Zodra ik een melding krijg doe ik een Opstart Scan waarmee er wel wat verwijderd word en daarna haalt Spyware Doctor er ook nog wat vanaf maar na een tijdje kan ik weer opnieuw beginnen omdat er weer van alles op staat.
PC is al vaak genoeg opnieuw geïnstalleerd maar dat helpt ook niet en ondertussen word dit probleem erg vervelend.
Iemand een idee om het volledig te verwijderen en dat ik me computer nog normaal kan gebruiken?
Log van vandaag van avast! (onder spoiler omdat het anders zoveel ruimte in neemt)
SPOILERVorige topics die er ook mee te maken hebben:8-5-2009 16:11:52 1241791912 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=1\{gzip}" file.
8-5-2009 16:11:53 1241791913 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=2\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=1\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=2\{gzip}" file.
8-5-2009 16:12:27 1241791947 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=3\{gzip}" file.
8-5-2009 16:12:49 1241791969 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://ad.doubleclick.net/activity;src=1185014;ytb=1;yatw=UzAXKdNYuUE;\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=4\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=1\{gzip}" file.
8-5-2009 16:12:51 1241791971 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=2\{gzip}" file.
8-5-2009 16:12:52 1241791972 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=1\{gzip}" file.
8-5-2009 16:12:53 1241791973 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=2\{gzip}" file.
8-5-2009 16:12:55 1241791975 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-activity" file.
8-5-2009 16:13:05 1241791985 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=3\{gzip}" file.
8-5-2009 16:13:17 1241791997 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://www.youtube.com/set_awesome?&video_id=UzAXKdNYuUE&m=&l=205&t=vjVQa1PpcFN9WNVkVy3DNsk68p1U3Al96UHALxY2okM=&w=0.803863414634146&el=detailpage\{gzip}" file.
8-5-2009 16:13:19 1241791999 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-set_awesome" file.
8-5-2009 16:13:23 1241792003 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=3\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://forum.tibia.com/forum/?action=thread&threadid=2500343&pagenumber=2\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&auto=1&ver=fDHuAAifHq0.nl.&am=b7EwpdTXcKG5B92C0fS2Uv2qt0k9aw&ari=180&rt=j&search=inbox\{gzip}" file.
8-5-2009 16:13:50 1241792030 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=2\{gzip}" file.
8-5-2009 16:13:52 1241792032 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=2\{gzip}" file.
8-5-2009 16:14:04 1241792044 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=3\{gzip}" file.
8-5-2009 16:14:12 1241792052 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&rt=h&search=inbox\{gzip}" file.
8-5-2009 16:14:16 1241792056 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=3\{gzip}" file.
8-5-2009 16:14:21 1241792061 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=3098&SID=5F5CE6EE478CB1AB&RID=4894&TYPE=terminate&zx=rj66t720sfq1\{gzip}" file.
8-5-2009 16:14:43 1241792083 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 16:18:29 1241792309 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\3C0L4G7O\ADSAdClient31[1].htm" file.
8-5-2009 17:44:21 1241797461 SYSTEM 1220 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 17:44:26 1241797466 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\TR785LLY\c[1].htm" file.
8-5-2009 17:44:51 1241797491 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\MQST0WMG\MsgrConfig[1].htm" file.
8-5-2009 17:44:53 1241797493 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7A3L4V87\xhtml1-transitional[1].htm" file.
8-5-2009 17:56:58 1241798218 SYSTEM 384 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:09:20 1241798960 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:10:08 1241799008 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 18:25:12 1241799912 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 18:25:21 1241799921 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:26:07 1241799967 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 18:26:42 1241800002 Wouter 2532 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 20:26:16 1241807176 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 22:26:11 1241814371 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:47:17 1241815637 SYSTEM 300 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:48:05 1241815685 SYSTEM 300 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 23:51:39 1241819499 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 23:51:39 1241819499 SYSTEM 208 An error has occured while attempting to update. Please check the logs.
