Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

trojan vundo virus ?

pimvandenderen
15 antwoorden
  • Ik krijg de melding van norton dat er een trojan .vundo virus is gevonden. Ik krijg dit niet weg. Ik ben niet zo'n ervaren computer gebriker dus kan iemand Mij helpen mijn computer te verhelpen?

    BVD :)
  • als je norton eens gewoon het werk laat doen???
  • Dat heb ik al gedaan alleen deze kan het niet verwijderen.
  • Voer eerst Combofix uit:

    Download [b:92bbd2ed84]Combofix[/b:92bbd2ed84] naar je [b:92bbd2ed84]bureaublad[/b:92bbd2ed84]

    Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.

    OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:92bbd2ed84]download Combofix opnieuw[/b:92bbd2ed84]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!

    Dubbelklik op [u:92bbd2ed84]combofix.exe[/u:92bbd2ed84]
    Kies voor "Continue" door [b:92bbd2ed84]1[/b:92bbd2ed84] te typen gevolgd door [b:92bbd2ed84]ENTER[/b:92bbd2ed84].
    Tijdens het runnen van de fix, [b:92bbd2ed84]NIET[/b:92bbd2ed84] in het venster klikken, want dit zal je pc doen vasthangen.

    Wanneer de fix voltooid is en na herstart, zal de log [b:92bbd2ed84]combofix.txt[/b:92bbd2ed84] openen.
    [i:92bbd2ed84]Plaats in je volgende antwoord het logje van combofix (combofix.txt[/i:92bbd2ed84]) tesamen met een vers Hijackthis log.


    Maak daarna een hijackthis log:

    Download Hijackthis-setup naar je [u:92bbd2ed84]Bureaublad[/u:92bbd2ed84].

    Open HJTInstall en bepaal de locatie waar je Hijackthis wilt installeren.
    Druk vervolgens op Install, na enkele seconde zal Hijackthis automatisch openen.
    Kies nu voor [b:92bbd2ed84]'Do a system scan and save a logfile'[/b:92bbd2ed84].
    Er opent een kladblok bestand met een logfile. Selecteer deze tekst helemaal ([b:92bbd2ed84]ctrl-A[/b:92bbd2ed84]), kopieer ([b:92bbd2ed84]ctrl C[/b:92bbd2ed84]) en plak deze tekst in je volgende bericht.

    Succes! 8)

