Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

plz help. win32.trojan

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

plz help. win32.trojan

Unread postby deemon » August 2nd, 2007, 11:39 am

my computer went on the blink yesterday. every time i turned it on it started up but the screen just stayed black and i couldnt see anything.
so i went into safe mode and used system restore and when it restored back zonealarm started searching and came up with this { win32.trojan dr..... } i think theres more to the word after dr.... but i cant see what it is.
computer is working fine now but it would be much appreciated if you could have a look cheers.

heres my log file

Logfile of HijackThis v1.99.1
Scan saved at 16:27:47, on 02/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Paddy Power Poker - {40B2063F-DB01-4962-BE63-59435C01283C} - C:\PROGRA~1\PADDYP~1\client.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Program Files\bet365MPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm
Advertisement
Register to Remove

Unread postby Elrond » August 3rd, 2007, 10:10 am

I'm Elrond, I'll be glad to help you with your computer problems.

As an introduction, please note that I am not Superhuman, I do not know everything, but what I do know has taken me years to learn. I am happy to pass on this information to you, but please bear in mind that I am also fallible.

Please only use this topic for your replies on this problem. Do not start another thread.
The fixes we will use are specific to your problems and should only be used for this problem on this computer.
These things need to be properly researched and a complete fix for many malware problems can take some time and be spread over a number of posts, so please be patient and try to see it through to the end.

Before we start: Please be aware that removing Malware is a hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

In light of this it would be wise for you to back up any files and folders that you don't want to lose before we start.

Please observe these rules while we work:
  • Perform all actions in the order given.
  • If you don't know, stop and ask! Don't keep going on.
  • Please reply to this thread. Do not start a new topic.
  • Stick with it till you're given the all clear.
  • REMEMBER, ABSENCE OF SYMPTOMS DOES NOT MEAN THE INFECTION IS ALL GONE.
If you can do these things, everything should go smoothly.
  • Please note that you should have Administrator rights to perform the fixes. (XP accounts are Administrator by default) Also note that multiple identity PC’s (family PC’s) present a different problem; please tell me if your PC has more than one individual’s setting, but continue with the fix.Please let me know if you are using a computer with multiple accounts, as this can affect the instructions given.

It may be helpful to you to print out or take a copy of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.



Please note that I will be off line for about 26 hours (sundown Friday until nightfall Saturday my local time)


Your HijackThis log looks clean except that there are a few housekeeping chores that needs to be done. However I would like to see new HijackThis log and I would like you to describe what problems if any that you have.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

heres the new log file

Unread postby deemon » August 3rd, 2007, 10:26 am

Logfile of HijackThis v1.99.1
Scan saved at 15:22:54, on 03/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Paddy Power Poker - {40B2063F-DB01-4962-BE63-59435C01283C} - C:\PROGRA~1\PADDYP~1\client.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Program Files\bet365MPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

thx

Unread postby deemon » August 3rd, 2007, 10:35 am

thx for tackeing the time to hlp me
tried to delete the trojan hunter i downloaded but it wont let me
it says.
( cannot delete contmenu.dll: access denied)
make sure your disk is not full or write
-protected and that the file is not currently in use.

i going away for the weekend mate i will be back on monday.
see you then cheers and thx again.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

heres the trojan i have

Unread postby deemon » August 3rd, 2007, 10:39 am

avg found this trojan (trojan horse dropper.agent.EFR
AVG CANT DELETE OR CLEAN IT. I GOT IT BY TRYING TO DOWNLOAD TROJANHUNTER WITH A SERIAL CAUSE I DIDNT WANNA BUY IT.
LESSON LEARNED LOL.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

Unread postby Elrond » August 3rd, 2007, 11:41 am

Yes using cracks is a nearly surefire way of getting infected besides being ilegal and theft.

Let's try to get rid of the junk. It does not show up in the HijackThis log.

Please Download and Run ComboFix

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall


How to get AVG report
  • Right click the AVG tray icon
  • Select Test Center > Test Results
  • Double click the scan where virus was detected.
  • Select Virus Results
  • At the top of the window select Program > Export List To File
  • Save it as "All Files" and name it AVGlog.txt
  • Post me AVGlog.txt

Add that log, if you can find it to your next post.

Run a new Hijack This log and post the log together with log from Combofix and from AVG (if you can find it).
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