8-5-2009 23:52:17 1241819537 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
GNAA Last Measure Live
VBS:Malware-gen
Virus in het netwerk
Scan saved at 1:04:25, on 9-5-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\avast! Antivirus\aswUpdSv.exe
C:\Program Files\avast! Antivirus\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVAST!~1\ashDisp.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Razer\Lachesis\razerhid.exe
C:\Program Files\Razer\Tarantula\razerhid.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Razer\Lachesis\OSD.exe
C:\Program Files\ASUS\Bluetooth Software\BTTray.exe
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\Razer\Lachesis\razertra.exe
C:\Program Files\Razer\Lachesis\razerofa.exe
C:\PROGRA~1\ASUS\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\avast! Antivirus\ashMaiSv.exe
C:\Program Files\avast! Antivirus\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Razer\Tarantula\razertra.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\Program Files\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\AVAST!~1\ashDisp.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [Lachesis] C:\Program Files\Razer\Lachesis\razerhid.exe
O4 - HKLM\..\Run: [Tarantula] C:\Program Files\Razer\Tarantula\razerhid.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: UltraMon.lnk = ?
O8 - Extra context menu item: Verzenden naar &Bluetooth-apparaat... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{584BDF90-A3F8-4003-88A2-B42EB3065FEF}: NameServer = 192.168.1.254
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\avast! Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\avast! Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\avast! Antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\avast! Antivirus\ashWebSv.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ASUS\Bluetooth Software\bin\btwdins.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
--
End of file - 3968 bytes
Krijg je toevallig ook IE popups dat hij wil connecten naar een of andere poolse site maar dat dat niet lukt?
[ Bericht 23% gewijzigd door Sjonnjoop op 09-05-2009 01:15:04 ]
Scan ook eens met een andere, online antivirus scanner. Zoals Panda.
Misschien is het browsergerelateerd. Kijk eens onder add-ons in IE7. Heb je bijvoorbeeld rare toolbars in IE7?
quote:dat "control[11].htm" en "control[4]" komt 3 keer voor (tussendoor zijn scans gedaan)Op zaterdag 9 mei 2009 01:11 schreef Kasirga het volgende:
Er staat, voorzover ik kan zien, niets raars of opvallend op je PC. Ook in de log van Avast zie ik geen meldingen over bestanden terugkeren. Wel iets over je tijdelijke internetbestanden.
Scan ook eens met een andere, online antivirus scanner. Zoals Panda.
Misschien is het browsergerelateerd. Kijk eens onder add-ons in IE7. Heb je bijvoorbeeld rare toolbars in IE7?
maar hierbij log van laatste 3 dagen:
SPOILER6-5-2009 18:33:09 1241627589 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://forum.fok.nl/topic/1286995/3/50\{gzip}" file.
6-5-2009 18:33:18 1241627598 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.tagged.com/api/?application_id=user&format=jsonp&session_token=gjanq4mlc4adfdfttoifgev1l5\{gzip}" file.
6-5-2009 18:33:18 1241627598 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\plugin[1].htm" file.
6-5-2009 18:33:27 1241627607 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:28 1241627608 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:28 1241627608 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:33 1241627613 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:33 1241627613 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\index[1].htm" file.
6-5-2009 18:33:40 1241627620 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\index[2].htm" file.
6-5-2009 18:33:41 1241627621 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\index[2].htm" file.
6-5-2009 18:33:51 1241627631 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\index[1].htm" file.
6-5-2009 18:38:41 1241627921 SYSTEM 1744 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:38:53 1241627933 SYSTEM 1744 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\c[1].htm" file.
6-5-2009 18:43:44 1241628224 SYSTEM 1800 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:44:08 1241628248 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\c[1].htm" file.
6-5-2009 18:44:13 1241628253 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\GPKRI7DS\MsgrConfig[1].htm" file.
6-5-2009 18:44:43 1241628283 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
6-5-2009 18:44:44 1241628284 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\XKDZ32FA\xhtml1-transitional[1].htm" file.
6-5-2009 18:49:28 1241628568 SYSTEM 1800 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:50:20 1241628620 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
6-5-2009 18:53:45 1241628825 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:54:22 1241628862 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\PNLZX8BN\c[1].htm" file.
6-5-2009 19:03:55 1241629435 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
6-5-2009 19:03:57 1241629437 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\MsgrConfig[1].htm" file.
6-5-2009 19:03:59 1241629439 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\NP5C3T5W\xhtml1-transitional[1].htm" file.
