Doorzoek het forum
Zoeken met Startpagina
Startpagina Thema's
Bikkel
ja zal ik doe maar had ik volgens mij al gedaan maar ik heb fat32 en kan alleen opslaan met ntfs dacht ik hoor maar zal het nog eens proberen
Bikkel
deze?
“Silent Runners.vbs”, revision 41, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by “{++}”
Startup items buried in registry:
———————————
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“WeatherWatcher” = “C:\Program Files\Weather Watcher\ww.exe”
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“UserFaultCheck” = “%systemroot%\system32\dumprep 0 -u”
“SystemTray” = “SysTray.Exe”
“Symantec NetDriver Monitor” = “C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer”
“Run StartupMonitor” = “StartupMonitor.exe”
“LVCOMSX” = “C:\WINDOWS\system32\LVCOMSX.EXE”
“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme”
“FLMK08KB” = “C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE”
“FLMBROWSEMOUSE” = “C:\Program Files\Trust\302KS\Mouse\mouse32a.exe”
“Daily Weather Forecast” = “C:\Program Files\Daily Weather Forecast\weather.exe”
“ccApp” = “”C:\Program Files\Common Files\Symantec Shared\ccApp.exe“”
“MessengerPlus3” = “”C:\Program Files\MessengerPlus! 3\MsgPlus.exe“”
“New.net Startup” = “rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup -s”
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = “AcroIEHlprObj Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll”
{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\(Default) = “URLLink”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\NewDotNet\newdotnet6_90.dll”
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\SPYBOT~1\SDHelper.dll”
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\(Default) = “UberButton Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Common\yiesrvc.dll”
{65D886A2-7CA7-479B-BB95-14D1EFB7946A}\(Default) = “YahooTaggedBM Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Common\YIeTagBm.dll”
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = “CNavExtBho Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Configuratiescherm-uitbreiding Beeldscherm-panning”
-> {CLSID}\InProcServer32\(Default) = “deskpan.dll”
“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “HyperTerminal-pictogramuitbreiding”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\System32\hticons.dll”
hier nog een keer dan.
“Silent Runners.vbs”, revision 41, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by “{++}”
Startup items buried in registry:
———————————
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“WeatherWatcher” = “C:\Program Files\Weather Watcher\ww.exe”
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}
“UserFaultCheck” = “%systemroot%\system32\dumprep 0 -u”
“SystemTray” = “SysTray.Exe”
“Symantec NetDriver Monitor” = “C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer”
“Run StartupMonitor” = “StartupMonitor.exe”
“LVCOMSX” = “C:\WINDOWS\system32\LVCOMSX.EXE”
“LoadPowerProfile” = “Rundll32.exe powrprof.dll,LoadCurrentPwrScheme”
“FLMK08KB” = “C:\Program Files\Trust\302KS\Keyboard\MMKEYBD.EXE”
“FLMBROWSEMOUSE” = “C:\Program Files\Trust\302KS\Mouse\mouse32a.exe”
“Daily Weather Forecast” = “C:\Program Files\Daily Weather Forecast\weather.exe”
“ccApp” = “”C:\Program Files\Common Files\Symantec Shared\ccApp.exe“”
“MessengerPlus3” = “”C:\Program Files\MessengerPlus! 3\MsgPlus.exe“”
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = “AcroIEHlprObj Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll”
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\SPYBOT~1\SDHelper.dll”
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\(Default) = “UberButton Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Common\yiesrvc.dll”
{65D886A2-7CA7-479B-BB95-14D1EFB7946A}\(Default) = “YahooTaggedBM Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Common\YIeTagBm.dll”
{BDF3E430-B101-42AD-A544-FADC6B084872}\(Default) = “CNavExtBho Class”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
“{42071714-76d4-11d1-8b24-00a0c9068ff3}” = “Configuratiescherm-uitbreiding Beeldscherm-panning”
-> {CLSID}\InProcServer32\(Default) = “deskpan.dll”
“{88895560-9AA2-1069-930E-00AA0030EBC8}” = “HyperTerminal-pictogramuitbreiding”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\System32\hticons.dll”