    Pim
  • (combofix.txt)
  • ComboFix 07-11-19.4C - Timon 2007-12-01 18:43:55.1 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.147 [GMT 1:00]
    Gestart vanuit: D:\Documenten en Settings\Timon.PC\Bureaublad\ComboFix.exe
    * Nieuw herstelpunt werd aangemaakt
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Common Files\Yazzle1848OinAdmin.exe
    C:\Program Files\Common Files\Yazzle1848OinUninstaller.exe
    C:\Program Files\winupdates
    C:\Program Files\winupdates\a.zip
    C:\WINDOWS\svchost.exe
    C:\WINDOWS\system32\ramcznre.dllbox
    C:\WINDOWS\system32\stutv.ini
    C:\WINDOWS\system32\stutv.ini2
    C:\WINDOWS\system32\vtuts.dll
    D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Live Safety Center.lnk
    D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Online Security Guide.lnk
    D:\Documenten en Settings\Gast\Application Data\Hotbar
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1056330.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1090458.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\10928.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1273962.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1299333.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1323497.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383594.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1384984.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1386158.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387310.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387315.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387505.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387529.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388781.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389316.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1393798.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1401202.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1405053.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1431003.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1448448.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1529053.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1835232.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\186852.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\198747.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2260086.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\232837.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\233021.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2344369.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2344409.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2477432.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2710602.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\302265.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\402149.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\494801.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\558189.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\720568.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\772405.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\823208.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\827705.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\838803.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\853756.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\973091.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\987556.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL1.dat
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat\320c.dat
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10536
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11213
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11446
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11997
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12030
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12435
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1288
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1337
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13492
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13493
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13494
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13546
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13549
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13617
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14083
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\141880
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\142308
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1424
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14272
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15040
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15541
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16087
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1611
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1612
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16173
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16210
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16884
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16998
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17025
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17189
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17195
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17656
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17987
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1810
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\18391
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\18991
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1916
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\193626
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19650
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20128
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\2021
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20304
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20478
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20514
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20570
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20935
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20980
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21864
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\223385
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22657
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22809
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23923
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\250476
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26335
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26479
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26994
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27003
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27087
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27414
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27515
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28383
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29115
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29216
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\293962
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29536
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29642
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\297534
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30001
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30455
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\317263
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32221
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33012
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33017
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3338
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34120
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34134
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35047
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35285
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35389
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35408
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\357827
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36598
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3677
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36834
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\372153
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\38399
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39245
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3986
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4142
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41590
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41641
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41952
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41980
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41999
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\42013
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\42034
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\43098
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\432053
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\43384
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44214
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44228
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44306
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4442
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44429
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45355
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45495
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45609
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\459338
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\46415
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49724
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50548
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50787
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50830
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\510377
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51192
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51374
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\517634
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51931
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52335
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\528235
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52957
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5358
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\53813
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54189
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5542
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5569
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\55725
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\56970
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57530
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57785
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57823
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\580754
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\58841
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\591994
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59231
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59234
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59283
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\595054
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59844
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59923
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6000
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60446
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60923
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61167
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61779
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\62019
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\62025
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\630950
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\631064
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\63930
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\642487
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64451
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\645682
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6539
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\655883
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\65863
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\663386
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\664683
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66855
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\668564
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\673444
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\67564
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68094
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\684104
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\688382
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68943
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6915
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\698252
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702564
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702599
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702607
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702610
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702664
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702665
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702670
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702683
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702686
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702688
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702689
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702691
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702694
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702695
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702696
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702697
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702713
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702714
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702715
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702728
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702730
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702732
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702733
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702743
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702748
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70330
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705060
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705133
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705142
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705144
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705145
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705146
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70608
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71383
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\72072
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\72123
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73528
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73722
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7515
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75828
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75832
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75833
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78592
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78600
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78788
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79977
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79989
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80026
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80319
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\8081
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81293
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82292
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82646
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83133
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83743
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85535
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85547
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86999
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87439
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87555
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87584
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87726
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87733
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87752
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\89075
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\89462
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90271
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90358
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90371
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\91333
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92056
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92886
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92893
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92930
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93110
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93899
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93911
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\94272
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95325
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95610
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95678
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95740
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95803
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95828
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97172
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97518
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97734
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9805
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\98493
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99140
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99586
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9991
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat\320c.dat
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_511745-514279.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-people.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords.idx
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords1.dat
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_511745-514279.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-people.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtone.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords.idx
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords1.dat
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
    D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_1.jpg
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_st.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_st.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]50104_bgm10a_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]50104_bgm10a_st.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05.swf
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_bg.jpg
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_ec.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_ec.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_pre.jpg
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\120103_eca11_ec.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\120103_eca11_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FileManager.txt
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FrenchVanila_prv.swf
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FrenchVanila_sn.wav
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte10_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte11_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte12_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte13_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte14_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte19_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte20_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte21_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte9_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30203lib_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102angel_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102bigluf_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102bigsmile_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102birthday_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102cheers_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102flo_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102good_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102jump_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102king_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102lough_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102luf_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102smile_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102smiled_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102sor_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102thanx_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102uhu_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40103ahh_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40103wow_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40104_emi2_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]42102_1134_112_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103big_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103gig_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103hm_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103nomail_emoti_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103norm_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema15_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema16_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema17_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema18_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema19_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema20_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema21_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema24_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema25_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema26_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema30_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema33_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema34_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]62802hippi_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]62802jumpie_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402argh_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402oops_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402ouch_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]82502no_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]82502yes_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_boring1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_confused_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_fantastic_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_feel_better_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_heehee_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_ign_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_lol_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_no_comment_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_peace_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_smashing_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\blocked2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_add-but.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\business_promo.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css_cattree.css
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css_flashpreview.css
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_main.css
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_pagingmodule.css
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_topbuttons.css
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-people.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-tell.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp_OI.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-text.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-voice.mnu
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def.cdf
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-t1-bg.res
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\estatationery.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\flashpreview.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\fs3.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\hotbar_promo.htm
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_checked_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_preview.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_send.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_flash_preview.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_recently_used.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_sand-clock2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tree_null.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout4.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_corner_left.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_local_logo.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_basetemplate.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbgroups.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobject3.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobjectset3.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hotbarwrapper.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_texts3.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_xmltree3nf.js
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\layout.cdf
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\linkpathlegal.txt
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1
    .gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1
    av_b_2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1
    av_bb_2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1
    av_f_2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1
    av_ff_2.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\searchbtn.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\submit.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bg.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bga.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bgia.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_l.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_la.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_lia.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_r.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ra.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ria.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_dots.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_minus.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_plus.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_animations.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_backgrounds.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_ecards.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_emoticons.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_notifiers.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_text.xml
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte10_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte11_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte12_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte13_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte14_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte19_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte20_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte21_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte9_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30203lib_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102angel_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102bigluf_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102bigsmile_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102birthday_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102cheers_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102flo_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102good_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102jump_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102king_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102lough_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102luf_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102smile_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102smiled_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102sor_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102thanx_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102uhu_1_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40103ahh_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40103wow_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40104_emi2_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]42102_1134_112_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103big_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103gig_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103hm_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103nomail_emoti_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103norm_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema15_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema16_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema17_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema18_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema19_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema20_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema21_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema24_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema25_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema26_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema30_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema33_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema34_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]62802hippi_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]62802jumpie_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]80402argh_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]80402oops_prv.gif
    D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static
  • Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:22:31, on 1-12-2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    D:\Program Files\Eset
    od32krn.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    D:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\QuickTime\QTTask.exe
    D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\MSN Messenger\MSNP13Downgrader.exe
    D:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/
    unonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: {f195441b-6d87-bbda-7864-1ebc8f155b12} - {21b551f8-cbe1-4687-adbb-78d6b144591f} - C:\WINDOWS\system32\dhrrgilq.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {6AA3809C-6261-456F-8FCA-43FE39ADC5E9} - C:\WINDOWS\system32\byxwtst.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0
    l\msntb.dll (file missing)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CashBibMultiKnob] D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [a84bec90] rundll32.exe "C:\WINDOWS\system32\pxuvlpyt.dll",b
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Extra Vga] D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MSNP13 Downgrader.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: MyCom - {04267913-1948-451C-8762-A91A370E5C8F} - http://www.mycom.nl (file missing) (HKCU)
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1
    esources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://www2.malmberg.nl/online_lessen/localplayer
    ecording/yrecording.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O20 - Winlogon Notify: byxwtst - byxwtst.dll (file missing)
    O20 - Winlogon Notify: ramcznre - C:\WINDOWS\SYSTEM32\ramcznre.dll
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset
    od32krn.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


