan.Small : Cleaned with backup (quarantined).
    C:\Documents and Settings\All Users\Muziek\NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.zip/NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\Documents and Settings\All Users\Muziek\NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.zip/NORTON Antivirus Eng-ITA-Fra 2007+crack+codici-key.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059185.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059185.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059186.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059186.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059187.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059187.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059188.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059188.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059189.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059189.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059190.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059190.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059191.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059191.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059192.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059192.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059193.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059193.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059194.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059194.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059195.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059195.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059196.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059196.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059197.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059197.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059198.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059198.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059199.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059199.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059200.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059200.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059201.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059201.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059202.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059202.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059203.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059203.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059204.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059204.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059205.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059205.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059206.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059206.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059208.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059208.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059209.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059209.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059210.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059210.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059211.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059211.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059212.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059212.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059213.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059213.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059214.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059214.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059215.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059215.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059216.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059216.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059217.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059217.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059218.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059218.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059219.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059219.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059220.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059220.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059221.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059221.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059222.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059222.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059223.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059223.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059224.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059224.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059225.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059225.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059226.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059226.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059227.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059227.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059228.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059228.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059229.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059229.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059230.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059230.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059231.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059231.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059232.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059232.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059233.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059233.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059234.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059234.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059235.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059235.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059236.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059236.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059237.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059237.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059238.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059238.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059239.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059239.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059240.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059240.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059241.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059241.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059242.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059242.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059243.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059243.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059244.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059244.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059245.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059245.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059246.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059246.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059247.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059247.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059248.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059248.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059249.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059249.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059250.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059250.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059251.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059251.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059252.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059252.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059253.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059253.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059254.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059254.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059255.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059255.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059256.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059256.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059257.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059257.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059258.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059258.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059259.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059259.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059260.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059260.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059261.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059261.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059262.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059262.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059263.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059263.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059264.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059264.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059265.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059265.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059266.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059266.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059267.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059267.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059268.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059268.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059269.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059269.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059270.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059270.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059271.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059271.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059272.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059272.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059273.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059273.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059274.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059274.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059275.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059275.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059276.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059276.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059277.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059277.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059278.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059278.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059279.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059279.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059280.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059280.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059281.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059281.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059282.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059282.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059283.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059283.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059284.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059284.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059285.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059285.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059287.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059287.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059290.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059291.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059299.exe/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059299.exe/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059300.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059300.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059301.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059301.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059302.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059302.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059303.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059303.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059304.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059304.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059305.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059305.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059306.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059306.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059307.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059307.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059308.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059308.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059309.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059309.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059310.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059310.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059311.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059311.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059312.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059312.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059313.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059313.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059314.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059314.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059315.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059315.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059316.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059316.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059317.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059317.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059318.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059318.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059319.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059319.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059320.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059320.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059321.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059321.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059322.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059322.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059323.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059323.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059324.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059324.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059325.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059325.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059326.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059326.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059328.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059328.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059329.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059329.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059330.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059330.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059331.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059331.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059332.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059332.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059333.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059333.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059334.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059334.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059335.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059335.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059336.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059336.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059337.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059337.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059338.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059338.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059339.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059339.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059340.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059340.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059341.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059341.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059343.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059343.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059344.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059344.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059345.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059345.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059346.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059346.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059347.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059347.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059348.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059348.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059349.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059349.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059350.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059350.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059351.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059351.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059352.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059352.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059353.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059353.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059354.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059354.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059355.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059355.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059356.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059356.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059357.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059357.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059358.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059358.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059359.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059359.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059360.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059360.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059361.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059361.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059362.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059362.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059363.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059363.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059364.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059364.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059365.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059365.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059366.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059366.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059367.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059367.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059368.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059368.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059369.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059369.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059370.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059370.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059371.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059371.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059372.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059372.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059373.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059373.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059374.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059374.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059375.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059375.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059376.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059376.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059377.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059377.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059378.EXE/td.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059378.EXE/zgo.exe -> Worm.Agent.v : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{20FACB27-B213-45DF-B711-A07B77057628}\RP187\A0059379.EXE/td.exe -> Worm.Agent
  • en de hjt log