“{5b4dae26-b807-11d0-9815-00c04fd91972}” = “Menu Band”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{8278F931-2A3E-11d2-838F-00C04FD918D0}” = “Tracking Shell Menu”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{E13EF4E4-D2F2-11d0-9816-00C04FD91972}” = “Menu Site”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{ECD4FC4F-521C-11D0-B792-00A0C90312E1}” = “Menu Desk Bar”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{D82BE2B0-5764-11D0-A96E-00C04FD705A2}” = “IShellFolderBand”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{0E5CBF21-D15F-11d0-8301-00AA005B4383}” = “K&oppelingen”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{7487cd30-f71a-11d0-9ea7-00805f714772}” = “Thumbnail Image”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\SHELL32.dll”
“{00020D75-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Desktop Icon Handler”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL”
“{0006F045-0000-0000-C000-000000000046}” = “Microsoft Office Outlook Custom Icon Handler”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL”
“{42042206-2D85-11D3-8CFF-005004838597}” = “Microsoft Office HTML Icon Handler”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Microsoft Office\OFFICE11\msohev.dll”
“{640167b4-59b0-47a6-b335-a6b3c0695aea}” = “Portable Media Devices”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\Audiodev.dll”
“{cc86590a-b60a-48e6-996b-41d25ed39a1e}” = “Portable Media Devices Menu”
-> {CLSID}\InProcServer32\(Default) = “C:\WINDOWS\system32\Audiodev.dll”
“{7C9D5882-CB4A-4090-96C8-430BFE8B795B}” = “Webroot Spy Sweeper Context Menu Integration”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll”
“{950FF917-7A57-46BC-8017-59D9BF474000}” = “Shell Extension for CDRW”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Ahead\InCD\incdshx.dll”
“{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}” = “My Logitech Pictures”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Logitech\Video\Namespc2.dll”
“{5464D816-CF16-4784-B9F3-75C0DB52B499}” = “Yahoo! Mail”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll”
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
INFECTION WARNING! “{54D9498B-CF93-414F-8984-8CE7FDE0D391}” = “ewido shell guard”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\ewido\security suite\shellhook.dll”
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\
INFECTION WARNING! “AppInit_DLLs” = “MsgPlusLoader.dll”
HKLM\Software\Classes\PROTOCOLS\Filter\
INFECTION WARNING! text/xml\CLSID = “{807553E5-5146-11D5-A672-00B0D022E945}”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL”
HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Symantec.Norton.Antivirus.IEContextMenu\(Default) = “{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
Yahoo! Mail\(Default) = “{5464D816-CF16-4784-B9F3-75C0DB52B499}”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\YAHOO!\COMMON\ymmapi.dll”
HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
SpySweeper\(Default) = “{7C9D5882-CB4A-4090-96C8-430BFE8B795B}”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\Webroot\SPYSWE~1\SSCtxMnu.dll”
Symantec.Norton.Antivirus.IEContextMenu\(Default) = “{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2}”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
Active Desktop and Wallpaper:
—————————–
Active Desktop is disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState
HKCU\Control Panel\Desktop\
“Wallpaper” = “C:\Documents and Settings\Frits den Elsen\Local Settings\Application Data\Microsoft\Wallpaper1.bmp”
Enabled Screen Saver:
———————
HKCU\Control Panel\Desktop\
“SCRNSAVE.EXE” = “C:\WINDOWS\System32\sstext3d.scr”
Startup items in “Frits den Elsen” & “All Users” startup folders:
—————————————————————–
C:\Documents and Settings\Frits den Elsen\Menu Start\Programma's\Opstarten
“Quick Macros” -> shortcut to: “C:\Program Files\Quick Macros 2\qm.exe S”
Enabled Scheduled Tasks:
————————
“Toepassing Optimalisatie Start” -> launches: “walign”
“Symantec NetDetect” -> launches: “C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE”
“Norton AntiVirus - Mijn computer scannen - Frits den Elsen” -> launches: “C:\PROGRA~1\NORTON~1\Navw32.exe /task:”C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca“”
Winsock2 Service Provider DLLs:
——————————-