    End of file - 14689 bytes
  • Je combofix logje is niet compleet. Zou je aub naar C:\[b:3a76b05d2e]Combofix[/b:3a76b05d2e] willen gaan en het logje opnieuw posten. De regels die hieronder staan mag je weglaten:
    [b:3a76b05d2e]
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    [/b:3a76b05d2e]

    Succes!

    Pim
  • ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    ——-\LEGACY_DOMAINSERVICE
    ——-\LEGACY_NPF
    ——-\DomainService
    ——-\NPF


    (((((((((((((((((((( Bestanden Gemaakt van 2007-11-01 to 2007-12-01 ))))))))))))))))))))))))))))))
    .

    2007-11-30 18:51 78,912 –a—— C:\WINDOWS\system32\dhrrgilq.dll
    2007-11-30 18:47 71,232 –a—— C:\WINDOWS\system32\vxsriqrn.exe
    2007-11-24 20:38 <DIR> d——– D:\Documenten en Settings\Timon.PC\Application Data\Grisoft
    2007-11-24 20:37 <DIR> d——– D:\Documenten en Settings\All Users.WINDOWS\Application Data\Grisoft
    2007-11-24 20:37 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-11-24 20:03 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-11-24 19:52 81,472 –a—— C:\WINDOWS\system32\fprcixqa.dll
    2007-11-24 19:52 71,232 –a—— C:\WINDOWS\system32\jraxprah.exe
    2007-11-22 19:44 143 –a—— C:\WINDOWS\system32\mcrh.tmp
    2007-11-22 19:11 79,936 –a—— C:\WINDOWS\system32\igikixwn.dll
    2007-11-21 19:07 720,106 —hs—- C:\WINDOWS\system32\gvuunbeg.ini
    2007-11-21 19:07 71,232 –a—— C:\WINDOWS\system32\dafwexwo.exe
    2007-11-21 19:07 2,696 –a—— C:\WINDOWS\system32\oixtkpgm.dll
    2007-11-20 19:46 3,829,382 –a—— C:\WINDOWS\winavi_ipod_video_converter.exe
    2007-11-20 19:36 114,688 –a—— C:\WINDOWS\system32\PropListCtrl.ocx

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-30 18:31 ——— d—–w C:\Program Files\Common Files\Symantec Shared
    2007-11-24 21:24 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Azureus
    2007-11-22 18:56 ——— d—–w C:\Program Files\Norton Internet Security
    2007-11-22 10:55 ——— d—–w C:\Program Files\Symantec
    2007-11-21 16:17 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM
    2007-11-21 15:56 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib
    2007-11-13 19:25 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Apple Computer
    2007-10-19 18:28 ——— d–h–r D:\Documenten en Settings\Timon.PC\Application Data\SecuROM
    2007-10-12 18:00 ——— d—–w C:\Program Files\Azureus
    2007-10-10 18:53 ——— d—–w C:\Program Files\XviD
    2007-10-10 18:51 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2005-09-26 13:52 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
    2005-09-26 13:50 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
    2005-08-23 14:50 3,305,945 -c–a-w D:\Documenten en Settings\Timon.PC\download112022089217485406.dat
    2004-10-01 20:49 54,688 -c—-w D:\Documenten en Settings\1033\dwintl.dll
    2004-03-29 22:50 54,688 -c—-w D:\Documenten en Settings\1028\dwintl.dll
    2003-04-18 23:57 60,000 -c—-w D:\Documenten en Settings\1036\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\3082\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1053\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1046\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1040\dwintl.dll
    2003-04-18 23:57 54,688 -c—-w D:\Documenten en Settings\1042\dwintl.dll
    2003-04-18 23:57 54,688 ——w D:\Documenten en Settings\1031\dwintl.dll
    2002-08-07 23:06 54,688 -c—-w D:\Documenten en Settings\1041\dwintl.dll
    .