combo fix

Unread postby deemon » August 5th, 2007, 1:08 pm

Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
00A65788
00A65AA8
00A6CAC0
00A80BB8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB60
014A7EE0
014AA2A8
014FCCA8
014AA2A8
Check if the selected language is allowed
01773518
01C44300
01C44C18
01C46A08
01C9CCE0
01C46A08
01C46A08
01C4DAB0
00A651E8
00A65508
003C5190
00A805A8
00F30110
00F30A50
00E24EB0
00F84F78
00E24EB0
00F32200
00A6B018
00A651E8
00A65508
003C5190
00A805A8
00F30110
00F30A50
00E24EB0
00F84F78
00E24EB0
00F32200
00A6B018
0108C960
01817CC8
0108FF18
01898798
0108FF18
0678C2D0
0678CBE8
06791D40
067E45B0
06791D40
052BC2D0
052BCBE8
052C1D40
053145B0
052C1D40
0597C2D0
0597CBE8
05981D40
059D45B0
05981D40
03AAC2B8
03AACBD0
03AADC20
03B04578
03AADC20
0A48C368
0A48CC80
0A48D1A8
0A4E4A08
0A48D1A8
0A94FC48
0A950358
0501D210
0A9D09A8
0501D210
034BC2B8
034BCBD0
034BDC20
03514578
034BDC20
00FABFD8
00FAC918
00FB2830
01004730
00FB2830
00EA79B0
016BF858
016C00F0
016C71E8
01740868
016C71E8
09EEFBB8
09EF02C8
08A0D188
09F44FF0
08A0D188
016BFBB0
016C02C0
08A1D188
01714FF0
08A1D188
0880CE68
0955FFC0
095604E8
095B4AB8
095604E8
01D6FBB8
01D702C8
0178D188
01DC4FF0
0178D188
00FABFB0
00FAC8F0
00FB5CA0
010047B8
00FB5CA0
00EA7978
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF48
012BC888
012C25D8
01314888
012C25D8
01117920
003C5350
01117920
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF48
012BC888
012C25D8
01314888
012C25D8
01117920
003C5350
01117920
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAC8
014A7E20
003FD610
014FCCE0
003FD610
Check if the selected language is allowed
016DDA58
01C44300
01C44C18
01C46A08
01C9CCE0
01C46A08
01C46A08
01C4DAB0
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF48
012BC888
012C25D8
01314888
012C25D8
01117920
003C5350
01117920
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF48
012BC888
012C25D8
01314888
012C25D8
01117920
003C5350
01117920
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04AC3EB8
04AC4818
04D0D218
04D54F20
04D0D218
04D0D218
04AC7BD8
Check if the selected language is allowed
0239C2B8
0239CBD0
0239DC20
023F4578
0239DC20
00FABFA8
00FAC8E8
00FB2630
010045F8
00FB2630
00EA7970
00FABFA8
00FAC8E8
00FB2630
010045F8
00FB2630
00EA7970
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFB0
00FAC8F0
00FB5CA0
010047B8
00FB5CA0
00EA7978
0A39FC48
0A3A0358
08E9D210
0A420770
08E9D210
0A36FC50
0A370360
0A372FC8
0A3F0940
0A372FC8
0A37FBB8
0A3802C8
08E9D188
0A3D4FF0
08E9D188
003C59E8
003C5CF8
003C5CF8
003C5C50
012BBF10
012BC850
012C25A0
01314990
012C25A0
011178D8
003C5350
011178D8
08D1CE68
0954FFC0
095504E8
095A4AD0
095504E8
09DEFBB8
09DF02C8
08E9D188
09E44FF0
08E9D188
023ECE68
0953FFC0
095404E8
09594AD0
095404E8
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
0348C2D8
0348CBF0
0348D118
034E47A8
0348D118
0351C2D8
0351CBF0
0351D118
035747A8
0351D118
02D3C2D8
02D3CBF0
02D3D118
02D947A8
02D3D118
00FABFC0
00FABFC0
00FAC900
00FAC900
00FB5CB0
01004828
00FB5CB0
00FB5CB0
01004828
00FB5CB0
00EA7980
00EA7980
003C5A00
003C5D10
003C5A00
003C5D10
003C5C68
003C5D10
003C5D10
003C5C68
012BBF20
012BC860
012C25A8
01314670
012C25A8
011178E0
003C5368
05A4CCB8
05EAFE28
05EB1DC0
05F305A8
05EB1DC0
05D7CCB8
05E7FE28
05E81DC0
05F005A8
05E81DC0
033AC2D8
033ACBF0
033AD118
034047A8
033AD118
0252CDB8
03B2FF18
0252DEC0
03BB02A0
0252DEC0
0344C2D8
0344CBF0
0344D118
034A47A8
0344D118
034CC2D8
034CCBF0
034CD118
035247A8
034CD118
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
01C44308
01C44C20
01C46A10
01CC87E0
01C46A10
01C46A10
01C4DAB8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBEF0
04ACC850
04D155D8
04D54550
04D155D8
04D155D8
04D11718
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBEF0
04ACC850
04D155D8
04D54550
04D155D8
04D155D8
04D11718
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ABBF78
04ABC8D8
04D115F0
04D548B8
04D115F0
04D115F0
04D08858
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBEC8
04ACC830
04D18990
04D54578
04D18990
04D18990
04D11648
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAD0
014A7E28
003FD610
014FCB80
003FD610
Check if the selected language is allowed
01537650
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACC038
04ACC998
04D0A948
04D54630
04D0A948
04D0A948
04AC7B60
Check if the selected language is allowed
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACC038
04ACC998
04D0A948
04D54630
04D0A948
04D0A948
04AC7B60
Check if the selected language is allowed
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
04ACC998
033EC2B8
033ECBD0
033ED990
03444AC8
033ED990
05A5CD98
05ECFEF8
05A5DEC0
05F50300
05A5DEC0
0324CCA0
0324CFE8
033531E8
033A4B48
033531E8
05A5CD00
05E8FE58
05E900D0
05EE48F0
05E900D0
05A4CD00
05ECFE58
05ED00D0
05F248F0
05ED00D0
003C5A80
003C5D90
003C5D90
003C5CE8
012BBF60
012BC8A0
012C25E8
01314908
012C25E8
01117928
003C53E8
01117928
00FAC020
00FAC950
00FB2870
01004B50
00FB2870
00EA79D8
003C5A70
003C5D80
003C5D80
003C5CD8
012BBF60
012BC8A0
012C25E8
01314908
012C25E8
01117928
003C53D8
01117928
00FABFB0
00FAC8F0
00FB5CA0
010047B8
00FB5CA0
00EA7978
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFB0
00FAC8F0
00FB5CA0
010047B8
00FB5CA0
00EA7978
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAD0
014A7E28
003FD610
014FCB80
003FD610
Check if the selected language is allowed
01537650
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
016FBFF0
016FC930
01607AC8
01754DE0
01607AC8
01703248
Check if the selected language is allowed
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7988
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFE8
00FAC928
00FB5CD8
01004880
00FB5CD8
00EA79B0
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
05E8C470
05E8CD88
05E930E0
05F105A8
05E930E0
0350C2B8
0350CBD0
0350DC20
03564578
0350DC20
034504C8
03450DE0
027E49D0
034A4A60