    Logfile of HijackThis v1.99.1
    Scan saved at 20:20:35, on 14-1-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\WINDOWS\system32\hkcmd.exe
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    C:\WINDOWS\stsystra.exe
    C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
    C:\WINDOWS\system32\WLTRAY.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\NetWaiting\netWaiting.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Digital Line Detect\DLG.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\internet explorer\iexplore.exe
    C:\Program Files\Hijack This\hijackthis.exe
    C:\Program Files\Messenger\msmsgs.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://dellsearchedit.myway.com/samisc/dellsidebar.jhtml?p=DW
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
    R3 - URLSearchHook: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
    O2 - BHO: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
    O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
    O4 - HKLM\..\Run: [Dell Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
    O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
    O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /startup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Swrm] "C:\DOCUME~1\Bas\APPLIC~1\PPATCH~1\winword.exe" -vt yazb
    O4 - HKCU\..\Run: [Cxpdmrg] C:\Program Files\a?sembly\d?dplay.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Digital Line Detect.lnk = ?
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by104fd.bay104.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/SITE/xupload/XUpload.ocx
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
    O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
    O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
    O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
  • Download en installeer CCleaner
    (De CCLeaner Yahoo Toolbar is niet nodig)
    Nog niet gebruiken.

    lik op Start -> (Settings) -> Configuratiescherm -> Software en verwijder het volgende programma:
    MyWay Search Assistant

    Start Hijackthis op en kies voor 'Do a system scan only'
    Selecteer alleen de items die hieronder zijn genoemd:
    [b:969496cd05]
    R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
    R3 - URLSearchHook: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll (file missing)
    O2 - BHO: (no name) - {7032E00F-50B5-2166-CB47-280794A1ECB0} - C:\WINDOWS\system32\xvdjh.dll
    O4 - HKCU\..\Run: [Swrm] "C:\DOCUME~1\Bas\APPLIC~1\PPATCH~1\winword.exe" -vt yazb
    O4 - HKCU\..\Run: [Cxpdmrg] C:\Program Files\a?sembly\d?dplay.exe
    [/b:969496cd05]
    Sluit alle vensters behalve Hijackthis
    Klik op 'Fix checked' om de items te verwijderen.

    Open de verkenner ("Mijn Computer";) en kies [b:969496cd05]Extra[/b:969496cd05] -> [b:969496cd05]Mapopties…[/b:969496cd05]
    Controleer onder [b:969496cd05]Weergave[/b:969496cd05] de volgende instellingen:

    Uitzetten: Beveiligde besturingssysteembestanden verbergen (aanbevolen)
    Uitzetten: Extensies voor bekende bestandstypen verbergen

    Selecteer: De inhoud van systeemmappen weergeven (alleen bij XP)
    Selecteer: Verborgen bestanden en mappen weergeven

    Verwijder de volgende directories/bestanden:
    C:\WINDOWS\system32\[b:969496cd05]xvdjh.dll[/b:969496cd05]
    C:\Program Files\MyWaySA\[b:969496cd05]SrchAsDe[/b:969496cd05]\
    C:\DOCUME~1\Bas\APPLIC~1\[b:969496cd05]PPATCH~1[/b:969496cd05]\ ~jij ziet de hele naam
    C:\Program Files\a?sembly\[b:969496cd05]d?dplay.exe[/b:969496cd05] indien aanwezig

    [b:969496cd05]
  • Nope vooralsnog ziet alles er weer top uit ! Super !

    Ik kan nu dus weer msn installeren?

    Moet ik die andere progs (ccleaner, combofix, etc) de-installeren of gewoon laten staan voor periodieke schoonmaak?
  • alle gebruikte tooltjes kan je verwijderen.

    install mess maar weer.