    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21b551f8-cbe1-4687-adbb-78d6b144591f}]
    2007-11-30 18:51 78912 –a—— C:\WINDOWS\system32\dhrrgilq.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}]
    C:\WINDOWS\system32\byxwtst.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    2007-11-21 16:19 145774 ——— C:\WINDOWS\system32\ramcznre.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\ramcznre.dll [2007-11-21 16:19 145774]

    [HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-04-28 21:28]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-09 15:54]
    "Extra Vga"="D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe" []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2005-02-24 06:32 C:\WINDOWS\system32
    wiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
    "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 18:42]
    "snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 16:39]
    "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 14:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 C:\WINDOWS\system32\bthprops.cpl]
    "Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 16:22]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-22 11:55]
    "DAEMON Tools"="d:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-07 22:19]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "CashBibMultiKnob"="D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe" []
    "QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
    "PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 10:19]
    "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 15:32]
    "MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 19:36]
    "iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
    "a84bec90"="C:\WINDOWS\system32\pxuvlpyt.dll" [2007-11-22 19:08]
    "!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03]
    "PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15]

    D:\Documenten en Settings\Timon.PC\Menu Start\Programma's\Opstarten\
    MSNP13 Downgrader.lnk - C:\Program Files\MSN Messenger\MSNP13Downgrader.exe [2005-11-03 13:51:07]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"= 0 (0x0)

    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 15:51 192512]
    "{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}"= C:\WINDOWS\system32\byxwtst.dll [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\byxwtst]
    byxwtst.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\ramcznre]
    ramcznre.dll 2007-11-21 16:19 145774 C:\WINDOWS\system32\ramcznre.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtuts.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\MSN Messenger\msnmsgr.exe /background

    R0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS
    S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;D:\MAGIX\Common\Database\bin\fbserver.exe
    S3 nocashio;nocashio;C:\WINDOWS\system32\drivers
    ocashio.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    \Shell\AutoRun\command - F:\Autorun.exe

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-11-07 12:20:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2007-12-01 18:00:00 C:\WINDOWS\Tasks\B0C1A402918A522A.job"
    - d:\docume~1\timon.pc\applic~1\adminm~1\blehaxisdart.exe
    "2006-10-27 10:40:56 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Milou.job"
    "2007-11-30 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - R. de Graaff.job"
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
    .
    **************************************************************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-01 19:12:52
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-12-01 19:19:43 - machine was rebooted
    .
    — E O F —
  • Prima :D

    1.Ik zie twee actieve virusscanners in je logfile staan, Norton en NOD32. Meerdere virusscanners geven conflicten
    en lijden tot onnodige traagheid.Verwijder daarom één van de twee via configuratiescherm –> software.
    Indien NOD32 is meergekomen met Hitman Pro raad ik je aan deze geheel te verwijderen, inclusief alle trail software.

    2. Start Hijackthis, kies voor [i:77f0c11c2d]'Do a system scan only'[/i:77f0c11c2d] en vink onderstaande regels aan:
    [b:77f0c11c2d]
    O2 - BHO: {f195441b-6d87-bbda-7864-1ebc8f155b12} - {21b551f8-cbe1-4687-adbb-78d6b144591f} - C:\WINDOWS\system32\dhrrgilq.dll
    O2 - BHO: (no name) - {6AA3809C-6261-456F-8FCA-43FE39ADC5E9} - C:\WINDOWS\system32\byxwtst.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll
    O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0
    l\msntb.dll (file missing)
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
    O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll
    O4 - HKLM\..\Run: [CashBibMultiKnob] D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe
    O4 - HKLM\..\Run: [a84bec90] rundll32.exe "C:\WINDOWS\system32\pxuvlpyt.dll",b
    O4 - HKCU\..\Run: [Extra Vga] D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe
    O20 - Winlogon Notify: byxwtst - byxwtst.dll (file missing)
    O20 - Winlogon Notify: ramcznre - C:\WINDOWS\SYSTEM32\ramcznre.dll
    [/b:77f0c11c2d]

    Sluit nu [u:77f0c11c2d]alle[/u:77f0c11c2d] openstaande vensters, behalve Hijackthis en klik op [b:77f0c11c2d]Fix Checked[/b:77f0c11c2d].