027E49D0
0346C2B8
0346CBD0
0346DC20
034C4578
0346DC20
034DC2B8
034DCBD0
034DDC20
03534578
034DDC20
05F0C360
05F0CC78
05F120A8
05F64830
05F120A8
02EFC2B8
02EFCBD0
02EFDC20
02F54578
02EFDC20
05A9CD00
05EDFE58
05EE00D0
05F348F0
05EE00D0
0351C2B8
0351CBD0
0351DC20
03574578
0351DC20
05A9CD00
05F0FE58
05F100D0
05F648F0
05F100D0
05DCCD18
05ECFE78
05DCFE20
05F50830
05DCFE20
05DFCD18
05F3FE78
05DFFE20
05FC05F8
05DFFE20
0368C2D8
0368CBF0
0368D118
036E47A8
0368D118
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
Retrieve the wished language list for this application from NeroNLS and try all the languages
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
Trying ENG
bOK=true
bOK=true
Setting this language succeeded
Setting this language succeeded
bOK=true
bOK=true
04ACC058
04ACBF30
04ACC9B8
04ACC890
04D18558
04D547F8
04D0A980
04D54578
04D18558
04D0A980
04D18558
04D08340
Check if the selected language is allowed
04D0A980
04AC7B90
Check if the selected language is allowed
04ACC890
04ACC890
04ACC890
04ACC890
05ACCD18
05EBFE78
05ACFE20
05F40550
05ACFE20
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
0A57FD00
0A580410
08EED440
0A5D4D78
08EED440
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5A18
003C5D28
003C5D28
003C5C80
012BBF38
0111FFE8
012C25B8
01314880
012C25B8
011178F8
003C5380
011178F8
011178F8
011178F8
0A55FD08
0A560418
08F0D440
0A5B4D30
08F0D440
09E3FBD8
09E402E8
09E43688
09E94C18
09E43688
05ABCD18
05EEFE78
05ABFE20
05F70550
05ABFE20
003C5A88
003C5D98
003C5D98
003C5CF0
012BBF60
012BC890
012C5B00
01314788
012C5B00
01117940
003C53F0
01117940
01117940
003C5A00
003C5D10
003C5D10
003C5C68
012BBF20
012BC860
012C25A8
01314670
012C25A8
011178E0
003C5368
0367C2D8
0367CBF0
0367D118
036D47A8
0367D118
00FAC070
00FAC9B0
00FB28C8
010048D8
00FB28C8
00EA7A30
05AACD18
05EDFE78
05AAFE20
05F60550
05AAFE20
0359C370
0359CC88
035A1DB0
035F4D00
035A1DB0
034DCD18
05FEFE78
05FF3478
06070458
05FF3478
054CCDB8
0560FF18
054CDEC0
056902A0
054CDEC0
003C59F8
003C5D08
003C5D08
003C5C60
012BBF10
012BC850
012C25A0
01314990
012C25A0
011178D8
003C5360
011178D8
034CC2D8
034CCBF0
034CD118
035247A8
034CD118
003C5AA8
003C5DB8
003C5DB8
003C5D10
012BBF78
0111FFE8
012C5AE0
01314748
012C5AE0
01117938
003C5410
01117938
05AACD18
05EDFE78
05EE07A8
05F60310
05EE07A8
00FAC008
00FAC948
00FB2860
01004D38
00FB2860
00EA79C8
00FAC008
00FAC948
00FB2860
01004D38
00FB2860
00EA79C8
00FDC020
00FDC950
00FE2870
01034B50
00FE2870
00ED79D8
00FAC008
00FAC948
00FB2860
01004D38
00FB2860
00EA79C8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016DE610
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
016FC008
016FC948
01607AF0
01780520
01607AF0
01706438
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016DE610
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ABC0A0
04ABCA00
04D11A08
04D54528
04D11A08
04D11A08
04D08910
Check if the selected language is allowed
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
0365C2B8
0365CC68
0365D190
036B36E0
0365D190
003C59A0
003C5CB0
003C5CB0
003C5C08
012BBED0
012BC810
012C2560
01314AC8
012C2560
01117898
003C5308
01117898
0362C2B8
0362CBD0
0362DC20
03684578
0362DC20
0375C2B8
0375CBD0
0375DC20
037B4578
0375DC20
05AACCF8
05EDFE58
05EE00D0
05F34988
05EE00D0
00FABFF0
00FAC930
00FB1E50
01004700
00FB1E50
00EA79B8
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5A78
003C5D88
003C5D88
003C5CE0
012BBF60
012BC890
012C5B00
01314788
012C5B00
01117918
003C5378
01117918
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
01C44308
01C44C20
01C46A10
01CC87E0
01C46A10
01C46A10
01C4DAB8
003C5AA0
003C5DB0
003C5DB0
003C5D08
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C5408
01117930
003C5AA0
003C5DB0
003C5DB0
003C5D08
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C5408
01117930
00FABFC0
00FAC900
00FB5CB0
01004828
00FB5CB0
00EA7980
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5A88
003C5D98
003C5D98
003C5CF0
012BBF60
012BC8A0
012C25E8
01314908
012C25E8
01117920
003C53F0
01117920
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
01C44308
01C44C20
01C46A10
01CC87E0
01C46A10
01C46A10
01C4DAB8
003C5A70
003C5D80
003C5D80
003C5CD8
012BBF60
012BC890
012C5B00
01314788
012C5B00
01117918
003C53D8
01117918
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
01C44308
01C44C20
01C46A10
01CC87E0
01C46A10
01C46A10
01C4DAB8
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBE50
04ACC7B0
04D18B48
04D54608
04D18B48
04D18B48
04D115C8
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBE58
04ACC7B8
04D19000
04D54848
04D19000
04D19000
04D11640
Check if the selected language is allowed
003C5A90
003C5DA0
003C5DA0
003C5CF8
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C53F8
01117930
003C5A90
003C5DA0
003C5DA0
003C5CF8
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C53F8
01117930
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAC0
014A7E18
003FD610
014FCD78
003FD610
Check if the selected language is allowed
016E6D00
01C442E8
01C44C00
01C46600
01C9CD88
01C46600
01C46600
01C4E468
00FABFA8
00FAC8E8
00FB2630
010045F8
00FB2630
00EA7970
00FABFA8
00FAC8E8
00FB2630
010045F8
00FB2630
00EA7970
003C5AB0
003C5DC0
003C5DC0
003C5D18
012BBF78
0111FFE8
012C5AE0
01314748
012C5AE0
01117938
003C5418
01117938
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCB80
014A7EE0
003FC888
014FD110
003FC888
Check if the selected language is allowed
016E6D60
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5AB0
003C5DC0
003C5DC0
003C5D18
012BBF60
012BC8A0
012C25E8
01314908
012C25E8
01117920
003C5418
01117920
003C5A00
003C5D10
003C5D10
003C5C68
012BBF20
012BC860
012C25A8
01314670
012C25A8
011178E0
003C5368
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC918
00FB2830
01004730
00FB2830
00EA7998
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5A68
003C5D78
003C5D78
003C5CD0
012BBF60
012BC890