    Om herinfectie via systeemherstel te voorkomen, is het raadzaam de bestaande systeemherstelpunten te verwijderen door systeemherstel tijdelijk uit te schakelen.


    - Ga naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Klik in de linkerhelft van het venster op "Instellingen van systeemherstel".
    - Zet een vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Windows vraagt of je dat zeker weet.
    - Klik "Ja".
    - Klik "OK".
    - Start de pc opnieuw op.
    - Ga weer naar Start/Alle programma's/Bureau-accessoires/Systeemwerkset/Systeemherstel.
    - Je krijgt de melding: "Systeemherstel is uitgeschakeld. Wilt u systeemherstel nu inschakelen?"
    - Klik "Ja".
    - Verwijder het vinkje voor "Systeemherstel uitschakelen".
    - Klik "Toepassen".
    - Klik "OK".
    - Start de pc opnieuw op
    - Er is nu een nieuw schoon herstel punt aangemaakt

    Hier nog wat tips. tips
  • als je mess installeerd kijk dan uit dat je het zonder de sponsors doet

    anders kan juisterr weer van vooraf aan beginnen
  • Hallo allemaal,

    ik sluit mij hier graag bij aan. Ook ik heb al langere tijd allerlei popups en krijg ze niet weg

    ik heb een hijackthis en combofix logfile. Ik ben erg (!!) benieuwd.

    bedankt alvast:

    Logfile of HijackThis v1.99.1
    Scan saved at 16:34:45, on 11-2-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\PROGRA~1\mcafee.com\agent\mcagent.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Hitman Pro\srhelper.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Siemens\Gigaset USB Adapter 108\OdHost.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\JGsoft\EditPadPro6\EditPadPro.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\REMKOE~1\LOCALS~1\Temp\Rar$EX00.953\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [PollManager] C:\DOCUME~1\REMKOE~1\APPLIC~1\Idolbore\Send error sect.exe
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓƵ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
    O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/outlookaddressbook.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141670767842
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Music Manager) - http://img.od2.com/installation/pluginname/music%20manager/MusicManagerPlugin.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553532000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/SITE/xupload/XUpload.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
    O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe


    ——————————————–

    "Remko en Judith" - 07-02-11 16:28:18 Service Pack 2
    ComboFix 07-02-11 - Running from: "C:\Documents and Settings\Remko en Judith\Bureaublad"

    ((((((((((((((((((((((((((((((( Files Created from 2007-01-11 to 2007-02-11 ))))))))))))))))))))))))))))))))))


    2007-02-04 19:18 <DIR> d——– C:\DOCUME~1\REMKOE~1\Application Data\uTorrent
    2007-02-03 10:42 <DIR> d——– C:\WINDOWS\system32\drivers\UMDF
    2007-01-30 23:16 <DIR> d——– C:\Program Files\Everest Poker
    2007-01-29 23:01 <DIR> d——– C:\DOCUME~1\REMKOE~1\Application Data\gtopala
    2007-01-29 03:36 51,072 –a—— C:\WINDOWS\system32\drivers\ikhlayer.sys
    2007-01-29 03:36 30,592 –a—— C:\WINDOWS\system32\drivers\ikhfile.sys
    2007-01-29 03:36 <DIR> d-a—— C:\DOCUME~1\ALLUSE~1\Application Data\TEMP
    2007-01-27 13:27 737,280 –a—— C:\WINDOWS\iun6002.exe
    2007-01-27 13:27 <DIR> d——– C:\Program Files\AndreaMosaic
    2007-01-25 11:13 4,608 –a—— C:\WINDOWS\system32\W95Inf32.DLL
    2007-01-25 11:13 2,272 –a—— C:\WINDOWS\system32\W95Inf16.DLL
    2007-01-25 11:13 <DIR> d——– C:\Program Files\toernooi
    2007-01-24 16:25 <DIR> d——– C:\DOCUME~1\Kinderen\Application Data\InstallShield
    2007-01-24 14:36 2,560 ——— C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-01-24 14:36 2,432 ——— C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-01-24 14:36 <DIR> d——– C:\Program Files\Mozilla Firefox
    2007-01-24 14:35 <DIR> d——– C:\DOCUME~1\ALLUSE~1\Application Data\Google Updater
    2007-01-13 10:16 <DIR> d——– C:\Program Files\Codemasters
    2007-01-13 03:00 <DIR> d——– C:\WINDOWS\ie7updates
    2007-01-12 23:01 <DIR> d——– C:\WINDOWS\system32\nl-nl
    2007-01-12 22:59 <DIR> d–h-c— C:\WINDOWS\ie7
    2007-01-11 20:23 <DIR> d——– C:\WINDOWS\system32\LogFiles