    3. Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:77f0c11c2d]
    File::
    C:\WINDOWS\system32\dhrrgilq.dll
    C:\WINDOWS\system32\vxsriqrn.exe
    C:\WINDOWS\system32\fprcixqa.dll
    C:\WINDOWS\system32\jraxprah.exe
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\igikixwn.dll
    C:\WINDOWS\system32\gvuunbeg.ini
    C:\WINDOWS\system32\dafwexwo.exe
    C:\WINDOWS\system32\oixtkpgm.dll
    C:\WINDOWS\system32\PropListCtrl.ocx
    C:\WINDOWS\Tasks\B0C1A402918A522A.job

    Folder::
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21b551f8-cbe1-4687-adbb-78d6b144591f}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"=-
    [-HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Extra Vga"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CashBibMultiKnob"=-
    "a84bec90"=-
    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{88485281-8b4b-4f8d-9ede-82e29a064277}"=-
    "{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\byxwtst]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\ramcznre]
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

    [/b:77f0c11c2d]
    Sla dit op op je Bureaublad als [b:77f0c11c2d]CFScript.txt[/b:77f0c11c2d]

    Sleep [b:77f0c11c2d]CFScript.txt[/b:77f0c11c2d] in [b:77f0c11c2d]ComboFix.exe[/b:77f0c11c2d] zoals getoond in onderstaand voorbeeld :

    [img:77f0c11c2d]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:77f0c11c2d]

    Dit zal [b:77f0c11c2d]ComboFix[/b:77f0c11c2d] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:77f0c11c2d]Combofix.txt[/b:77f0c11c2d] in je volgende antwoord samen met een nieuw HijackThislogje.

    4. Download Deljob.exe (mirror) naar je [b:77f0c11c2d]Bureaublad[/b:77f0c11c2d].
    Indien je virusscanner de download van deljob.exe blokkeert,
    schakel dan tijdelijk je virusscanner uit of download de zip-versie deljob.zip en pak deze uit naar je Bureaublad.

    Dubbelklik op [b:77f0c11c2d]Deljob.exe[/b:77f0c11c2d].
    Een logje([u:77f0c11c2d]logit.txt[/u:77f0c11c2d]) zal openen, het bestandje kan je ook terugvinden op je Bureaublad.
    Post de inhoud van [b:77f0c11c2d]logit.txt[/b:77f0c11c2d] in je volgende bericht.

    Post nu de inhoud van Combofix.txt, logit.txt een hijackthis.

    Pim
  • [b:1ce19f8c8f]Combofix TXT[/b:1ce19f8c8f]

    ComboFix 07-11-19.4C - Timon 2007-12-07 22:08:05.2 - NTFSx86
    Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.135 [GMT 1:00]
    Gestart vanuit: D:\Documenten en Settings\Timon.PC\Bureaublad\ComboFix.exe
    Command switches used :: D:\Documenten en Settings\Timon.PC\Bureaublad\CFScript.txt
    * Nieuw herstelpunt werd aangemaakt

    FILE
    C:\WINDOWS\system32\dafwexwo.exe
    C:\WINDOWS\system32\dhrrgilq.dll
    C:\WINDOWS\system32\fprcixqa.dll
    C:\WINDOWS\system32\gvuunbeg.ini
    C:\WINDOWS\system32\igikixwn.dll
    C:\WINDOWS\system32\jraxprah.exe
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\oixtkpgm.dll
    C:\WINDOWS\system32\PropListCtrl.ocx
    C:\WINDOWS\system32\vxsriqrn.exe
    C:\WINDOWS\Tasks\B0C1A402918A522A.job
    .

    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\dafwexwo.exe
    C:\WINDOWS\system32\fprcixqa.dll
    C:\WINDOWS\system32\gvuunbeg.ini
    C:\WINDOWS\system32\jraxprah.exe
    C:\WINDOWS\system32\mcrh.tmp
    C:\WINDOWS\system32\oixtkpgm.dll
    C:\WINDOWS\system32\PropListCtrl.ocx
    C:\WINDOWS\system32\ramcznre.dllbox
    C:\WINDOWS\system32\vxsriqrn.exe
    C:\WINDOWS\Tasks\B0C1A402918A522A.job
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\Cash Help Chic
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\cool tray ford
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\Meow Bash Way
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\sixthadminfind
    D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\wave dart the
    D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Live Safety Center.lnk
    D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Online Security Guide.lnk
    D:\Documenten en Settings\Timon.PC\Bureaublad\Live Safety Center.lnk
    D:\Documenten en Settings\Timon.PC\Bureaublad\Online Security Guide.lnk
    D:\Documenten en Settings\Timon.PC\Favorieten\Online Security Guide.lnk

    .
    (((((((((((((((((((( Bestanden Gemaakt van 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))
    .

    2007-12-06 12:46 <DIR> d——– C:\Program Files\Hitman Pro
    2007-12-01 23:04 <DIR> d——– C:\Program Files\Free iPod Video Converter
    2007-11-30 19:04 77,245 –a—— C:\WINDOWS\system32\teonrxsq.dll
    2007-11-24 20:38 <DIR> d——– D:\Documenten en Settings\Timon.PC\Application Data\Grisoft
    2007-11-24 20:37 <DIR> d——– D:\Documenten en Settings\All Users.WINDOWS\Application Data\Grisoft
    2007-11-24 20:37 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
    2007-11-24 20:03 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
    2007-11-22 19:08 615,239 —hs—- C:\WINDOWS\system32\typlvuxp.ini
    2007-11-22 19:08 84,545 –a—— C:\WINDOWS\system32\pxuvlpyt.dll
    2007-11-22 19:08 71,232 –a—— C:\WINDOWS\system32\urtcedju.exe
    2007-11-21 16:22 714,281 —hs—- C:\WINDOWS\system32\tojkvtok.ini
    2007-11-21 16:19 145,774 ——— C:\WINDOWS\system32\ramcznre.dll
    2007-11-20 19:46 3,829,382 –a—— C:\WINDOWS\winavi_ipod_video_converter.exe

    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-12-06 13:08 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2007-12-06 11:58 ——— d—–w C:\Program Files\Common Files\Symantec Shared
    2007-12-05 21:15 ——— d—–w C:\Program Files\Norton Internet Security
    2007-12-01 22:51 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Azureus
    2007-11-30 18:19 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\Skype
    2007-11-22 10:55 ——— d—–w C:\Program Files\Symantec
    2007-11-21 16:17 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM
    2007-11-13 19:25 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Apple Computer
    2007-10-19 18:28 107,888 —-a-w C:\WINDOWS\system32\CmdLineExt.dll
    2007-10-19 18:28 ——— d–h–r D:\Documenten en Settings\Timon.PC\Application Data\SecuROM
    2007-10-12 18:00 ——— d—–w C:\Program Files\Azureus
    2007-10-10 18:53 ——— d—–w C:\Program Files\XviD
    2007-10-10 18:51 ——— d–h–w C:\Program Files\InstallShield Installation Information
    2005-09-26 13:52 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
    2005-09-26 13:50 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
    2005-08-23 14:50 3,305,945 -c–a-w D:\Documenten en Settings\Timon.PC\download112022089217485406.dat
    2004-10-01 20:49 54,688 -c—-w D:\Documenten en Settings\1033\dwintl.dll
    2004-03-29 22:50 54,688 -c—-w D:\Documenten en Settings\1028\dwintl.dll
    2003-04-18 23:57 60,000 -c—-w D:\Documenten en Settings\1036\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\3082\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1053\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1046\dwintl.dll
    2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1040\dwintl.dll
    2003-04-18 23:57 54,688 -c—-w D:\Documenten en Settings\1042\dwintl.dll
    2003-04-18 23:57 54,688 ——w D:\Documenten en Settings\1031\dwintl.dll
    2002-08-07 23:06 54,688 -c—-w D:\Documenten en Settings\1041\dwintl.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2007-12-01_19.13.29.21 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2007-04-24 09:32:06 1,485,696 —-a-w C:\WINDOWS\system32\LegitCheckControl.dll
    + 2007-10-11 13:12:48 1,468,968 —-a-w C:\WINDOWS\system32\LegitCheckControl.DLL
    + 2002-10-06 12:37:26 487,424 —-a-w C:\WINDOWS\system32\MSVCP70.DLL
    + 2006-03-11 10:00:58 344,064 —-a-w C:\WINDOWS\system32\msvcr70.dll
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    2007-11-21 16:19 145774 ——— C:\WINDOWS\system32\ramcznre.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\ramcznre.dll [2007-11-21 16:19 145774]

    [HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-04-28 21:28]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-09 15:54]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2005-02-24 06:32 C:\WINDOWS\system32
    wiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
    "RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 18:42]
    "snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 16:39]
    "Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 14:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
    "BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 C:\WINDOWS\system32\bthprops.cpl]
    "Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
    "ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 16:22]
    "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-22 11:55]
    "DAEMON Tools"="d:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-07 22:19]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
    "PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 10:19]
    "SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 15:32]
    "MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 19:36]
    "iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
    "!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03]
    "PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15]

    D:\Documenten en Settings\Timon.PC\Menu Start\Programma's\Opstarten\
    MSNP13 Downgrader.lnk - C:\Program Files\MSN Messenger\MSNP13Downgrader.exe [2005-11-03 13:51:07]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"= 0 (0x0)