6-5-2009 19:09:31 1241629771 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 19:09:31 1241629771 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\F76TOBZA\c[1].htm" file.
6-5-2009 19:09:40 1241629780 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\MsgrConfig[1].htm" file.
6-5-2009 19:09:41 1241629781 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\PNLZX8BN\xhtml1-transitional[1].htm" file.
6-5-2009 19:09:44 1241629784 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\NP5C3T5W\MsgrConfig[1].htm" file.
6-5-2009 19:09:46 1241629786 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\xhtml1-transitional[1].htm" file.
7-5-2009 18:29:55 1241713795 SYSTEM 1508 Sign of "VBS:Malware-gen" has been found in "http://maps.google.nl/\{gzip}" file.
7-5-2009 18:38:59 1241714339 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 18:39:06 1241714346 SYSTEM 1708 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 18:40:05 1241714405 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30" file.
7-5-2009 18:44:05 1241714645 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 21:22:27 1241724147 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\plugin[2].htm" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:50 1241724170 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:51 1241724171 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[2].htm" file.
7-5-2009 21:22:53 1241724173 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:23:04 1241724184 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:23:05 1241724185 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[4].htm" file.
7-5-2009 21:23:11 1241724191 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[5].htm" file.
7-5-2009 21:23:16 1241724196 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[6].htm" file.
7-5-2009 21:23:28 1241724208 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[3].htm" file.
7-5-2009 21:23:30 1241724210 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[1].htm" file.
7-5-2009 21:24:03 1241724243 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.interveste.nl/kandidaten/inschrijven\{gzip}" file.
7-5-2009 21:25:12 1241724312 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:25:16 1241724316 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:25:19 1241724319 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:27:59 1241724479 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\gateway[1].htm" file.
7-5-2009 21:28:03 1241724483 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:13 1241724493 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:17 1241724497 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:20 1241724500 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:23 1241724503 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:28 1241724508 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:35 1241724515 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:43 1241724523 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:47 1241724527 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:50 1241724530 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:54 1241724534 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:59 1241724539 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:38:38 1241725118 SYSTEM 232 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 21:45:16 1241725516 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 23:01:54 1241730114 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 23:02:15 1241730135 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 0:24:24 1241735064 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://www.hyves.nl/\{gzip}" file.
8-5-2009 16:11:52 1241791912 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=1\{gzip}" file.
8-5-2009 16:11:53 1241791913 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=2\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=1\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=2\{gzip}" file.
8-5-2009 16:12:27 1241791947 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=3\{gzip}" file.
8-5-2009 16:12:49 1241791969 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://ad.doubleclick.net/activity;src=1185014;ytb=1;yatw=UzAXKdNYuUE;\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=4\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=1\{gzip}" file.
8-5-2009 16:12:51 1241791971 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=2\{gzip}" file.
8-5-2009 16:12:52 1241791972 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=1\{gzip}" file.
8-5-2009 16:12:53 1241791973 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=2\{gzip}" file.
8-5-2009 16:12:55 1241791975 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-activity" file.
8-5-2009 16:13:05 1241791985 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=3\{gzip}" file.
8-5-2009 16:13:17 1241791997 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://www.youtube.com/set_awesome?&video_id=UzAXKdNYuUE&m=&l=205&t=vjVQa1PpcFN9WNVkVy3DNsk68p1U3Al96UHALxY2okM=&w=0.803863414634146&el=detailpage\{gzip}" file.
8-5-2009 16:13:19 1241791999 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-set_awesome" file.
8-5-2009 16:13:23 1241792003 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=3\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://forum.tibia.com/forum/?action=thread&threadid=2500343&pagenumber=2\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&auto=1&ver=fDHuAAifHq0.nl.&am=b7EwpdTXcKG5B92C0fS2Uv2qt0k9aw&ari=180&rt=j&search=inbox\{gzip}" file.
8-5-2009 16:13:50 1241792030 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=2\{gzip}" file.
8-5-2009 16:13:52 1241792032 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=2\{gzip}" file.
8-5-2009 16:14:04 1241792044 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=3\{gzip}" file.
8-5-2009 16:14:12 1241792052 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&rt=h&search=inbox\{gzip}" file.