012C5B00
01314788
012C5B00
01117918
003C53D0
01117918
003C5A88
003C5D98
003C5D98
003C5CF0
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C53F0
01117930
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
003C5A18
003C5D28
003C5D28
003C5C80
012BBF38
0111FFE8
012C25B8
01314880
012C25B8
011178F8
003C5380
011178F8
00FABFD8
00FAC908
00FAF490
01004D58
00FAF490
00EA7990
00FAC008
00FAC948
00FB2860
01004D38
00FB2860
00EA79E0
003C5A88
003C5D98
003C5D98
003C5CF0
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C53F0
01117930
003C5A98
003C5DA8
003C5DA8
003C5D00
012BBF78
012BC8A8
012C5AD8
013145E0
012C5AD8
01117930
003C5400
01117930
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAC0
014A7E18
003FD610
014FCD78
003FD610
Check if the selected language is allowed
016E6D00
01C442E8
01C44C00
01C46600
01C9CD88
01C46600
01C46600
01C4E468
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=false
Setting this language failed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
00A65BC0
00A65EE0
003C5A78
00A80FD0
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
01745570
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
014ACEE8
Check if the selected language is allowed
01746488
0174E448
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C53C0
012BC8B8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
0174E448
0174E448
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBED0
04ACC858
04D0CC80
04D545C8
04D0CC80
04ACD310
04E35708
Check if the selected language is allowed
00FABFB8
00FAC920
00FAF390
01004A48
00FAF390
00FAEFA8
00FABFB8
00FAC920
00FAF390
01004A48
00FAF390
00FAEFA8
00FAC078
00FAC9E0
00FAF158
01004C50
00FAF158
00FAEFD8
00FAC078
00FAC9E0
00FAF158
01004C50
00FAF158
00FAEFD8
003C5A30
003C5D40
003C5D40
003C5C98
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5398
012BC8B8
003C5A40
003C5D50
003C5D50
003C5CA8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53A8
012BC8C8
003C5A40
003C5D50
003C5D50
003C5CA8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53A8
012BC8C8
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A10
003C5D20
003C5D20
003C5C78
012BBF38
012BC890
012C70B0
01314758
012C70B0
012BEE88
003C5378
012BC890
003C5A10
003C5D20
003C5D20
003C5C78
012BBF38
012BC890
012C70B0
01314758
012C70B0
012BEE88
003C5378
012BC890
003C5A30
003C5D40
003C5D40
003C5C98
012BBF38
012BC8A0
012BEDA8
013145E0
012BEDA8
012C5DC0
003C5398
012BC8A0
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF78
0111FFE8
012BED38
01314BA8
012BED38
012C5AF0
003C53B8
0111FFE8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
0174E448
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
003C5A48
003C5D58
003C5D58
003C5CB0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B0
012BC8C8
003C5A38
003C5D48
003C5D48
003C5CA0
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C53A0
012BC8B8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A38
003C5D48
003C5D48
003C5CA0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53A0
012BC8C8
003C5A08
003C5D18
003C5D18
003C5C70
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5370
012BC8A8
003C5A18
003C5D28
003C5D28
003C5C80
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5380
012BC8A8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
003C5A18
003C5D28
003C5D28
003C5C80
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5380
012BC8A8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5AD0
003C5DE0
003C5DE0
003C5D38
012BBFA0
012BC908
012BED90
013149C0
012BED90
012C5CC8
003C5438
012BC908
003C5A78
003C5D88
003C5D88
003C5CE0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C5378
012BC8E0
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A48
003C5D58
003C5D58
003C5CB0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B0
012BC8C8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53C0
012BC8E0
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53C0
012BC8C8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A80
003C5D90
003C5D90
003C5CE8
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53E8
012BC8E0
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53C0
012BC8E0
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53C0
012BC8C8
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53C0
012BC8E0
003C5A48
003C5D58
003C5D58
003C5CB0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B0
012BC8C8
003C5A98
003C5DA8
003C5DA8
003C5D00
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C5400
0111FFE8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
003C5A98
003C5DA8
003C5DA8
003C5D00
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C5400
0111FFE8
003C5A28
003C5D38
003C5D38
003C5C90
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C5390
012BC8B8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
003C5A08
003C5D18
003C5D18
003C5C70
012BBF38
012BC8A0
012BEDA8
013145E0
012BEDA8
012C5DC0
003C5370
012BC8A0
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
003C5A18
003C5D28
003C5D28
003C5C80
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5380
012BC8A8
003C5A08
003C5D18
003C5D18
003C5C70
012BBF38
012BC8A0
012BEDA8
013145E0
012BEDA8
012C5DC0
003C5370
012BC8A0
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53C0
012BC8E0
003C59E8
003C5CF8
003C5CF8
003C5C50
012BBF38
012BC8A0
012BEDA8
013145E0
012BEDA8
012C5DC0
003C5350
012BC8A0
00FABFB8
00FAC910
00FAED98
01030380
00FAED98
00FBAF98
003C59A0
003C5CB0
003C5CB0
003C5C08
012BBF20
012BC878
012C7098
013147D8
012C7098
012BEE70
003C5308
012BC878
0108CA38
01817DC0
0108E6C8
018988F8
0108E6C8
003C5AB0
003C5DC0
003C5DC0
003C5D18
012BBF90
012BC8F8
012BED80
01340730
012BED80
012C5E68
003C5418
012BC8F8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A78
003C5D88
003C5D88
003C5CE0
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C5378
012BC8E0
003C5AF8
003C5E08
003C5E08