Namespace Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll”
000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll”
000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll”
Transport Service Providers
HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
00000000000#\PackedCatalogItem (contains) DLL , (at) # range:
%SystemRoot%\system32\mswsock.dll , 1 - 3
%SystemRoot%\system32\rsvpsp.dll , 4 - 5
Toolbars, Explorer Bars, Extensions:
————————————
Toolbars
HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser\
“{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}” = “Norton AntiVirus”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
“{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = “Yahoo! Toolbar”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll”
HKLM\Software\Microsoft\Internet Explorer\Toolbar\
“{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6}” = “Norton AntiVirus”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Norton AntiVirus\NavShExt.dll”
“{EF99BD32-C1FB-11D2-892F-0090271D4F88}” = “Yahoo! Toolbar”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll”
Explorer Bars
HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\ = “&Yahoo! Messenger”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\YAHOO!\COMMON\yhexbmesus.dll”
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\
{4528BBE0-4E08-11D5-AD55-00010333D0AD}\ = “&Yahoo! Messenger”
-> {CLSID}\InProcServer32\(Default) = “C:\PROGRA~1\YAHOO!\COMMON\yhexbmesus.dll”
Extensions (Tools menu items, main toolbar menu buttons)
HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
“MenuText” = “Sun Java Console”
“CLSIDExtension” = “{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll”
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84}\
{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}\
“ButtonText” = “Yahoo! Services”
“CLSIDExtension” = “{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}”
-> {CLSID}\InProcServer32\(Default) = “C:\Program Files\Yahoo!\Common\yiesrvc.dll”
{641F4F4E-6C91-4159-869E-9F5CE6F0F64E}\
“ButtonText” = “MultiPoker”
“MenuText” = “MultiPoker”
“Exec” = “C:\Program Files\MultiPoker\MultiPoker.exe”
{77E68763-4284-41D6-B7E7-B6E1F053A9E7}\
“ButtonText” = “EmpirePoker”
“MenuText” = “EmpirePoker”
“Exec” = “C:\Program Files\EmpirePoker\EmpirePoker.exe”
{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
“ButtonText” = “Onderzoek”
{FB5F1910-F110-11D2-BB9E-00C04F795683}\
“ButtonText” = “Messenger”
“MenuText” = “Windows Messenger”
“Exec” = “C:\Program Files\Messenger\msmsgs.exe”
Running Services (Display Name, Service Name, Path {Service DLL}):
——————————————————————
ewido security suite control, ewido security suite control, “C:\Program Files\ewido\security suite\ewidoctrl.exe”
InCD File System Service, InCDsrv, “C:\Program Files\Ahead\InCD\InCDsrv.exe”
LexBce Server, LexBceS, “C:\WINDOWS\system32\LEXBCES.EXE”
Norton AntiVirus Auto-Protect-service, navapsvc, “”C:\Program Files\Norton AntiVirus\navapsvc.exe“”
Norton AntiVirus Firewall Monitor Service, NPFMntor, “”C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe“”
SoundMAX Agent Service, SoundMAX Agent Service (default), “C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe”
Symantec Core LC, Symantec Core LC, “C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe”
Symantec Event Manager, ccEvtMgr, “”C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe“”
Symantec Network Drivers Service, SNDSrvc, “”C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe“”
Symantec Settings Manager, ccSetMgr, “”C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe“”
Symantec SPBBCSvc, SPBBCSvc, “”C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe“”
Windows User Mode Driver Framework, UMWdf, “C:\WINDOWS\system32\wdfmgr.exe”
WMDM PMSP Service, WMDM PMSP Service, “C:\WINDOWS\system32\MsPMSPSv.exe”
Print Monitors:
—————
HKLM\System\CurrentControlSet\Control\Print\Monitors\
Lexmark Network Port\Driver = “LEXLMPM.DLL”
Microsoft Document Imaging Writer Monitor\Driver = “mdimon.dll”
———-
+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ To search all directories of local fixed drives for DESKTOP.INI
DLL launch points and all Registry CLSIDs for dormant Explorer Bars,
use the -supp parameter or answer “No” at the first message box.