8-5-2009 16:14:16 1241792056 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=3\{gzip}" file.
8-5-2009 16:14:21 1241792061 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=3098&SID=5F5CE6EE478CB1AB&RID=4894&TYPE=terminate&zx=rj66t720sfq1\{gzip}" file.
8-5-2009 16:14:43 1241792083 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 16:18:29 1241792309 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\3C0L4G7O\ADSAdClient31[1].htm" file.
8-5-2009 17:44:21 1241797461 SYSTEM 1220 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 17:44:26 1241797466 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\TR785LLY\c[1].htm" file.
8-5-2009 17:44:51 1241797491 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\MQST0WMG\MsgrConfig[1].htm" file.
8-5-2009 17:44:53 1241797493 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7A3L4V87\xhtml1-transitional[1].htm" file.
8-5-2009 17:56:58 1241798218 SYSTEM 384 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:09:20 1241798960 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:10:08 1241799008 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 18:25:12 1241799912 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 18:25:21 1241799921 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:26:07 1241799967 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 18:26:42 1241800002 Wouter 2532 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 20:26:16 1241807176 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 22:26:11 1241814371 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:47:17 1241815637 SYSTEM 300 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:48:05 1241815685 SYSTEM 300 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 23:51:39 1241819499 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 23:51:39 1241819499 SYSTEM 208 An error has occured while attempting to update. Please check the logs.
8-5-2009 23:52:17 1241819537 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
quote:Hmm...Op zaterdag 9 mei 2009 01:16 schreef Razorback het volgende:
[..]
dat "control[11].htm" en "control[4]" komt 3 keer voor (tussendoor zijn scans gedaan)
maar hierbij log van laatste 3 dagen:SPOILER6-5-2009 18:33:09 1241627589 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://forum.fok.nl/topic/1286995/3/50\{gzip}" file.
6-5-2009 18:33:18 1241627598 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.tagged.com/api/?application_id=user&format=jsonp&session_token=gjanq4mlc4adfdfttoifgev1l5\{gzip}" file.
6-5-2009 18:33:18 1241627598 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\plugin[1].htm" file.
6-5-2009 18:33:27 1241627607 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:28 1241627608 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:28 1241627608 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:33 1241627613 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
6-5-2009 18:33:33 1241627613 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\index[1].htm" file.
6-5-2009 18:33:40 1241627620 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\index[2].htm" file.
6-5-2009 18:33:41 1241627621 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\index[2].htm" file.
6-5-2009 18:33:51 1241627631 SYSTEM 1520 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\index[1].htm" file.
6-5-2009 18:38:41 1241627921 SYSTEM 1744 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:38:53 1241627933 SYSTEM 1744 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\V4V7N31S\c[1].htm" file.
6-5-2009 18:43:44 1241628224 SYSTEM 1800 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:44:08 1241628248 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7Y6L582K\c[1].htm" file.
6-5-2009 18:44:13 1241628253 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\GPKRI7DS\MsgrConfig[1].htm" file.
6-5-2009 18:44:43 1241628283 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
6-5-2009 18:44:44 1241628284 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\XKDZ32FA\xhtml1-transitional[1].htm" file.
6-5-2009 18:49:28 1241628568 SYSTEM 1800 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:50:20 1241628620 SYSTEM 1800 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
6-5-2009 18:53:45 1241628825 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 18:54:22 1241628862 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\PNLZX8BN\c[1].htm" file.
6-5-2009 19:03:55 1241629435 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
6-5-2009 19:03:57 1241629437 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\MsgrConfig[1].htm" file.
6-5-2009 19:03:59 1241629439 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\NP5C3T5W\xhtml1-transitional[1].htm" file.
6-5-2009 19:09:31 1241629771 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
6-5-2009 19:09:31 1241629771 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\F76TOBZA\c[1].htm" file.
6-5-2009 19:09:40 1241629780 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\MsgrConfig[1].htm" file.
6-5-2009 19:09:41 1241629781 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\PNLZX8BN\xhtml1-transitional[1].htm" file.
6-5-2009 19:09:44 1241629784 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\NP5C3T5W\MsgrConfig[1].htm" file.
6-5-2009 19:09:46 1241629786 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\4PB4P17I\xhtml1-transitional[1].htm" file.
7-5-2009 18:29:55 1241713795 SYSTEM 1508 Sign of "VBS:Malware-gen" has been found in "http://maps.google.nl/\{gzip}" file.
7-5-2009 18:38:59 1241714339 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "http://www.google.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 18:39:06 1241714346 SYSTEM 1708 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 18:40:05 1241714405 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Application Data\Microsoft\CryptnetUrlCache\Content\A8FABA189DB7D25FBA7CAC806625FD30" file.
7-5-2009 18:44:05 1241714645 SYSTEM 1708 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 21:22:27 1241724147 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\plugin[2].htm" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:48 1241724168 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:50 1241724170 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:22:51 1241724171 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[2].htm" file.
7-5-2009 21:22:53 1241724173 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:23:04 1241724184 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.lyricsplugin.com/index.php?popup=1\{gzip}" file.
7-5-2009 21:23:05 1241724185 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[4].htm" file.
7-5-2009 21:23:11 1241724191 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[5].htm" file.
7-5-2009 21:23:16 1241724196 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[6].htm" file.
7-5-2009 21:23:28 1241724208 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[3].htm" file.
7-5-2009 21:23:30 1241724210 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\index[1].htm" file.
7-5-2009 21:24:03 1241724243 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "http://www.interveste.nl/kandidaten/inschrijven\{gzip}" file.
7-5-2009 21:25:12 1241724312 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:25:16 1241724316 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:25:19 1241724319 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:27:59 1241724479 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Q0DNL8J9\gateway[1].htm" file.
7-5-2009 21:28:03 1241724483 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:13 1241724493 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:17 1241724497 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:20 1241724500 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:23 1241724503 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:28 1241724508 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\Y9WH4D2S\gateway[1].htm" file.
7-5-2009 21:28:35 1241724515 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:43 1241724523 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:47 1241724527 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:50 1241724530 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:28:54 1241724534 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\C4ZQR6IH\gateway[1].htm" file.
7-5-2009 21:28:59 1241724539 Wouter 1512 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\UIP2E2K1\gateway[1].htm" file.
7-5-2009 21:38:38 1241725118 SYSTEM 232 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 21:45:16 1241725516 SYSTEM 1512 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
7-5-2009 23:01:54 1241730114 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
7-5-2009 23:02:15 1241730135 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 0:24:24 1241735064 SYSTEM 1512 Sign of "VBS:Malware-gen" has been found in "http://www.hyves.nl/\{gzip}" file.
8-5-2009 16:11:52 1241791912 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=1\{gzip}" file.
8-5-2009 16:11:53 1241791913 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=288734&SID=5F5CE6EE478CB1AB&RID=4891&zx=o5erbbsj6z7j&t=2\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=1\{gzip}" file.
8-5-2009 16:12:14 1241791934 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=2\{gzip}" file.
8-5-2009 16:12:27 1241791947 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=3\{gzip}" file.
8-5-2009 16:12:49 1241791969 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://ad.doubleclick.net/activity;src=1185014;ytb=1;yatw=UzAXKdNYuUE;\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=310588&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=bg3ey8fqts5l&t=4\{gzip}" file.
8-5-2009 16:12:50 1241791970 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=1\{gzip}" file.
8-5-2009 16:12:51 1241791971 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=2\{gzip}" file.
8-5-2009 16:12:52 1241791972 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=1\{gzip}" file.
8-5-2009 16:12:53 1241791973 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=2\{gzip}" file.
8-5-2009 16:12:55 1241791975 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-activity" file.
8-5-2009 16:13:05 1241791985 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=346333&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=pehmrmd7an66&t=3\{gzip}" file.
8-5-2009 16:13:17 1241791997 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://www.youtube.com/set_awesome?&video_id=UzAXKdNYuUE&m=&l=205&t=vjVQa1PpcFN9WNVkVy3DNsk68p1U3Al96UHALxY2okM=&w=0.803863414634146&el=detailpage\{gzip}" file.
8-5-2009 16:13:19 1241791999 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\DOCUME~1\Wouter\LOCALS~1\Temp\plugtmp\plugin-set_awesome" file.