003C5D60
012BBFB8
012BC920
012BF390
01314A48
012BF390
012BEFA8
003C5460
012BC920
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBF20
04ACC8A8
04D14BF8
04D54A08
04D14BF8
04D11638
04E35988
Check if the selected language is allowed
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
003C5A50
003C5D60
003C5D60
003C5CB8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B8
012BC8C8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A00
003C5D10
003C5D10
003C5C68
012BBF38
012BC8A0
012BEDA8
013145E0
012BEDA8
012C5DC0
003C5368
003C5AA0
003C5DB0
003C5DB0
003C5D08
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C5408
0111FFE8
003C5A68
003C5D78
003C5D78
003C5CD0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53D0
012BC8C8
003C5A68
003C5D78
003C5D78
003C5CD0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53D0
012BC8C8
003C5AC8
003C5DD8
003C5DD8
003C5D30
012BBFA0
012BC908
012BED90
013149C0
012BED90
012C5CC8
003C5430
012BC908
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
01745570
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
01745570
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
003C5A58
003C5D68
003C5D68
003C5CC0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53C0
012BC8C8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A98
003C5DA8
003C5DA8
003C5D00
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C5400
012BC8E0
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FAC060
00FAC9C8
00FAEE50
01004638
00FAEE50
00FB5D88
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
003C5AB8
003C5DC8
003C5DC8
003C5D20
012BBFA0
012BC908
012BED90
013149C0
012BED90
012C5CC8
003C5420
012BC908
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
0174E448
003C5AA8
003C5DB8
003C5DB8
003C5D10
012BBF90
012BC8E8
012BF2F0
013147A0
012BF2F0
012BEEE0
003C5410
012BC8E8
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
003C5A60
003C5D70
003C5D70
003C5CC8
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C53C8
012BC8B8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCAF8
014A7E80
014ACEE8
01528930
014ACEE8
Check if the selected language is allowed
0174E448
01C44320
01C44C60
01C451D8
01CC8550
01C451D8
01C451D8
01C44C60
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FDC008
00FDC970
00FDEDF8
0105FF80
00FDEDF8
00FE5D30
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
003C5AB8
003C5DC8
003C5DC8
003C5D20
012BBFA0
012BC908
012BED90
013149C0
012BED90
012C5CC8
003C5420
012BC908
003C5A40
003C5D50
003C5D50
003C5CA8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53A8
012BC8C8
003C5A38
003C5D48
003C5D48
003C5CA0
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C53A0
012BC8B8
003C5A38
003C5D48
003C5D48
003C5CA0
012BC8B8
003C5A48
003C5D58
003C5D58
003C5CB0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B0
012BC8C8
003C5A70
003C5D80
003C5D80
003C5CD8
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53D8
012BC8E0
003C5AA0
003C5DB0
003C5DB0
003C5D08
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C5408
0111FFE8
003C5AC8
003C5DD8
003C5DD8
003C5D30
012BBFA0
012BC908
012BED90
013149C0
012BED90
012C5CC8
003C5430
012BC908
003C5A48
003C5D58
003C5D58
003C5CB0
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53B0
012BC8C8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FAC068
00FAC9D0
00FAEE58
01004740
00FAEE58
00FB5DA0
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBEE0
04ACC868
04D0CC80
04D545C8
04D0CC80
04ACD320
04E35708
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
011CC020
011CC988
011CE040
01224CA8
011CE040
011D2538
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBFF8
04ACC980
04D118F0
04D54790
04D118F0
04D0EFE8
04E34770
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBF80
04ACC908
04D0EFB8
04D547C0
04D0EFB8
04D00318
04D8C8B8
Check if the selected language is allowed
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ABBFF8
04ABC980
04D118F0
04D54790
04D118F0
04D0EFE8
04E34770
Check if the selected language is allowed
003C5A08
003C5D18
003C5D18
003C5C70
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5370
012BC8A8
003C59D8
003C5CE8
003C5CE8
003C5C40
012BBF20
012BC888
012C70A8
01314C90
012C70A8
012BEE80
003C5340
012BC888
00FABFC8
00FAC930
00FAEDB8
0102FE80
00FAEDB8
00FB5CF0
00FABFC8
00FAC930
00FAEDB8
0102FE80
00FAEDB8
00FB5CF0
00FABFC8
00FAC930
00FAEDB8
0102FE80
00FAEDB8
00FB5CF0
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
01745570
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A38
003C5D48
003C5D48
003C5CA0
012BBF50
012BC8B8
012C70D8
01340338
012C70D8
012BEEB0
003C53A0
012BC8B8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
003FCBB8
014A7F38
014A9BB0
015287E0
014A9BB0
Check if the selected language is allowed
0174D530
01C44340
01C44C80
01C473C8
01CC87C0
01C473C8
01C473C8
01C44C80
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
00FAC008
00FAC970
00FAEDF8
0102FF80
00FAEDF8
00FB5D30
003C5A70
003C5D80
003C5D80
003C5CD8
012BBF60
012BC8C8
012BED50
01314C70
012BED50
012CAFA8
003C53D8
012BC8C8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
003C5A10
003C5D20
003C5D20
003C5C78
012BBF50
012BC8A8
012BEEA0
013149F0
012BEEA0
012BF3E8
003C5378
012BC8A8
012BC8A8
003C5A98
003C5DA8
003C5DA8
003C5D00
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C5400
0111FFE8
003C5A60
003C5D70
003C5D70
003C5CC8
012BBF78
012BC8E0
012BEED8
01314AC8
012BEED8
012BE0A8
003C53C8
012BC8E0
00FABFF0
00FAC958
00FAD090
01004A80
00FAD090
00FAEF50
00FABFD8
00FAC940
00FAEF38
010046D8
00FAEF38
00FAF480
003C5A90
003C5DA0
003C5DA0
003C5CF8
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C53F8
0111FFE8
003C5A90
003C5DA0
003C5DA0
003C5CF8
012BBFB8
0111FFE8
012C7350
01340300
012C7350
012BEEE8
003C53F8
0111FFE8
Retrieve the wished language list for this application from NeroNLS and try all the languages
Trying ENG
bOK=true