———- (total run time: 19 seconds, including 4 seconds for message boxes)
hoi bikkel,
ziet er netjes schoon uit 
maar er zit dus nog een bestand op je pc wat telkens die dll van de trojan terug probeert te plaatsen 
start eens op in veilige modus en doe dan een volledige systeemscan met norton,verwijder alle gevonden bestanden 
herstart in de normale modus en doe hier een online scan:
http://www.kaspersky.com/downloads/kws/kavwebscan.html
bewaar het logje wat gemaakt word en plaats dat hier
paul
hier is hij
——————————————————————————-
KASPERSKY ON-LINE SCANNER REPORT
Friday, October 14, 2005 23:12:06
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 14/10/2005
Kaspersky Anti-Virus database records: 144863
——————————————————————————-
Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 39096
Number of viruses found: 7
Number of infected objects: 74
Number of suspicious objects: 2
Duration of the scan process: 1715 sec
Infected Object Name - Virus Name
C:\Program Files\Norton AntiVirus\Quarantine\62D46ABA.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\3EAF6FA5.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\6C9B5D1C.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\48700E0D.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\76602581.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\244C12F8.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\003115D7.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\2E936ACD.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Norton AntiVirus\Quarantine\1D38050A.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\Program Files\Daily Weather Forecast\weather.exe Infected: Trojan-Downloader.Win32.Centim.an
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BackWeblite.zip/backWeb-8876480.exe Suspicious: Password-protected-EXE
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\BackWeblite.zip Suspicious: Password-protected-EXE
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001282.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001283.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001284.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001285.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001286.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001287.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001288.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001289.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001290.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001291.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001292.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001293.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001294.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001295.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001296.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001297.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001298.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001299.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001300.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001301.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001302.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001303.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001304.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001305.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001306.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001307.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001308.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001309.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001310.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001311.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001312.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001313.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001314.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001315.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001316.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001317.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001318.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001319.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001320.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001321.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001322.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001323.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001324.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001325.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001326.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP3\A0001327.dll Infected: Trojan-Downloader.Win32.Delf.wp
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001910.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001911.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001912.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001913.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001914.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001936.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001937.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001938.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001939.dll Infected: Trojan-Downloader.Win32.Delf.h
C:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001940.dll Infected: Trojan-Downloader.Win32.Delf.h
E:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001862.exe/data0001 Infected: Trojan-Downloader.Win32.INService.ja
E:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001862.exe Infected: Trojan-Downloader.Win32.INService.ja
E:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001864.exe/data0001 Infected: Trojan-Downloader.Win32.INService.ja
E:\System Volume Information\_restore{E2BE89EE-0F50-4AD6-B2A3-6494B0F1CA34}\RP5\A0001864.exe Infected: Trojan-Downloader.Win32.INService.ja
E:\Nero\dvdvideopluginversion6009vonneroburningromneroexpress_PxDfZxHjHkSdWnXv.zip/install_cheat_001.exe/data0001 Infected: Trojan-Downloader.Win32.IstBar.ki
E:\Nero\dvdvideopluginversion6009vonneroburningromneroexpress_PxDfZxHjHkSdWnXv.zip/install_cheat_001.exe Infected: Trojan-Downloader.Win32.IstBar.ki
E:\Nero\dvdvideopluginversion6009vonneroburningromneroexpress_PxDfZxHjHkSdWnXv.zip Infected: Trojan-Downloader.Win32.IstBar.ki
E:\Nero\Nero_DVD_Video_Plugin_Fixed (www.crack.cd)\vdb.exe Infected: Trojan-Downloader.Win32.INService.gen
Scan process completed.
Bikkel