8-5-2009 16:13:23 1241792003 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=348742&SID=5F5CE6EE478CB1AB&RID=4892&zx=qa5r9x9oc7wo&t=3\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://forum.tibia.com/forum/?action=thread&threadid=2500343&pagenumber=2\{gzip}" file.
8-5-2009 16:13:29 1241792009 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&auto=1&ver=fDHuAAifHq0.nl.&am=b7EwpdTXcKG5B92C0fS2Uv2qt0k9aw&ari=180&rt=j&search=inbox\{gzip}" file.
8-5-2009 16:13:50 1241792030 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=2\{gzip}" file.
8-5-2009 16:13:52 1241792032 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=2\{gzip}" file.
8-5-2009 16:14:04 1241792044 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=408743&SID=5F5CE6EE478CB1AB&RID=4893&zx=ctsuuc96berv&t=3\{gzip}" file.
8-5-2009 16:14:12 1241792052 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/?ui=2&ik=adf4ef9145&view=tl&start=0&num=70&rt=h&search=inbox\{gzip}" file.
8-5-2009 16:14:16 1241792056 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=406178&RID=rpc&SID=5F5CE6EE478CB1AB&CI=1&AID=192&TYPE=xmlhttp&zx=cniry6sw5bw6&t=3\{gzip}" file.
8-5-2009 16:14:21 1241792061 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://mail.google.com/mail/channel/bind?at=xn3j32upfx5ji3m3woy0mleae53jkg&VER=6&it=3098&SID=5F5CE6EE478CB1AB&RID=4894&TYPE=terminate&zx=rj66t720sfq1\{gzip}" file.
8-5-2009 16:14:43 1241792083 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 16:18:29 1241792309 SYSTEM 1516 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\3C0L4G7O\ADSAdClient31[1].htm" file.
8-5-2009 17:44:21 1241797461 SYSTEM 1220 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 17:44:26 1241797466 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\TR785LLY\c[1].htm" file.
8-5-2009 17:44:51 1241797491 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\MQST0WMG\MsgrConfig[1].htm" file.
8-5-2009 17:44:53 1241797493 SYSTEM 1220 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\Wouter\Local Settings\Temporary Internet Files\Content.IE5\7A3L4V87\xhtml1-transitional[1].htm" file.
8-5-2009 17:56:58 1241798218 SYSTEM 384 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:09:20 1241798960 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:10:08 1241799008 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 18:25:12 1241799912 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "http://nl.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:nl:official\{gzip}" file.
8-5-2009 18:25:21 1241799921 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 18:26:07 1241799967 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 18:26:42 1241800002 Wouter 2532 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 20:26:16 1241807176 SYSTEM 224 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
8-5-2009 22:26:11 1241814371 SYSTEM 224 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:47:17 1241815637 SYSTEM 300 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 22:48:05 1241815685 SYSTEM 300 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\66FH158Q\control[4].htm" file.
8-5-2009 23:51:39 1241819499 SYSTEM 208 Function setifaceUpdatePackages() has failed. Return code is 0x20000011, dwRes is 20000011.
8-5-2009 23:51:39 1241819499 SYSTEM 208 An error has occured while attempting to update. Please check the logs.
8-5-2009 23:52:17 1241819537 SYSTEM 208 Sign of "VBS:Malware-gen" has been found in "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\DPYFDEYM\control[11].htm" file.
quote:Run a boot-time scan with avast, it’ll pick it up and delete/quarantine it. The reason why the vbs script keeps popping back up is because you’re running avast in windows and the script or one of it’s friends is still working in the background so when its deleted it just puts itself back in.
Probeer eens de boot-time scan van Avast.
De boot-time scan van avast! gebruik ik dus elke keer om daarna een normale scan te doen maar dat helpt dus niet.
Elke keer zie ik de zelfde bestanden langs komen die verwijderd worden.
Worth a try.
http://www.afterdawn.com/(...)ity/smitfraudfix.cfm
quote:Zal het zo is proberenOp zaterdag 9 mei 2009 01:31 schreef FireFox1 het volgende:
Smitfraudfix. heeft me een paar keer goed geholpen, weet alleen niet 100% of het hierbij ook helpt.
Worth a try.
http://www.afterdawn.com/(...)ity/smitfraudfix.cfm
Malwarebytes heeft iig niks geholpen, de uitgebreide scan heeft niks kunnen vinden.