Setting this language succeeded
bOK=true
04ACBEF0
04ACC878
04ACC830
04D54B10
04ACC830
04D0CFC0
04E35E58
Check if the selected language is allowed
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFC0
00FBC928
00FBEDB0
01014930
00FBEDB0
00FCAFB0
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
00FBBFC8
00FBC930
00FBEDB8
0103FE80
00FBEDB8
00FC5CF0
00FBBFC8
00FBC930
00FBEDB8
0103FE80
00FBEDB8
00FC5CF0
00FBBFC8
00FBC930
00FBEDB8
0103FE80
00FBEDB8
00FC5CF0
00FBBFC8
00FBC930
00FBEDB8
0103FE80
00FBEDB8
00FC5CF0
00FBBFC8
00FBC930
00FBEDB8
0103FE80
00FBEDB8
00FC5CF0
00FBBFF0
00FBC948
00FBD080
01014888
00FBD080
00FBEF40
00FBBFF0
00FBC948
00FBD080
01014888
00FBD080
00FBEF40
00FBBFD8
00FBC940
00FBEF38
010146D8
00FBEF38
00FBF480
003C5A08
003C5D18
003C5D18
003C5C70
012CBF20
012CC888
012D70A8
01324C90
012D70A8
012CEE80
003C5370
012CC888
003C5A00
003C5D10
003C5D10
003C5C68
012CBF20
012CC888
012D70A8
01324C90
012D70A8
012CEE80
003C5368
012CC888
00FBBFD8
00FBC940
00FBEF38
010146D8
00FBEF38
00FBF480
00FBBFD8
00FBC940
00FBEF38
010146D8
00FBEF38
00FBF480
00FBBFD8
00FBC940
00FBEF38
010146D8
00FBEF38
00FBF480
00FBBFD8
00FBC940
00FBEF38
010146D8
00FBEF38
00FBF480
003C5A48
003C5D58
003C5D58
003C5CB0
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53B0
012CC8A8
003C5A48
003C5D58
003C5D58
003C5CB0
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53B0
012CC8A8
003C5A50
003C5D60
003C5D60
003C5CB8
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53B8
0111FFE8
003C5AB8
003C5DC8
003C5DC8
003C5D20
012CBF90
012CC8E8
012CF2F0
013247A0
012CF2F0
012CEEE0
003C5420
012CC8E8
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A40
003C5D50
003C5D50
003C5CA8
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53A8
012CC8A8
003C5A30
003C5D40
003C5D40
003C5C98
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5398
012CC8A0
012CC8A0
003C5A50
003C5D60
003C5D60
003C5CB8
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53B8
0111FFE8
003C5A68
003C5D78
003C5D78
003C5CD0
012CBF60
012CC8C8
012CED50
01324C70
012CED50
012DAFA8
003C53D0
012CC8C8
003C5A18
003C5D28
003C5D28
003C5C80
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5380
012CC8A0
003C5A30
003C5D40
003C5D40
003C5C98
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5398
012CC8A0
003C5A30
003C5D40
003C5D40
003C5C98
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5398
012CC8A0
003C5AB0
003C5DC0
003C5DC0
003C5D18
012CBF90
012CC8E8
012CF2F0
013247A0
012CF2F0
012CEEE0
003C5418
012CC8E8
003C5A88
003C5D98
003C5D98
003C5CF0
012CBF60
012CC8C8
012CED50
01324C70
012CED50
012DAFA8
003C53F0
012CC8C8
003C5A88
003C5D98
003C5D98
003C5CF0
012CBF78
012CC8D0
012D70F8
013504B0
012D70F8
012CEEC8
003C53F0
012CC8D0
003C5A40
003C5D50
003C5D50
003C5CA8
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53A8
012CC8A8
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A18
003C5D28
003C5D28
003C5C80
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5380
012CC8A0
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A40
003C5D50
003C5D50
003C5CA8
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53A8
012CC8A8
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A50
003C5D60
003C5D60
003C5CB8
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53B8
0111FFE8
003C5A38
003C5D48
003C5D48
003C5CA0
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C53A0
012CC8A0
003C5AB8
003C5DC8
003C5DC8
003C5D20
012CBF90
012CC8E8
012CF2F0
013247A0
012CF2F0
012CEEE0
003C5420
012CC8E8
003C5AF8
003C5E08
003C5E08
003C5D60
012CBFA0
012CC908
012CED90
013249C0
012CED90
012D5CC8
003C5460
012CC908
003C5A38
003C5D48
003C5D48
003C5CA0
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C53A0
012CC8A0
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A08
003C5D18
003C5D18
003C5C70
012CBF38
012CC890
012D70B0
01324758
012D70B0
012CEE88
003C5370
012CC890
003C5A30
003C5D40
003C5D40
003C5C98
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5398
012CC8A0
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A88
003C5D98
003C5D98
003C5CF0
012CBF60
012CC8C8
012CED50
01324C70
012CED50
012DAFA8
003C53F0
012CC8C8
003C5A88
003C5D98
003C5D98
003C5CF0
012CBF60
012CC8C8
012CED50
01324C70
012CED50
012DAFA8
003C53F0
012CC8C8
003C5A60
003C5D70
003C5D70
003C5CC8
012CBF50
012CC8B8
012D70D8
01350338
012D70D8
012CEEB0
003C53C8
012CC8B8
003C5A30
003C5D40
003C5D40
003C5C98
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5398
012CC8A0
003C5A40
003C5D50
003C5D50
003C5CA8
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53A8
012CC8A8
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
003C5A50
003C5D60
003C5D60
003C5CB8
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53B8
0111FFE8
003C5A08
003C5D18
003C5D18
003C5C70
012CBF20
012CC888
012D70A8
01324C90
012D70A8
012CEE80
003C5370
012CC888
003C5A28
003C5D38
003C5D38
003C5C90
012CBF38
012CC8A0
012CEDA8
013245E0
012CEDA8
012D5DC0
003C5390
012CC8A0
00FBBFB8
00FBC920
00FBF390
01014A48
00FBF390
00FBEFA8
003C5A50
003C5D60
003C5D60
003C5CB8
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53B8
0111FFE8
003C5A40
003C5D50
003C5D50
003C5CA8
012CBF50
012CC8A8
012CEEA0
013249F0
012CEEA0
012CF3E8
003C53A8
012CC8A8
003C5B10
003C5E20
003C5E20
003C5D78
012CBFB8
012CC920
012CF390
01324A48
012CF390
012CEFA8
003C5478
012CC920
003C5A98
003C5DA8
003C5DA8
003C5D00
012CBF78
012CC8D0
012D70F8
013504B0
012D70F8
012CEEC8
003C5400
012CC8D0
003C5B20
003C5E30
003C5E30
003C5D88
012CBFB8
012CC920
012CF390
01324A48
012CF390
012CEFA8
003C5488
012CC920
003C5B10
003C5E20
003C5E20
003C5D78
012CBFB8
012CC920
012CF390
01324A48
012CF390
012CEFA8
003C5478
012CC920
003C5A58
003C5D68
003C5D68
003C5CC0
012CBF78
0111FFE8
012CED38
01324BA8
012CED38
012D5AF0
003C53C0
0111FFE8
003C5A00
003C5D10
003C5D10
003C5C68
012CBF20
012CC888
012D
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