    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 15:51 192512]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\ramcznre]
    ramcznre.dll 2007-11-21 16:19 145774 C:\WINDOWS\system32\ramcznre.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\MSN Messenger\msnmsgr.exe /background

    R0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS
    S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
    S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;D:\MAGIX\Common\Database\bin\fbserver.exe
    S3 nocashio;nocashio;C:\WINDOWS\system32\drivers
    ocashio.sys

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    \Shell\AutoRun\command - F:\Autorun.exe

    .
    Inhoud van de 'Gedeelde Taken' map
    "2007-11-07 12:20:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2006-10-27 10:40:56 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Milou.job"
    - C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.EXEp/task:
    "2007-11-30 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - R. de Graaff.job"
    - C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exep/task:
    .
    **************************************************************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-12-07 22:16:36
    Windows 5.1.2600 Service Pack 2 NTFS

    scannen van verborgen processen …

    scannen van verborgen autostart items …

    scannen van verborgen bestanden …

    Scan succesvol afgerond
    verborgen bestanden: 0

    **************************************************************************
    .
    Voltooingstijd: 2007-12-07 22:27:22 - machine was rebooted
    C:\ComboFix2.txt … 2007-12-01 19:19
    .
    — E O F —
  • ——————————————————–
    No LOP jobs found
    ——————————————————–
    Files remaining after cleaning

    AppleSoftwareUpdate.job
    Norton AntiVirus - Mijn computer scannen - Milou.job
    Norton AntiVirus - Mijn computer scannen - R. de Graaff.job
    ——————————————————–
    App data folders

    Het volume in station D heeft geen naam.
    Het volumenummer is 8CB2-59E8

    Map van D:\Documenten en Settings\Timon.PC\Application Data

    24-11-2007 20:38 <DIR> .
    24-11-2007 20:38 <DIR> ..
    21-11-2007 17:17 <DIR> ADMINM~1 ADMINMORETEAM
    18-06-2005 11:36 <DIR> Adobe
    06-05-2005 13:52 <DIR> AdobeUM
    17-05-2007 13:35 <DIR> Ahead
    13-11-2007 20:25 <DIR> APPLEC~1 Apple Computer
    25-05-2005 15:36 <DIR> ArcSoft
    01-12-2007 23:51 <DIR> Azureus
    25-03-2006 00:34 <DIR> CD-LAB~1 CD-LabelPrint
    25-04-2005 10:48 <DIR> CYBERL~1 CyberLink
    18-07-2007 15:01 <DIR> DataCast
    14-03-2007 20:56 <DIR> DATALA~1 Datalayer
    19-03-2007 21:44 <DIR> DESPER~1 Desperate Housewives
    03-07-2007 13:25 <DIR> DivX
    29-06-2007 19:04 <DIR> Google
    24-11-2007 20:38 <DIR> Grisoft
    15-10-2005 19:34 <DIR> Help
    03-04-2005 11:48 <DIR> IDENTI~1 Identities
    27-11-2005 00:17 <DIR> iMesh
    19-03-2007 21:23 <DIR> INSTAL~1 InstallShield
    22-03-2006 22:05 <DIR> Lavasoft
    19-03-2007 20:48 <DIR> LEADER~1 Leadertech
    21-04-2005 11:40 <DIR> MACROM~1 Macromedia
    15-06-2007 15:41 <DIR> MAGIX
    11-12-2006 18:57 <DIR> MICROS~1 Microsoft
    16-08-2007 16:48 <DIR> Nokia
    16-08-2007 16:51 <DIR> NOKIAM~1 Nokia Multimedia Player
    24-02-2007 20:23 <DIR> PCSUIT~1 PC Suite
    22-03-2006 21:55 <DIR> PCTOOL~1 PC Tools
    29-05-2005 16:33 <DIR> Real
    19-10-2007 19:28 <DIR> SecuROM
    24-08-2007 11:54 <DIR> SIBELI~1 Sibelius Software
    12-07-2006 15:51 <DIR> Skype
    19-11-2005 11:02 <DIR> Sun
    06-03-2006 16:37 <DIR> Symantec
    08-08-2005 16:57 <DIR> TMF
    22-03-2006 21:51 <DIR> Webroot
    0 bestand(en) 0 bytes
    38 map(pen) 21.304.655.872 bytes beschikbaar
    Het volume in station D heeft geen naam.
    Het volumenummer is 8CB2-59E8

    Map van D:\Documenten en Settings\All Users.WINDOWS\Application Data

    07-12-2007 22:11 <DIR> .
    07-12-2007 22:11 <DIR> ..
    14-01-2006 17:32 <DIR> Adobe
    01-04-2005 19:33 <DIR> Ahead
    18-07-2007 18:06 <DIR> Apple
    15-09-2006 20:00 <DIR> APPLEC~1 Apple Computer
    29-06-2007 13:48 <DIR> Azureus
    14-04-2006 20:54 <DIR> BLUETO~1 Bluetooth
    14-01-2006 16:36 <DIR> CanonBJ
    01-04-2005 19:28 <DIR> CYBERL~1 CyberLink
    18-06-2007 20:44 <DIR> DELTAS~1 Delta Solutions
    16-08-2007 16:47 <DIR> DOWNLO~1 Downloaded Installations
    01-09-2007 16:06 <DIR> Google
    24-11-2007 20:37 <DIR> Grisoft
    14-06-2007 19:24 <DIR> MAGIX
    08-05-2007 20:11 <DIR> MESSEN~1 Messenger Plus!
    30-11-2007 19:22 <DIR> MICROS~1 Microsoft
    27-06-2007 20:50 <DIR> MICROS~2 Microsoft Games
    16-08-2007 17:54 <DIR> Nokia
    09-04-2005 11:18 <DIR> OLYMPUS
    16-08-2007 16:53 <DIR> PCSUIT~1 PC Suite
    03-04-2005 13:38 <DIR> QUICKT~1 QuickTime
    07-07-2005 16:17 <DIR> Samsung
    02-04-2005 00:31 <DIR> SBSI
    30-11-2007 19:19 <DIR> Skype
    06-12-2007 14:08 <DIR> SPYBOT~1 Spybot - Search & Destroy
    15-10-2005 10:13 <DIR> Support.com
    19-02-2006 19:08 <DIR> Symantec
    10-06-2006 23:00 <DIR> WINDOW~1 Windows Genuine Advantage
    18-06-2007 12:57 <DIR> WINDOW~2 WindowsLiveInstaller
    18-06-2007 12:57 <DIR> WLINST~1 WLInstaller
    0 bestand(en) 0 bytes
    31 map(pen) 21.304.651.776 bytes beschikbaar
    ——————————————————–
  • Verwijder de CFscript die nu op je Bureaublad staat.

    Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
    [b:2ff5d5128e]
    File::
    C:\WINDOWS\system32\typlvuxp.ini
    C:\WINDOWS\system32\pxuvlpyt.dll
    C:\WINDOWS\system32\urtcedju.exe
    C:\WINDOWS\system32\tojkvtok.ini
    C:\WINDOWS\system32\ramcznre.dll
    D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
    D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
    D:\Documenten en Settings\Timon.PC\download112022089217485406.dat

    Folder::
    D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{11A69AE4-FBED-4832-A2BF-45AF82825583}"=-
    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{88485281-8b4b-4f8d-9ede-82e29a064277}"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon
    otify\ramcznre]
    [/b:2ff5d5128e]
    Sla dit op op je Bureaublad als [b:2ff5d5128e]CFScript.txt[/b:2ff5d5128e]

    Sleep [b:2ff5d5128e]CFScript.txt[/b:2ff5d5128e] in [b:2ff5d5128e]ComboFix.exe[/b:2ff5d5128e] zoals getoond in onderstaand voorbeeld :

    [img:2ff5d5128e]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:2ff5d5128e]

    Dit zal [b:2ff5d5128e]ComboFix[/b:2ff5d5128e] doen herstarten.
    Start opnieuw op als daarom gevraagd wordt,
    en post de inhoud van de [b:2ff5d5128e]Combofix.txt[/b:2ff5d5128e] in je volgende antwoord samen met een nieuw HijackThislogje.

    Belangrijk dat je ook een nieuw Hijackthis log post!

    Pim :)
  • Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:56, on 2007-12-15
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    C:\WINDOWS\system32
    vsvc32.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\WINDOWS\System32\svchost.exe
    D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\vsnpstd.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    D:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\WINDOWS\system32\rundll32.exe
    D:\Program Files\QuickTime\QTTask.exe
    D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
    C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\Program Files\MSN Messenger\MSNP13Downgrader.exe
    D:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:/
    unonce.msn.com/?v=msgrv75
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
    O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
    O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
    O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\cmd.exe /c C:\ComboFix\Combobatch.bat
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MSNP13 Downgrader.lnk = ?
    O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
    O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
    O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
    O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
    O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: MyCom - {04267913-1948-451C-8762-A91A370E5C8F} - http://www.mycom.nl (file missing) (HKCU)
    O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1
    esources/MSNPUpld.cab
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
    O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://www2.malmberg.nl/online_lessen/localplayer
    ecording/yrecording.cab
    O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O20 - Winlogon Notify: ramcznre - ramcznre.dll (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus
    avapsvc.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
    vsvc32.exe
    O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


    End of file - 13711 bytes
  • Mijn Combofix file kan ik wel vinden alleen is niet compleet
    wel is eropeens na het fixen een bestand op mijn bureablad gekomen met titel catch me waar het virusbestand inzit
    wat moet ik hiermee

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.