Eerst gewoon gaan scannen met AVG, vervolgens constateert AVG dat ie niet alles kan verwijderen omdat er dingen in de achtergrond blijven draaien en gaat ie opnieuw opstarten om automatisch een boot time-scan uit te voeren.
Ik merkte trouwens dat direct na de infectie Spamhouse.org me op een blacklist had gezet, dus de malware had waarschijnlijk vanaf mijn pc flink lopen spammen.
[ Bericht 5% gewijzigd door SEMTEX op 09-05-2009 20:34:57 ]
Windows opnieuw geinstalleerd op een andere harde schijf en dat ging prima.
De volgende dingen heb ik geinstalleerd in deze volgorde:
Videokaart drivers
Netwerkkaart drivers
Firefox
MSN
Geluidskaart drivers
Winamp
Maar ondertussen zijn we weer terug waar alles begon.
Verder moeten natuurlijk ook alle partities en/of schijven gescand worden maar ik neem aan dat je dat ook hebt gedaan.
quote:Met avast! heb ik zonder internetverbinding scans gedaan maar zodra ik weer verbinding maak met het internet kan het voor een tijdje goed gaan en dan begint alle ellende weer.Op zondag 10 mei 2009 20:51 schreef Bonov het volgende:
Als je gaat scannen met AVG moet je voor de zekerheid wel de netwerkverbinding uitschakelen zodat je in ieder geval niet meer via je internetverbinding besmet kan worden. Of gewoon in veilige modus opstarten zonder netwerkverbinding en dan scannen.
Verder moeten natuurlijk ook alle partities en/of schijven gescand worden maar ik neem aan dat je dat ook hebt gedaan.
In het begin scande ik alle hardeschijven maar omdat daar nooit wat op gevonden werd ben ik daarmee uiteindelijk gestopt omdat dat teveel tijd in beslag neemt.
Ik zou dus willen aanraden: backup je data op een externe schijf en formatteer je geïnfecteerde schijf compleet.
quote:Alle data dat ik wil bewaren staat standaard al op een andere hardeschijf dus als er iets gebeurt is het alleen een kwestie van die hardeschijf scannen en loskoppelen.Op maandag 11 mei 2009 10:41 schreef SEMTEX het volgende:
Hmmmm uiteindelijk heb ik gisteren toch een XP-herinstall moeten doen na een format c, de malware wilde er niet af en Malwarebytes zag niets meer. Meteen bij 't opstarten van dat ding AVG geinstalleerd en dan hoop ik dat het probleem nu voorgoed wegblijft.
Ik zou dus willen aanraden: backup je data op een externe schijf en formatteer je geïnfecteerde schijf compleet.
Maar ondertussen heb ik windows al zo vaak opnieuw geïnstalleerd dat ik dat serie nummer uit me hoofd weet en elke keer weet het weer terug te komen na een tijdje op het netwerk aangesloten te zijn.
Nu denk ik dus dat het aan het netwerk ligt maar waarom dan mijn computer en niet de andere.
quote:Alle dingen die ik installeer zijn gescanned en is niks op gevonden.Op maandag 11 mei 2009 18:27 schreef SEMTEX het volgende:
Zit het niet in 1 van je installerbestanden of keygenerators? Dat had ik zelf namelijk...
Verder als ik alleen de noodzakelijke dingen installeer zoals drivers, firefox en msn krijg ik het probleem ook terwijl dat allemaal gratis te downloaden is.
quote:Mij ook. Goed progje!Op zaterdag 9 mei 2009 01:18 schreef een-wolk-groene-aapjes het volgende:
Malwarebytes is een gratis programaatje dat mij iig al een aantal keer geholpen heeft.
quote:Op dit moment ben ik bezig met zo programmatje van Western Digital, werd mij ook nog aangeraden.Op woensdag 13 mei 2009 19:40 schreef RickoKun het volgende:
Misschien ligt het juist wel aan je hardeschijf? (ja nogal wiedes natuurlijk) Maar ik bedoel, kwa hardware misschien? Dat ie af is?
http://support.wdc.com/product/download.asp?groupid=612&sid=30&lang=en