aVG LOG

Unread postby deemon » August 5th, 2007, 1:10 pm

"General properties",""
"Report name","Complete Test"
"Start time","03/08/2007 12:59:33"
"End time","03/08/2007 13:40:19 (total: 40:46.4 Min)"
"Launch method","Scanning launched by scheduler"
"Scanning result","Threats found"
"Report status","Scanning completed successfully"
" ",""
"Object summary",""
"Scanned","83195"
"Threats Found","1"
"Cleaned","0"
"Moved to vault","0"
"Deleted","0"
"Errors","0"
"C:\WINDOWS\system32\kernel32.dll","Change","Changed"
"C:\WINDOWS\system32\user32.dll","Change","Changed"
"C:\WINDOWS\system32\ntoskrnl.exe","Change","Changed"
"C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\yarkfkho.default\Cache\5ECF3040d01:\TrojanHunter 4.7 Build 932\TrojanHunterSetup.exe","Trojan horse Dropper.Agent.EFR","Infected, Embedded object, Deleted"
"C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\yarkfkho.default\Cache\5ECF3040d01","Trojan horse Dropper.Agent.EFR","Infected, Archive"
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

NEW HIJACK THIS LOG FILE

Unread postby deemon » August 5th, 2007, 1:10 pm

Logfile of HijackThis v1.99.1
Scan saved at 18:01:02, on 05/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Grisoft\AVG Free\avgcc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Paddy Power Poker - {40B2063F-DB01-4962-BE63-59435C01283C} - C:\PROGRA~1\PADDYP~1\client.exe
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Program Files\bet365MPP\MPPoker.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5CD4310E-88FB-43C1-BE24-5F3FA9C5C9D1} (KooPlayer Control) - http://www.tvkoo.com/update/KooPlayer.ocx
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

Unread postby Elrond » August 5th, 2007, 2:06 pm

These are the important lines out of all that data.
"C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\yarkfkho.default\Cache\5ECF3040d01:\TrojanHunter 4.7 Build 932\TrojanHunterSetup.exe","Trojan horse Dropper.Agent.EFR","Infected, Embedded object, Deleted"
"C:\Documents and Settings\Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\yarkfkho.default\Cache\5ECF3040d01","Trojan horse Dropper.Agent.EFR","Infected, Archive"


It shows that AVG did stopped the Trojan Horse. Puh. That is always nice when you do not need to start hunting for it.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

trojan

Unread postby deemon » August 5th, 2007, 2:25 pm

thx for helping and yeah avg found it but i cant seem to be able to get rid of the file i tried deleting it and still says access denied and im getting loads of junk mail too. what do we do next.
cheers.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

Unread postby Elrond » August 5th, 2007, 2:56 pm

Post the Combofix log please.
User avatar
Elrond
Admin/Teacher Emeritus
 
Posts: 8818
Joined: February 17th, 2005, 9:14 pm
Location: Jerusalem

combo fix

Unread postby deemon » August 5th, 2007, 2:58 pm

was that not it on the first post i dun earlier.
ill post again
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

combofix

Unread postby deemon » August 5th, 2007, 3:11 pm

when i dun it earlier it said it was saved to temp folder but i cant tell which 1 it is. could you plz tell me what it will say on log in temp folders.
cheers.
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm

think this is the combofix log

Unread postby deemon » August 5th, 2007, 3:20 pm

ComboFix 07-08-04.3 - "Administrator" 2007-08-05 17:48:11.1 [GMT 1:00] - NTFS
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.True
* Created a new restore point


((((((((((((((((((((((((( Files Created from 2007-07-05 to 2007-08-05 )))))))))))))))))))))))))))))))