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-02-11 16:22 ——– d——– C:\Program Files\mozilla thunderbird
    2007-02-05 20:22 ——– d——– C:\DOCUME~1\REMKOE~1\Application Data\azureus
    2007-02-03 10:44 ——– d——– C:\Program Files\windows media connect 2
    2007-02-01 13:34 ——– d——– C:\Program Files\google
    2007-01-30 22:48 ——– d——– C:\Program Files\azureus
    2007-01-29 04:50 ——– d——– C:\Program Files\hitman pro
    2007-01-29 03:45 ——– d——– C:\Program Files\spywareblaster
    2007-01-29 03:36 ——– d——– C:\Program Files\spyware doctor
    2007-01-28 10:44 ——– d–h—– C:\Program Files\installshield installation information
    2007-01-25 13:41 ——– d——– C:\Program Files\freecommander2006
    2007-01-25 13:25 ——– d——– C:\Program Files\ppmate
    2007-01-24 14:37 8456 –a—— C:\WINDOWS\mozver.dat
    2007-01-24 14:36 ——– d——– C:\Program Files\picasa2
    2007-01-15 10:03 ——– d——– C:\DOCUME~1\REMKOE~1\Application Data\macromedia
    2007-01-11 20:32 82078 –a—— C:\WINDOWS\system32\perfc013.dat
    2007-01-11 20:32 467130 –a—— C:\WINDOWS\system32\perfh013.dat
    2007-01-09 20:17 ——– d——– C:\Program Files\java
    2007-01-06 01:01 ——– d—s—- C:\DOCUME~1\REMKOE~1\Application Data\microsoft
    2007-01-02 21:58 ——– d——– C:\Program Files\windows defender
    2007-01-02 20:32 ——– d——– C:\Program Files\windows media bonus pack for windows xp
    2007-01-02 20:30 ——– d——– C:\Program Files\alawar
    2007-01-02 00:49 ——– d——– C:\Program Files\myway
    2007-01-02 00:23 ——– d——– C:\DOCUME~1\REMKOE~1\Application Data\lavasoft
    2007-01-02 00:22 ——– d——– C:\Program Files\lavasoft
    2007-01-01 22:51 ——– d——– C:\Program Files\bankingtools
    2006-12-30 14:02 ——– d——– C:\Program Files\giant
    2006-12-30 14:01 ——– d——– C:\Program Files\microsoft games
    2006-12-30 03:05 ——– d——– C:\DOCUME~1\REMKOE~1\Application Data\idolbore
    2006-12-30 02:58 ——– d——– C:\Program Files\idolbore
    2006-12-30 02:58 ——– d——– C:\Program Files\anti-leech
    2006-12-30 02:54 ——– d——– C:\Program Files\activision value
    2006-12-28 23:37 ——– d——– C:\Program Files\support.com
    2006-12-10 12:03 63488 –a—— C:\WINDOWS\xobglu16.dll
    2006-12-10 12:03 23552 –a—— C:\WINDOWS\xobglu32.dll
    2006-12-09 20:53 3584 –a—— C:\DOCUME~1\REMKOE~1\Application Data\dvd.bmk


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\lib\\NMBgMonitor.exe\""
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"
    "Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"
    "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "PollManager"="C:\\DOCUME~1\\REMKOE~1\\APPLIC~1\\Idolbore\\Send error sect.exe"
    "Hitman Pro SurfRight Helper"="\"C:\\Program Files\\Hitman Pro\\srhelper.exe\""
    "WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "VirusScan Online"="C:\\Program Files\\McAfee.com\\VSO\\mcvsshld.exe"
    "VSOCheckTask"="\"C:\\PROGRA~1\\McAfee.com\\VSO\\mcmnhdlr.exe\" /checktask"
    "MCUpdateExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcupdate.exe"
    "TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"
    "ISUSPM Startup"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\isuspm.exe\" -startup"
    "ATIPTA"="\"C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe\""
    "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
    "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
    "MCAgentExe"="c:\\PROGRA~1\\mcafee.com\\agent\\mcagent.exe"
    "OASClnt"="C:\\Program Files\\McAfee.com\\VSO\\oasclnt.exe"
    "MSKDetectorExe"="C:\\Program Files\\McAfee\\SpamKiller\\MSKDetct.exe /uninstall"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "OrderReminder"="C:\\Program Files\\Hewlett-Packard\\OrderReminder\\OrderReminder.exe"
    "igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
    "igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
    "igfxpers"="C:\\WINDOWS\\system32\\igfxpers.exe"
    "Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
    "Picasa Media Detector"="C:\\Program Files\\Picasa2\\PicasaMediaDetector.exe"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"


    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "Spyware Doctor"="\"C:\\Program Files\\Spyware Doctor\\swdoctor.exe\" /Q"
    "DWQueuedReporting"="\"C:\\PROGRA~1\\COMMON~1\\MICROS~1\\DW\\dwtrig20.exe\" -t"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,\
    63,65,73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,5c,52,6f,79,61,6c,65,2e,\
    6d,73,73,74,79,6c,65,73,00
    "InstallTheme"=hex(2):43,3a,5c,57,49,4e,44,4f,57,53,5c,52,65,73,6f,75,72,63,65,\
    73,5c,54,68,65,6d,65,73,5c,52,6f,79,61,6c,65,2e,74,68,65,6d,65,00

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\A60EFF3D90FD7921.job
    C:\WINDOWS\tasks\MP Scheduled Scan.job
    C:\WINDOWS\tasks\Scannen via McAfee.com - Mijn computer (WOONKAMER-DELL-Remko en Judith).job


    ********************************************************************

    catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes …

    scanning hidden services …

    scanning hidden autostart entries …

    scanning hidden files …

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-02-11 16:30:11
    C:\ComboFix2.txt … 07-02-11 16:07
  • Zorg ervoor dat alle verborgen bestanden en mappen weergegeven worden. Hoe verborgen bestanden en mappen weergeven.

    Start de computer in veilige modus.

    Verwijder de volgende mappen:
    C:\Documents and Settings\Remko en Judith\Application Data\[b:6a532159bb]idolbore[/b:6a532159bb]\
    C:\Program Files\[b:6a532159bb]idolbore[/b:6a532159bb]\

    Maak dan je prullenbak leeg.

    Start HijackThis nog een keer, kies voor "Do a system scan only" en plaats alleen een vinkje voor de volgende regel:
    [b:6a532159bb]O4 - HKCU\..\Run: [PollManager] C:\DOCUME~1\REMKOE~1\APPLIC~1\Idolbore\Send error sect.exe [/b:6a532159bb]
    Sluit alle open vensters(behalve HijackThis), klik daarna op "Fix checked" en sluit HijackThis af.

    Herstart in normale modus.

    Download dit bestand: [b:6a532159bb]Deljob.exe[/b:6a532159bb]
    Plaats het op je bureaublad.
    Dubbelklik Deljob.exe.
    Een logje(logit.txt) zal openen, het bestandje kan je ook terugvinden op je bureaublad.
    Post de inhoud van [b:6a532159bb]logit.txt[/b:6a532159bb] in je volgende bericht tesamen met een nieuw logje van HijackThis ;)
  • alles gedaan zoals aangegeven.
    Hoe voorkom ik dit in het vervolg: ik maak gebruik van FW, McAfee AV en regelmatig Hitmanpro en sinds kort MS-defender.

    hierbij mijn logs:
    ——————————————————–
    BACKUPS CREATED in C:\DELJOB

    A60EFF3D90FD7921.job
    ——————————————————–
    FILES IN TASKS FOLDER

    MP Scheduled Scan.job
    Scannen via McAfee.com - Mijn computer (WOONKAMER-DELL-Remko en Judith).job
    ——————————————————–
    EXPORT APP DATA FOLDERS

    Het volume in station C heeft geen naam.
    Het volumenummer is 9CAB-0CCE

    Map van C:\Documents and Settings\Remko en Judith\Application Data

    12-02-2007 22:13 <DIR> .
    12-02-2007 22:13 <DIR> ..
    21-08-2006 16:49 <DIR> ABC~1 .ABC
    06-12-2006 10:46 <DIR> Adobe
    06-03-2006 22:59 <DIR> AdobeUM
    11-04-2006 22:43 <DIR> Ahead
    07-08-2006 20:45 <DIR> Atari
    05-02-2007 20:22 <DIR> Azureus
    06-03-2006 20:12 <DIR> CORELP~1 Corel Photo Album
    09-12-2006 20:53 3.584 dvd.bmk
    16-10-2006 20:14 196 G-FORC~1.TXT G-Force Prefs (WindowsMediaPlayer).txt
    14-04-2006 14:41 <DIR> Google
    29-01-2007 23:01 <DIR> gtopala
    03-07-2006 22:07 <DIR> Help
    02-09-2005 03:36 <DIR> IDENTI~1 Identities
    07-04-2006 22:45 <DIR> Ipswitch
    02-01-2007 00:23 <DIR> Lavasoft
    13-03-2006 19:15 <DIR> LEADER~1 Leadertech
    31-10-2006 18:34 <DIR> Logitech
    15-01-2007 10:03 <DIR> MACROM~1 Macromedia
    30-03-2006 22:04 <DIR> MCAFEE~1.COM McAfee.com Personal Firewall
    26-09-2006 08:08 <DIR> MORPHE~1 Morpheus Software
    06-03-2006 21:29 <DIR> Mozilla
    13-11-2006 09:52 <DIR> Mp3tag
    25-03-2006 14:39 <DIR> MSNINS~1 MSNInstaller
    17-04-2006 19:05 <DIR> Nikon
    09-03-2006 21:25 <DIR> OD2
    31-03-2006 21:38 <DIR> Opera
    07-04-2006 23:58 <DIR> PCTOOL~1 PC Tools
    05-11-2006 15:25 <DIR> PPMate
    20-04-2006 19:40 <DIR> ppStream
    20-08-2006 20:47 <DIR> Real
    07-09-2006 21:58 <DIR> SEVENZ~1 Seven Zip
    06-09-2006 23:59 <DIR> SmartFTP
    13-03-2006 19:18 <DIR> Sonic
    05-11-2006 15:28 <DIR> SopCast
    02-03-2006 10:49 <DIR> Sun
    06-03-2006 21:29 <DIR> Talkback
    06-03-2006 21:29 <DIR> THUNDE~1 Thunderbird
    08-02-2007 01:54 <DIR> uTorrent
    07-04-2006 23:51 <DIR> Webroot
    21-09-2006 20:46 <DIR> WINDOW~1 Windows Live Safety Center
    2 bestand(en) 3.780 bytes
    40 map(pen) 12.874.473.472 bytes beschikbaar
    Het volume in station C heeft geen naam.
    Het volumenummer is 9CAB-0CCE

    Map van C:\Documents and Settings\All Users\Application Data

    06-02-2007 20:25 <DIR> Adobe
    14-03-2006 00:20 <DIR> ADOBES~1 Adobe Systems
    26-11-2006 21:44 <DIR> DVDSHR~1 DVD Shrink
    17-04-2006 10:05 <DIR> ENTERN~1 EnterNHelp
    10-12-2006 10:40 <DIR> FISHER~1 Fisher-Price(R)
    18-09-2006 17:07 <DIR> Google
    12-02-2007 17:16 <DIR> GOOGLE~1 Google Updater
    02-03-2006 10:57 <DIR> INSTAL~1 InstallShield
    07-04-2006 22:45 <DIR> Ipswitch
    10-12-2006 10:40 <DIR> KNOWLE~1 Knowledge Adventure
    02-03-2006 11:00 <DIR> McAfee
    06-06-2006 19:10 <DIR> McAfee.com
    17-05-2006 23:35 <DIR> MCAFEE~1.COM McAfee.com Personal Firewall
    09-03-2006 21:24 <DIR> OD2
    18-11-2006 11:53 <DIR> Postbank
    04-07-2006 23:42 <DIR> QUICKT~1 QuickTime
    02-03-2006 10:55 <DIR> Sonic
    11-02-2007 22:56 <DIR> SPYBOT~1 Spybot - Search & Destroy
    25-05-2006 21:22 <DIR> Support.com
    11-02-2007 23:22 <DIR> TEMP
    30-12-2006 08:13 <DIR> TRUSTV~1 trust vga anti internet
    17-04-2006 10:05 <DIR> ULTIMA~1 Ultima_T15
    06-03-2006 19:49 <DIR> WINDOW~1 Windows Genuine Advantage
    0 bestand(en) 0 bytes
    23 map(pen) 12.874.469.376 bytes beschikbaar
    ——————————————————–
    Logfile of HijackThis v1.99.1
    Scan saved at 22:32:28, on 12-2-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\WINDOWS\System32\svchost.exe
    c:\program files\mcafee.com\agent\mcdetect.exe
    c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    c:\progra~1\mcafee.com\vso\mcvsescn.exe
    c:\program files\mcafee.com\agent\mcagent.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\Program Files\McAfee.com\VSO\oasclnt.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Siemens\Gigaset USB Adapter 108\OdHost.exe
    C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
    C:\Program Files\JGsoft\EditPadPro6\EditPadPro.exe
    C:\Program Files\WinRAR\WinRAR.exe
    C:\DOCUME~1\REMKOE~1\LOCALS~1\Temp\Rar$EX00.453\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.planet.nl/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
    O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
    O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\McUpdate.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
    O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
    O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
    O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
    O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
    O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
    O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Hitman Pro SurfRight Helper] "C:\Program Files\Hitman Pro\srhelper.exe"
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Gigaset WLAN Adapter Monitor.lnk = C:\Program Files\Siemens\Gigaset USB Adapter 108\Gcc.exe
    O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: Ãâ·Ñ¾«²ÊÊÓƵ³¬Á÷³©ÔÚÏß¹Û¿´ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
    O9 - Extra 'Tools' menuitem: ²¥°ÔµçÊÓ - {022C4009-5283-4365-97BF-144054B40E2E} - http://itv.mop.com (file missing)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {426784E5-24B2-4708-820D-117342FAD009} (Cimporter Object) - http://www.hyves.nl/cab/outlookaddressbook.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase969.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1141670767842
    O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (Music Manager) - http://img.od2.com/installation/pluginname/music%20manager/MusicManagerPlugin.CAB
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553532000} - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.hema.nl/SITE/xupload/XUpload.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
    O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
    O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
    O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, I