2007-08-05 17:06 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-02 23:57 <DIR> d-------- C:\Program Files\TrojanHunter 4.6
2007-08-02 22:50 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-08-02 22:50 <DIR> d-------- C:\DOCUME~1\ADMINI~1\.housecall6.6
2007-08-01 21:11 <DIR> d-------- C:\Program Files\SAGEM
2007-07-29 15:55 <DIR> d-------- C:\Program Files\Adobe(2)
2007-07-26 20:14 643,072 --a------ C:\DOCUME~1\LOCALS~1\ntuser.dat
2007-07-26 20:14 6,029,312 --a------ C:\DOCUME~1\ADMINI~1\ntuser.dat
2007-07-25 16:48 94,000 --a------ C:\WINDOWS\system32\drivers\ssm_mdm.sys
2007-07-25 16:48 8,336 --a------ C:\WINDOWS\system32\drivers\ssm_mdfl.sys
2007-07-25 16:48 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cmnt.sys
2007-07-25 16:48 6,176 --a------ C:\WINDOWS\system32\drivers\ssm_cm.sys
2007-07-25 16:48 58,320 --a------ C:\WINDOWS\system32\drivers\ssm_bus.sys
2007-07-25 16:48 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_whnt.sys
2007-07-25 16:48 5,840 --a------ C:\WINDOWS\system32\drivers\ssm_wh.sys
2007-07-18 18:37 774,144 --a------ C:\Program Files\RngInterstitial.dll
2007-07-18 18:37 <DIR> d-------- C:\Program Files\Common Files\Real
2007-07-09 20:07 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-07-09 20:07 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-02 21:54 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\uTorrent
2007-07-29 17:12 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Vso
2007-07-25 16:56 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-25 16:48 --------- d-------- C:\Program Files\Samsung
2007-07-24 17:39 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Samsung
2007-07-20 14:23 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Temporary
2007-07-17 00:46 3085 --a------ C:\WINDOWS\mozver.dat
2007-07-14 01:00 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-07-12 23:27 --------- d-------- C:\Program Files\TuneUp Utilities 2007
2007-07-01 03:08 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\LimeWire
2007-06-30 19:03 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Microgaming
2007-06-28 20:38 --------- d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
2007-06-22 18:47 --------- d-------- C:\Program Files\Yahoo!
2007-06-15 21:12 --------- d-------- C:\Program Files\Joost
2007-06-08 16:07 --------- d-------- C:\Program Files\PotUK Radio
2007-06-05 20:47 --------- d--h----- C:\Program Files\WindowsUpdate
2007-05-16 16:32 86528 --a--c--- C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 16:32 85504 --a--c--- C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 16:32 683520 --a--c--- C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 16:32 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 16:32 510976 --a--c--- C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 16:32 1314816 --a--c--- C:\WINDOWS\system32\dllcache\msoe.dll
2007-05-16 09:42 972336 --a------ C:\WINDOWS\UNNeroMediaHome.exe
2007-05-15 09:45 972336 --a------ C:\WINDOWS\UNNeroVision.exe
2007-05-08 10:24 3583488 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-04-06 20:00 87608 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\ezpinst.exe
2007-04-06 20:00 47360 --a------ C:\DOCUME~1\ADMINI~1\APPLIC~1\pcouffin.sys
2006-11-20 13:38:22 8 --sh--r C:\WINDOWS\system32\3D81D020C5.sys
2006-11-20 13:38:22 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe" [2007-04-21 17:09]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-12-15 12:18]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 00:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:54]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:56]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-01-26 23:56]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 09:27]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-08-04 01:06]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe [2006-10-23 01:48:20]
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe [2006-10-23 00:01:50]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" /background
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
"GhostStartTrayApp"=C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe
"Zone Labs Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
"VTTimer"=VTTimer.exe
"VTTrayp"=VTtrayp.exe
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

R0 gagp30kx;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms;C:\WINDOWS\system32\DRIVERS\gagp30kx.sys
R0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys
R1 GhPciScan;GhostPciScanner;\??\C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys
R1 StarOpen;StarOpen;C:\WINDOWS\system32\drivers\StarOpen.sys
R2 DLPortIO;DriverLINX Port I/O Driver;\??\C:\WINDOWS\system32\DRIVERS\DLPortIO.SYS
R2 MASPINT;MASPINT;C:\WINDOWS\system32\drivers\MASPINT.sys
R2 UxTuneUp;TuneUp Theme Extension;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 Pcouffin;VSO Software pcouffin;C:\WINDOWS\system32\Drivers\Pcouffin.sys
R3 viagfx;viagfx;C:\WINDOWS\system32\DRIVERS\vtmini.sys
S3 cmuda;C-Media WDM Audio Interface;C:\WINDOWS\system32\drivers\cmuda.sys
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\fetnd5.sys
S3 irsir;Microsoft Serial Infrared Driver;C:\WINDOWS\system32\DRIVERS\irsir.sys
S3 ms_mpu401;Microsoft MPU-401 MIDI UART Driver;C:\WINDOWS\system32\drivers\msmpu401.sys
S3 smserial;smserial;C:\WINDOWS\system32\DRIVERS\smserial.sys
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ssm_bus.sys
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ssm_mdfl.sys
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ssm_mdm.sys
S3 usbbus;LGE Mobile Composite USB Device;C:\WINDOWS\system32\DRIVERS\lgusbbus.sys
S3 UsbDiag;LGE Mobile USB Serial Port;C:\WINDOWS\system32\DRIVERS\lgusbdiag.sys
S3 USBModem;LGE Mobile USB Modem;C:\WINDOWS\system32\DRIVERS\lgusbmodem.sys

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp


Contents of the 'Scheduled Tasks' folder
2007-08-03 16:16:00 C:\WINDOWS\Tasks\1-Click Maintenance.job - C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
2007-08-05 16:32:01 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-05 17:50:14
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000108

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-05 17:51:13

--- E O F ---
deemon
Regular Member
 
Posts: 79
Joined: August 1st, 2007, 3:17 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 294 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware