Vraag & Antwoord
trojan vundo virus ?
15 antwoorden
- Ik krijg de melding van norton dat er een trojan .vundo virus is gevonden. Ik krijg dit niet weg. Ik ben niet zo'n ervaren computer gebriker dus kan iemand Mij helpen mijn computer te verhelpen?
BVD
- als je norton eens gewoon het werk laat doen???
- Dat heb ik al gedaan alleen deze kan het niet verwijderen.
- Voer eerst Combofix uit:
Download [b:92bbd2ed84]Combofix[/b:92bbd2ed84] naar je [b:92bbd2ed84]bureaublad[/b:92bbd2ed84]
Indien je Combofix al eerder hebt gebruikt, gelieve die versie te verwijderen en Combofix opnieuw te downloaden via bovenstaande link, want Combofix wordt dagelijks geupdate.
OPMERKING: indien je, tijdens of na het downloaden van Combofix of tijdens het gebruik van Combofix een melding krijgt van je Antivirus- of een andere realtime scanner, schakel dan deze scanner uit en [b:92bbd2ed84]download Combofix opnieuw[/b:92bbd2ed84]. Sommige scanners zien bepaalde componenten die Combofix gebruikt als verdacht en gaan deze blokkeren of verwijderen!
Dubbelklik op [u:92bbd2ed84]combofix.exe[/u:92bbd2ed84]
Kies voor "Continue" door [b:92bbd2ed84]1[/b:92bbd2ed84] te typen gevolgd door [b:92bbd2ed84]ENTER[/b:92bbd2ed84].
Tijdens het runnen van de fix, [b:92bbd2ed84]NIET[/b:92bbd2ed84] in het venster klikken, want dit zal je pc doen vasthangen.
Wanneer de fix voltooid is en na herstart, zal de log [b:92bbd2ed84]combofix.txt[/b:92bbd2ed84] openen.
[i:92bbd2ed84]Plaats in je volgende antwoord het logje van combofix (combofix.txt[/i:92bbd2ed84]) tesamen met een vers Hijackthis log.
Maak daarna een hijackthis log:
Download Hijackthis-setup naar je [u:92bbd2ed84]Bureaublad[/u:92bbd2ed84].
Open HJTInstall en bepaal de locatie waar je Hijackthis wilt installeren.
Druk vervolgens op Install, na enkele seconde zal Hijackthis automatisch openen.
Kies nu voor [b:92bbd2ed84]'Do a system scan and save a logfile'[/b:92bbd2ed84].
Er opent een kladblok bestand met een logfile. Selecteer deze tekst helemaal ([b:92bbd2ed84]ctrl-A[/b:92bbd2ed84]), kopieer ([b:92bbd2ed84]ctrl C[/b:92bbd2ed84]) en plak deze tekst in je volgende bericht.
Succes! 8)
Pim - (combofix.txt)
- ComboFix 07-11-19.4C - Timon 2007-12-01 18:43:55.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.147 [GMT 1:00]
Gestart vanuit: D:\Documenten en Settings\Timon.PC\Bureaublad\ComboFix.exe
* Nieuw herstelpunt werd aangemaakt
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\Yazzle1848OinAdmin.exe
C:\Program Files\Common Files\Yazzle1848OinUninstaller.exe
C:\Program Files\winupdates
C:\Program Files\winupdates\a.zip
C:\WINDOWS\svchost.exe
C:\WINDOWS\system32\ramcznre.dllbox
C:\WINDOWS\system32\stutv.ini
C:\WINDOWS\system32\stutv.ini2
C:\WINDOWS\system32\vtuts.dll
D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Live Safety Center.lnk
D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Online Security Guide.lnk
D:\Documenten en Settings\Gast\Application Data\Hotbar
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1056330.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1090458.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\10928.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1273962.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1299333.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1323497.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1383594.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1384984.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1386158.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387310.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387315.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387505.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1387529.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1388781.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1389316.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1393798.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1401202.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1405053.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1431003.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1448448.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1529053.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\1835232.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\186852.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\198747.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2260086.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\232837.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\233021.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2344369.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2344409.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2477432.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\2710602.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\302265.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\402149.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\494801.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\558189.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\720568.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\772405.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\823208.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\827705.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\838803.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\853756.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\973091.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\987556.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\ASPL1.dat
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\domains.txt
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\hstat\320c.dat
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\10536
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11213
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11446
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\11997
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12030
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\12435
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1288
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1337
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13492
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13493
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13494
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13546
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13549
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\13617
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14083
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\141880
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\142308
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1424
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\14272
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15040
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\15541
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16087
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1611
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1612
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16173
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16210
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16884
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\16998
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17025
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17189
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17195
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17656
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\17987
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1810
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\18391
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\18991
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\1916
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\193626
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\19650
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20128
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\2021
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20304
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20478
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20514
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20570
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20935
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\20980
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\21864
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\223385
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22657
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\22809
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\23923
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\250476
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26335
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26479
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\26994
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27003
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27087
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27414
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\27515
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\28383
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29115
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29216
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\293962
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29536
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\29642
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\297534
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30001
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\30455
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\317263
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\32221
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33012
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\33017
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3338
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34120
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\34134
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35047
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35285
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35389
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\35408
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\357827
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36598
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3677
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\36834
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\372153
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\38399
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\39245
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\3986
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4142
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41590
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41641
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41952
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41980
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\41999
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\42013
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\42034
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\43098
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\432053
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\43384
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44214
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44228
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44306
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\4442
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\44429
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45355
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45495
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\45609
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\459338
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\46415
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\49724
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50548
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50787
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\50830
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\510377
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51192
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51374
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\517634
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\51931
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52335
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\528235
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\52957
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5358
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\53813
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\54189
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5542
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\5569
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\55725
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\56970
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57530
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57785
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\57823
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\580754
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\58841
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\591994
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59231
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59234
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59283
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\595054
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59844
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\59923
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6000
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60446
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\60923
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61167
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\61779
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\62019
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\62025
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\630950
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\631064
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\63930
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\642487
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\64451
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\645682
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6539
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\655883
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\65863
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\663386
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\664683
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\66855
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\668564
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\673444
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\67564
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68094
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\684104
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\688382
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\68943
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\6915
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\698252
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702564
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702599
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702607
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702610
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702664
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702665
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702670
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702683
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702686
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702688
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702689
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702691
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702694
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702695
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702696
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702697
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702713
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702714
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702715
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702728
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702730
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702732
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702733
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702743
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\702748
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70330
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705060
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705133
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705142
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705144
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705145
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\705146
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\70608
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\71383
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\72072
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\72123
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73528
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\73722
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\7515
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75828
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75832
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\75833
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78592
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78600
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\78788
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79977
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\79989
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80026
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\80319
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\8081
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\81293
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82292
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\82646
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83133
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\83743
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85535
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\85547
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\86999
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87439
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87555
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87584
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87726
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87733
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\87752
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\89075
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\89462
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90271
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90358
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\90371
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\91333
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92056
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92886
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92893
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\92930
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93110
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93899
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\93911
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\94272
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95325
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95610
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95678
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95740
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95803
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\95828
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97172
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97518
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\97734
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9805
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\98493
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99140
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\99586
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\TooltipXML\9991
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\dynamic\ustat\320c.dat
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\business_promo.htm
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\buttondir.txt
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\components.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\d_icons_buttons_1000.res
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\default.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_511745-514279.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_categorize.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_comparison.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-Mails.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_explorer-people.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_favorites.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Games.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hide.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_Hotmail.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_hsskin.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_new.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_premium.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_ringtone.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_SearchBoxTrapper.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchfor.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_searchgo.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_weather.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Default_yellowpages.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\email-t1-bg.res
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\hotbar_promo.htm
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords.idx
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_idx.idx
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords_sdf.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\keywords1.dat
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\layout.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\theweb.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\top7.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\1\Top7_theweb.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\business_promo.htm
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\buttondir.txt
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\components.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\d_icons_buttons_1000.res
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\default.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_511745-514279.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_categorize.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_comparison.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-Mails.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_explorer-people.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_favorites.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Games.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hide.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_Hotmail.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_hsskin.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_new.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_premium.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_ringtone.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_SearchBoxTrapper.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchfor.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_searchgo.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_weather.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Default_yellowpages.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\email-t1-bg.res
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\hotbar_promo.htm
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords.idx
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_idx.idx
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords_sdf.sdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\keywords1.dat
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\layout.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\theweb.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\top7.cdf
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\2\Top7_theweb.mnu
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\buttondir.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\d_icons_buttons_1000.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\default.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\email-t1-bg.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\hotbar_promo.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_idx.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords_sdf.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\keywords1.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\layout.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.txt
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\samplegroups2.xip
D:\Documenten en Settings\Gast\Application Data\Hotbar\v3.0\Hotbar\static\DownLoad\top7.xip
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_1.jpg
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_st.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]12702beauty20_st.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]50104_bgm10a_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\[u:f6f3adf510]0[/u:f6f3adf510]50104_bgm10a_st.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05.swf
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_bg.jpg
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_ec.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_ec.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_pre.jpg
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\100103hal05_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\120103_eca11_ec.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\120103_eca11_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FileManager.txt
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FrenchVanila_prv.swf
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\eskin\FrenchVanila_sn.wav
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte10_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte11_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte12_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte13_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte14_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte19_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte20_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte21_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte9_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]30203lib_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102angel_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102bigluf_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102bigsmile_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102birthday_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102cheers_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102flo_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102good_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102jump_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102king_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102lough_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102luf_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102smile_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102smiled_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102sor_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102thanx_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]33102uhu_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40103ahh_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40103wow_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]40104_emi2_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]42102_1134_112_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103big_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103gig_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103hm_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103nomail_emoti_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]50103norm_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema15_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema16_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema17_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema18_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema19_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema20_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema21_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema24_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema25_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema26_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema30_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema33_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema34_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]62802hippi_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]62802jumpie_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402argh_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402oops_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]80402ouch_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]82502no_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\[u:f6f3adf510]0[/u:f6f3adf510]82502yes_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_boring1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_confused_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_crying_ugly_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_fantastic_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_feel_better_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_gimme_break_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_heehee_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_hlopaet_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_ign_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_lol_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_no_comment_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_peace_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_smashing_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\110103_talk2thehand_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_sm2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\block_smli2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\blocked.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\blocked2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_add-but.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_back-but.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_cut_enabled_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_enabled_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_left_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_enabled_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_middle_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_cut_enabled_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_enabled_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\btn_right_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\business_promo.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\buttondir.txt
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\components.cdf
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css_cattree.css
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css_flashpreview.css
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_main.css
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_pagingmodule.css
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\css2_topbuttons.css
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\delete.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_clear_sound.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_fs.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\edit_select.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-bcards.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-ecards.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-edit.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-emoticons.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-estationery.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-funny.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-help.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-images.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-info.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-more.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-my.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-people.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-photo.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-tell.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-temp_OI.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-text.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def-email-voice.mnu
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-def.cdf
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\email-t1-bg.res
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\estatationery.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\flashpreview.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\fs3.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\hotbar_promo.htm
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_checked_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_close_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_preview.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_edit_send.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_flash_preview.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_recently_used.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_remove_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_sand-clock2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tell_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_tree_null.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\icon_unchecked_pressed_1.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_barlayout4.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_corner_left.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\img_local_logo.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_basetemplate.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbgroups.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobject3.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hbobjectset3.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_hotbarwrapper.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_iteratorsandreaders3nf.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_pagingmoduleobj3.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_texts3.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\js2_xmltree3nf.js
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\layout.cdf
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\linkpathlegal.txt
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\n.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\nav_b_2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\nav_bb_2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\nav_f_2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\nav_ff_2.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\searchbtn.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\submit.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bg.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bga.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_bgia.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_l.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_la.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_lia.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_r.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ra.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tab_ria.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_dots.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_minus.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\tree_plus.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_animations.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_backgrounds.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_ecards.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_emoticons.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_notifiers.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\1\treedata_text.xml
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte10_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte11_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte12_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte13_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte14_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte19_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte20_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte21_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30104_emte9_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]30203lib_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102angel_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102bigluf_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102bigsmile_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102birthday_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102cheers_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102flo_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102good_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102jump_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102king_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102lough_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102luf_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102smile_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102smiled_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102sor_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102thanx_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]33102uhu_1_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40103ahh_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40103wow_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]40104_emi2_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]42102_1134_112_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103big_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103gig_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103hm_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103nomail_emoti_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]50103norm_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema15_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema16_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema17_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema18_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema19_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema20_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema21_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema24_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema25_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema26_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema30_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema33_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]60104_ema34_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]62802hippi_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]62802jumpie_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]80402argh_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static\2\[u:f6f3adf510]0[/u:f6f3adf510]80402oops_prv.gif
D:\Documenten en Settings\R de Graaf\Application Data\Hotbar\v3.0\HostOI\static - Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:22:31, on 1-12-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\QTTask.exe
D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\MSN Messenger\MSNP13Downgrader.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: {f195441b-6d87-bbda-7864-1ebc8f155b12} - {21b551f8-cbe1-4687-adbb-78d6b144591f} - C:\WINDOWS\system32\dhrrgilq.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {6AA3809C-6261-456F-8FCA-43FE39ADC5E9} - C:\WINDOWS\system32\byxwtst.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\nl\msntb.dll (file missing)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CashBibMultiKnob] D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [a84bec90] rundll32.exe "C:\WINDOWS\system32\pxuvlpyt.dll",b
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Extra Vga] D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: MyCom - {04267913-1948-451C-8762-A91A370E5C8F} - http://www.mycom.nl (file missing) (HKCU)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://www2.malmberg.nl/online_lessen/localplayer/recording/yrecording.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: byxwtst - byxwtst.dll (file missing)
O20 - Winlogon Notify: ramcznre - C:\WINDOWS\SYSTEM32\ramcznre.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
–
End of file - 14689 bytes - Je combofix logje is niet compleet. Zou je aub naar C:\[b:3a76b05d2e]Combofix[/b:3a76b05d2e] willen gaan en het logje opnieuw posten. De regels die hieronder staan mag je weglaten:
[b:3a76b05d2e]
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
[/b:3a76b05d2e]
Succes!
Pim - ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
——-\LEGACY_DOMAINSERVICE
——-\LEGACY_NPF
——-\DomainService
——-\NPF
(((((((((((((((((((( Bestanden Gemaakt van 2007-11-01 to 2007-12-01 ))))))))))))))))))))))))))))))
.
2007-11-30 18:51 78,912 –a—— C:\WINDOWS\system32\dhrrgilq.dll
2007-11-30 18:47 71,232 –a—— C:\WINDOWS\system32\vxsriqrn.exe
2007-11-24 20:38 <DIR> d——– D:\Documenten en Settings\Timon.PC\Application Data\Grisoft
2007-11-24 20:37 <DIR> d——– D:\Documenten en Settings\All Users.WINDOWS\Application Data\Grisoft
2007-11-24 20:37 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-24 20:03 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
2007-11-24 19:52 81,472 –a—— C:\WINDOWS\system32\fprcixqa.dll
2007-11-24 19:52 71,232 –a—— C:\WINDOWS\system32\jraxprah.exe
2007-11-22 19:44 143 –a—— C:\WINDOWS\system32\mcrh.tmp
2007-11-22 19:11 79,936 –a—— C:\WINDOWS\system32\igikixwn.dll
2007-11-21 19:07 720,106 —hs—- C:\WINDOWS\system32\gvuunbeg.ini
2007-11-21 19:07 71,232 –a—— C:\WINDOWS\system32\dafwexwo.exe
2007-11-21 19:07 2,696 –a—— C:\WINDOWS\system32\oixtkpgm.dll
2007-11-20 19:46 3,829,382 –a—— C:\WINDOWS\winavi_ipod_video_converter.exe
2007-11-20 19:36 114,688 –a—— C:\WINDOWS\system32\PropListCtrl.ocx
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-30 18:31 ——— d—–w C:\Program Files\Common Files\Symantec Shared
2007-11-24 21:24 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Azureus
2007-11-22 18:56 ——— d—–w C:\Program Files\Norton Internet Security
2007-11-22 10:55 ——— d—–w C:\Program Files\Symantec
2007-11-21 16:17 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM
2007-11-21 15:56 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib
2007-11-13 19:25 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Apple Computer
2007-10-19 18:28 ——— d–h–r D:\Documenten en Settings\Timon.PC\Application Data\SecuROM
2007-10-12 18:00 ——— d—–w C:\Program Files\Azureus
2007-10-10 18:53 ——— d—–w C:\Program Files\XviD
2007-10-10 18:51 ——— d–h–w C:\Program Files\InstallShield Installation Information
2005-09-26 13:52 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
2005-09-26 13:50 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
2005-08-23 14:50 3,305,945 -c–a-w D:\Documenten en Settings\Timon.PC\download112022089217485406.dat
2004-10-01 20:49 54,688 -c—-w D:\Documenten en Settings\1033\dwintl.dll
2004-03-29 22:50 54,688 -c—-w D:\Documenten en Settings\1028\dwintl.dll
2003-04-18 23:57 60,000 -c—-w D:\Documenten en Settings\1036\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\3082\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1053\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1046\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1040\dwintl.dll
2003-04-18 23:57 54,688 -c—-w D:\Documenten en Settings\1042\dwintl.dll
2003-04-18 23:57 54,688 ——w D:\Documenten en Settings\1031\dwintl.dll
2002-08-07 23:06 54,688 -c—-w D:\Documenten en Settings\1041\dwintl.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21b551f8-cbe1-4687-adbb-78d6b144591f}]
2007-11-30 18:51 78912 –a—— C:\WINDOWS\system32\dhrrgilq.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}]
C:\WINDOWS\system32\byxwtst.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
2007-11-21 16:19 145774 ——— C:\WINDOWS\system32\ramcznre.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\ramcznre.dll [2007-11-21 16:19 145774]
[HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-04-28 21:28]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-09 15:54]
"Extra Vga"="D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-02-24 06:32 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 18:42]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 16:39]
"Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 14:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 C:\WINDOWS\system32\bthprops.cpl]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 16:22]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-22 11:55]
"DAEMON Tools"="d:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-07 22:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"CashBibMultiKnob"="D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe" []
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 10:19]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 15:32]
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 19:36]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
"a84bec90"="C:\WINDOWS\system32\pxuvlpyt.dll" [2007-11-22 19:08]
"!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03]
"PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15]
D:\Documenten en Settings\Timon.PC\Menu Start\Programma's\Opstarten\
MSNP13 Downgrader.lnk - C:\Program Files\MSN Messenger\MSNP13Downgrader.exe [2005-11-03 13:51:07]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 15:51 192512]
"{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}"= C:\WINDOWS\system32\byxwtst.dll [ ]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxwtst]
byxwtst.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ramcznre]
ramcznre.dll 2007-11-21 16:19 145774 C:\WINDOWS\system32\ramcznre.dll
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\vtuts.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background
R0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;D:\MAGIX\Common\Database\bin\fbserver.exe
S3 nocashio;nocashio;C:\WINDOWS\system32\drivers\nocashio.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map
"2007-11-07 12:20:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-01 18:00:00 C:\WINDOWS\Tasks\B0C1A402918A522A.job"
- d:\docume~1\timon.pc\applic~1\adminm~1\blehaxisdart.exe
"2006-10-27 10:40:56 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Milou.job"
"2007-11-30 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - R. de Graaff.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-01 19:12:52
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2007-12-01 19:19:43 - machine was rebooted
.
— E O F — - Prima
1.Ik zie twee actieve virusscanners in je logfile staan, Norton en NOD32. Meerdere virusscanners geven conflicten
en lijden tot onnodige traagheid.Verwijder daarom één van de twee via configuratiescherm –> software.
Indien NOD32 is meergekomen met Hitman Pro raad ik je aan deze geheel te verwijderen, inclusief alle trail software.
2. Start Hijackthis, kies voor [i:77f0c11c2d]'Do a system scan only'[/i:77f0c11c2d] en vink onderstaande regels aan:
[b:77f0c11c2d]
O2 - BHO: {f195441b-6d87-bbda-7864-1ebc8f155b12} - {21b551f8-cbe1-4687-adbb-78d6b144591f} - C:\WINDOWS\system32\dhrrgilq.dll
O2 - BHO: (no name) - {6AA3809C-6261-456F-8FCA-43FE39ADC5E9} - C:\WINDOWS\system32\byxwtst.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\nl\msntb.dll (file missing)
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll
O4 - HKLM\..\Run: [CashBibMultiKnob] D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\tick gpl.exe
O4 - HKLM\..\Run: [a84bec90] rundll32.exe "C:\WINDOWS\system32\pxuvlpyt.dll",b
O4 - HKCU\..\Run: [Extra Vga] D:\DOCUME~1\Timon.PC\APPLIC~1\ADMINM~1\ping locks defy.exe
O20 - Winlogon Notify: byxwtst - byxwtst.dll (file missing)
O20 - Winlogon Notify: ramcznre - C:\WINDOWS\SYSTEM32\ramcznre.dll
[/b:77f0c11c2d]
Sluit nu [u:77f0c11c2d]alle[/u:77f0c11c2d] openstaande vensters, behalve Hijackthis en klik op [b:77f0c11c2d]Fix Checked[/b:77f0c11c2d].
3. Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
[b:77f0c11c2d]
File::
C:\WINDOWS\system32\dhrrgilq.dll
C:\WINDOWS\system32\vxsriqrn.exe
C:\WINDOWS\system32\fprcixqa.dll
C:\WINDOWS\system32\jraxprah.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\igikixwn.dll
C:\WINDOWS\system32\gvuunbeg.ini
C:\WINDOWS\system32\dafwexwo.exe
C:\WINDOWS\system32\oixtkpgm.dll
C:\WINDOWS\system32\PropListCtrl.ocx
C:\WINDOWS\Tasks\B0C1A402918A522A.job
Folder::
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21b551f8-cbe1-4687-adbb-78d6b144591f}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"=-
[-HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Extra Vga"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CashBibMultiKnob"=-
"a84bec90"=-
[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=-
"{6AA3809C-6261-456F-8FCA-43FE39ADC5E9}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\byxwtst]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ramcznre]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00
[/b:77f0c11c2d]
Sla dit op op je Bureaublad als [b:77f0c11c2d]CFScript.txt[/b:77f0c11c2d]
Sleep [b:77f0c11c2d]CFScript.txt[/b:77f0c11c2d] in [b:77f0c11c2d]ComboFix.exe[/b:77f0c11c2d] zoals getoond in onderstaand voorbeeld :
[img:77f0c11c2d]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:77f0c11c2d]
Dit zal [b:77f0c11c2d]ComboFix[/b:77f0c11c2d] doen herstarten.
Start opnieuw op als daarom gevraagd wordt,
en post de inhoud van de [b:77f0c11c2d]Combofix.txt[/b:77f0c11c2d] in je volgende antwoord samen met een nieuw HijackThislogje.
4. Download Deljob.exe (mirror) naar je [b:77f0c11c2d]Bureaublad[/b:77f0c11c2d].
Indien je virusscanner de download van deljob.exe blokkeert,
schakel dan tijdelijk je virusscanner uit of download de zip-versie deljob.zip en pak deze uit naar je Bureaublad.
Dubbelklik op [b:77f0c11c2d]Deljob.exe[/b:77f0c11c2d].
Een logje([u:77f0c11c2d]logit.txt[/u:77f0c11c2d]) zal openen, het bestandje kan je ook terugvinden op je Bureaublad.
Post de inhoud van [b:77f0c11c2d]logit.txt[/b:77f0c11c2d] in je volgende bericht.
Post nu de inhoud van Combofix.txt, logit.txt een hijackthis.
Pim - [b:1ce19f8c8f]Combofix TXT[/b:1ce19f8c8f]
ComboFix 07-11-19.4C - Timon 2007-12-07 22:08:05.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1043.18.135 [GMT 1:00]
Gestart vanuit: D:\Documenten en Settings\Timon.PC\Bureaublad\ComboFix.exe
Command switches used :: D:\Documenten en Settings\Timon.PC\Bureaublad\CFScript.txt
* Nieuw herstelpunt werd aangemaakt
FILE
C:\WINDOWS\system32\dafwexwo.exe
C:\WINDOWS\system32\dhrrgilq.dll
C:\WINDOWS\system32\fprcixqa.dll
C:\WINDOWS\system32\gvuunbeg.ini
C:\WINDOWS\system32\igikixwn.dll
C:\WINDOWS\system32\jraxprah.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\oixtkpgm.dll
C:\WINDOWS\system32\PropListCtrl.ocx
C:\WINDOWS\system32\vxsriqrn.exe
C:\WINDOWS\Tasks\B0C1A402918A522A.job
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\dafwexwo.exe
C:\WINDOWS\system32\fprcixqa.dll
C:\WINDOWS\system32\gvuunbeg.ini
C:\WINDOWS\system32\jraxprah.exe
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\oixtkpgm.dll
C:\WINDOWS\system32\PropListCtrl.ocx
C:\WINDOWS\system32\ramcznre.dllbox
C:\WINDOWS\system32\vxsriqrn.exe
C:\WINDOWS\Tasks\B0C1A402918A522A.job
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\Cash Help Chic
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\cool tray ford
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\Meow Bash Way
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\sixthadminfind
D:\Documenten en Settings\All Users.WINDOWS\Application Data\media hold cash bib\wave dart the
D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Live Safety Center.lnk
D:\Documenten en Settings\All Users.WINDOWS\Menu Start\Online Security Guide.lnk
D:\Documenten en Settings\Timon.PC\Bureaublad\Live Safety Center.lnk
D:\Documenten en Settings\Timon.PC\Bureaublad\Online Security Guide.lnk
D:\Documenten en Settings\Timon.PC\Favorieten\Online Security Guide.lnk
.
(((((((((((((((((((( Bestanden Gemaakt van 2007-11-07 to 2007-12-07 ))))))))))))))))))))))))))))))
.
2007-12-06 12:46 <DIR> d——– C:\Program Files\Hitman Pro
2007-12-01 23:04 <DIR> d——– C:\Program Files\Free iPod Video Converter
2007-11-30 19:04 77,245 –a—— C:\WINDOWS\system32\teonrxsq.dll
2007-11-24 20:38 <DIR> d——– D:\Documenten en Settings\Timon.PC\Application Data\Grisoft
2007-11-24 20:37 <DIR> d——– D:\Documenten en Settings\All Users.WINDOWS\Application Data\Grisoft
2007-11-24 20:37 10,872 –a—— C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-11-24 20:03 626,688 –a—— C:\WINDOWS\system32\msvcr80.dll
2007-11-22 19:08 615,239 —hs—- C:\WINDOWS\system32\typlvuxp.ini
2007-11-22 19:08 84,545 –a—— C:\WINDOWS\system32\pxuvlpyt.dll
2007-11-22 19:08 71,232 –a—— C:\WINDOWS\system32\urtcedju.exe
2007-11-21 16:22 714,281 —hs—- C:\WINDOWS\system32\tojkvtok.ini
2007-11-21 16:19 145,774 ——— C:\WINDOWS\system32\ramcznre.dll
2007-11-20 19:46 3,829,382 –a—— C:\WINDOWS\winavi_ipod_video_converter.exe
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-06 13:08 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2007-12-06 11:58 ——— d—–w C:\Program Files\Common Files\Symantec Shared
2007-12-05 21:15 ——— d—–w C:\Program Files\Norton Internet Security
2007-12-01 22:51 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Azureus
2007-11-30 18:19 ——— d—–w D:\Documenten en Settings\All Users.WINDOWS\Application Data\Skype
2007-11-22 10:55 ——— d—–w C:\Program Files\Symantec
2007-11-21 16:17 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM
2007-11-13 19:25 ——— d—–w D:\Documenten en Settings\Timon.PC\Application Data\Apple Computer
2007-10-19 18:28 107,888 —-a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-10-19 18:28 ——— d–h–r D:\Documenten en Settings\Timon.PC\Application Data\SecuROM
2007-10-12 18:00 ——— d—–w C:\Program Files\Azureus
2007-10-10 18:53 ——— d—–w C:\Program Files\XviD
2007-10-10 18:51 ——— d–h–w C:\Program Files\InstallShield Installation Information
2005-09-26 13:52 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
2005-09-26 13:50 102,840 —-a-w D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
2005-08-23 14:50 3,305,945 -c–a-w D:\Documenten en Settings\Timon.PC\download112022089217485406.dat
2004-10-01 20:49 54,688 -c—-w D:\Documenten en Settings\1033\dwintl.dll
2004-03-29 22:50 54,688 -c—-w D:\Documenten en Settings\1028\dwintl.dll
2003-04-18 23:57 60,000 -c—-w D:\Documenten en Settings\1036\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\3082\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1053\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1046\dwintl.dll
2003-04-18 23:57 55,440 -c—-w D:\Documenten en Settings\1040\dwintl.dll
2003-04-18 23:57 54,688 -c—-w D:\Documenten en Settings\1042\dwintl.dll
2003-04-18 23:57 54,688 ——w D:\Documenten en Settings\1031\dwintl.dll
2002-08-07 23:06 54,688 -c—-w D:\Documenten en Settings\1041\dwintl.dll
.
((((((((((((((((((((((((((((( snapshot@2007-12-01_19.13.29.21 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-04-24 09:32:06 1,485,696 —-a-w C:\WINDOWS\system32\LegitCheckControl.dll
+ 2007-10-11 13:12:48 1,468,968 —-a-w C:\WINDOWS\system32\LegitCheckControl.DLL
+ 2002-10-06 12:37:26 487,424 —-a-w C:\WINDOWS\system32\MSVCP70.DLL
+ 2006-03-11 10:00:58 344,064 —-a-w C:\WINDOWS\system32\msvcr70.dll
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
2007-11-21 16:19 145774 ——— C:\WINDOWS\system32\ramcznre.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\ramcznre.dll [2007-11-21 16:19 145774]
[HKEY_CLASSES_ROOT\clsid\{11a69ae4-fbed-4832-a2bf-45af82825583}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 00:03]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-04-28 21:28]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-09 15:54]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-02-24 06:32 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 00:03 C:\WINDOWS\system32\rundll32.exe]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2003-10-31 18:42]
"snpstd"="C:\WINDOWS\vsnpstd.exe" [2003-12-31 16:39]
"Snelkoppeling naar eigenschappenvenster voor High Definition Audio"="HDAudPropShortcut.exe" [2004-03-17 14:10 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 02:43]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-04 00:03 C:\WINDOWS\system32\bthprops.cpl]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2007-02-21 16:22]
"Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2007-11-22 11:55]
"DAEMON Tools"="d:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 11:48]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-04-07 22:19]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"QuickTime Task"="D:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"PCSuiteTrayApplication"="D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 10:19]
"SMSTray"="C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe" [2007-02-23 15:32]
"MAAgent"="C:\Program Files\MarkAny\ContentSafer\MAAgent.exe" [2007-01-30 19:36]
"iTunesHelper"="D:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42]
"!AVG Anti-Spyware"="D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 00:03]
"PcSync"="D:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 16:15]
D:\Documenten en Settings\Timon.PC\Menu Start\Programma's\Opstarten\
MSNP13 Downgrader.lnk - C:\Program Files\MSN Messenger\MSNP13Downgrader.exe [2005-11-03 13:51:07]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)
[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"= C:\PROGRA~1\MarkAny\CONTEN~1\MACSMA~1.DLL [2004-11-23 15:51 192512]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ramcznre]
ramcznre.dll 2007-11-21 16:19 145774 C:\WINDOWS\system32\ramcznre.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background
R0 SSI;SSI;C:\WINDOWS\system32\Drivers\SSI.SYS
S3 ADM8511;ADMtek ADM8511/AN986 USB To Fast Ethernet Converter;C:\WINDOWS\system32\DRIVERS\ADM8511.SYS
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;D:\MAGIX\Common\Database\bin\fbserver.exe
S3 nocashio;nocashio;C:\WINDOWS\system32\drivers\nocashio.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\Shell\AutoRun\command - F:\Autorun.exe
.
Inhoud van de 'Gedeelde Taken' map
"2007-11-07 12:20:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2006-10-27 10:40:56 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - Milou.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\NAVW32.EXEp/task:
"2007-11-30 19:00:00 C:\WINDOWS\Tasks\Norton AntiVirus - Mijn computer scannen - R. de Graaff.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exep/task:
.
**************************************************************************
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-07 22:16:36
Windows 5.1.2600 Service Pack 2 NTFS
scannen van verborgen processen …
scannen van verborgen autostart items …
scannen van verborgen bestanden …
Scan succesvol afgerond
verborgen bestanden: 0
**************************************************************************
.
Voltooingstijd: 2007-12-07 22:27:22 - machine was rebooted
C:\ComboFix2.txt … 2007-12-01 19:19
.
— E O F — - ——————————————————–
No LOP jobs found
——————————————————–
Files remaining after cleaning
AppleSoftwareUpdate.job
Norton AntiVirus - Mijn computer scannen - Milou.job
Norton AntiVirus - Mijn computer scannen - R. de Graaff.job
——————————————————–
App data folders
Het volume in station D heeft geen naam.
Het volumenummer is 8CB2-59E8
Map van D:\Documenten en Settings\Timon.PC\Application Data
24-11-2007 20:38 <DIR> .
24-11-2007 20:38 <DIR> ..
21-11-2007 17:17 <DIR> ADMINM~1 ADMINMORETEAM
18-06-2005 11:36 <DIR> Adobe
06-05-2005 13:52 <DIR> AdobeUM
17-05-2007 13:35 <DIR> Ahead
13-11-2007 20:25 <DIR> APPLEC~1 Apple Computer
25-05-2005 15:36 <DIR> ArcSoft
01-12-2007 23:51 <DIR> Azureus
25-03-2006 00:34 <DIR> CD-LAB~1 CD-LabelPrint
25-04-2005 10:48 <DIR> CYBERL~1 CyberLink
18-07-2007 15:01 <DIR> DataCast
14-03-2007 20:56 <DIR> DATALA~1 Datalayer
19-03-2007 21:44 <DIR> DESPER~1 Desperate Housewives
03-07-2007 13:25 <DIR> DivX
29-06-2007 19:04 <DIR> Google
24-11-2007 20:38 <DIR> Grisoft
15-10-2005 19:34 <DIR> Help
03-04-2005 11:48 <DIR> IDENTI~1 Identities
27-11-2005 00:17 <DIR> iMesh
19-03-2007 21:23 <DIR> INSTAL~1 InstallShield
22-03-2006 22:05 <DIR> Lavasoft
19-03-2007 20:48 <DIR> LEADER~1 Leadertech
21-04-2005 11:40 <DIR> MACROM~1 Macromedia
15-06-2007 15:41 <DIR> MAGIX
11-12-2006 18:57 <DIR> MICROS~1 Microsoft
16-08-2007 16:48 <DIR> Nokia
16-08-2007 16:51 <DIR> NOKIAM~1 Nokia Multimedia Player
24-02-2007 20:23 <DIR> PCSUIT~1 PC Suite
22-03-2006 21:55 <DIR> PCTOOL~1 PC Tools
29-05-2005 16:33 <DIR> Real
19-10-2007 19:28 <DIR> SecuROM
24-08-2007 11:54 <DIR> SIBELI~1 Sibelius Software
12-07-2006 15:51 <DIR> Skype
19-11-2005 11:02 <DIR> Sun
06-03-2006 16:37 <DIR> Symantec
08-08-2005 16:57 <DIR> TMF
22-03-2006 21:51 <DIR> Webroot
0 bestand(en) 0 bytes
38 map(pen) 21.304.655.872 bytes beschikbaar
Het volume in station D heeft geen naam.
Het volumenummer is 8CB2-59E8
Map van D:\Documenten en Settings\All Users.WINDOWS\Application Data
07-12-2007 22:11 <DIR> .
07-12-2007 22:11 <DIR> ..
14-01-2006 17:32 <DIR> Adobe
01-04-2005 19:33 <DIR> Ahead
18-07-2007 18:06 <DIR> Apple
15-09-2006 20:00 <DIR> APPLEC~1 Apple Computer
29-06-2007 13:48 <DIR> Azureus
14-04-2006 20:54 <DIR> BLUETO~1 Bluetooth
14-01-2006 16:36 <DIR> CanonBJ
01-04-2005 19:28 <DIR> CYBERL~1 CyberLink
18-06-2007 20:44 <DIR> DELTAS~1 Delta Solutions
16-08-2007 16:47 <DIR> DOWNLO~1 Downloaded Installations
01-09-2007 16:06 <DIR> Google
24-11-2007 20:37 <DIR> Grisoft
14-06-2007 19:24 <DIR> MAGIX
08-05-2007 20:11 <DIR> MESSEN~1 Messenger Plus!
30-11-2007 19:22 <DIR> MICROS~1 Microsoft
27-06-2007 20:50 <DIR> MICROS~2 Microsoft Games
16-08-2007 17:54 <DIR> Nokia
09-04-2005 11:18 <DIR> OLYMPUS
16-08-2007 16:53 <DIR> PCSUIT~1 PC Suite
03-04-2005 13:38 <DIR> QUICKT~1 QuickTime
07-07-2005 16:17 <DIR> Samsung
02-04-2005 00:31 <DIR> SBSI
30-11-2007 19:19 <DIR> Skype
06-12-2007 14:08 <DIR> SPYBOT~1 Spybot - Search & Destroy
15-10-2005 10:13 <DIR> Support.com
19-02-2006 19:08 <DIR> Symantec
10-06-2006 23:00 <DIR> WINDOW~1 Windows Genuine Advantage
18-06-2007 12:57 <DIR> WINDOW~2 WindowsLiveInstaller
18-06-2007 12:57 <DIR> WLINST~1 WLInstaller
0 bestand(en) 0 bytes
31 map(pen) 21.304.651.776 bytes beschikbaar
——————————————————– - Verwijder de CFscript die nu op je Bureaublad staat.
Open Kladblok, kopiëer en plak het volgende (vetgedrukte tekst) in een leeg venster:
[b:2ff5d5128e]
File::
C:\WINDOWS\system32\typlvuxp.ini
C:\WINDOWS\system32\pxuvlpyt.dll
C:\WINDOWS\system32\urtcedju.exe
C:\WINDOWS\system32\tojkvtok.ini
C:\WINDOWS\system32\ramcznre.dll
D:\Documenten en Settings\Timon.PC\download11237604949680421.dat
D:\Documenten en Settings\Timon.PC\download11237602739458828.dat
D:\Documenten en Settings\Timon.PC\download112022089217485406.dat
Folder::
D:\Documenten en Settings\Timon.PC\Application Data\ADMINMORETEAM
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"=-
[hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{88485281-8b4b-4f8d-9ede-82e29a064277}"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ramcznre]
[/b:2ff5d5128e]
Sla dit op op je Bureaublad als [b:2ff5d5128e]CFScript.txt[/b:2ff5d5128e]
Sleep [b:2ff5d5128e]CFScript.txt[/b:2ff5d5128e] in [b:2ff5d5128e]ComboFix.exe[/b:2ff5d5128e] zoals getoond in onderstaand voorbeeld :
[img:2ff5d5128e]http://img.photobucket.com/albums/v666/sUBs/CFScript.gif[/img:2ff5d5128e]
Dit zal [b:2ff5d5128e]ComboFix[/b:2ff5d5128e] doen herstarten.
Start opnieuw op als daarom gevraagd wordt,
en post de inhoud van de [b:2ff5d5128e]Combofix.txt[/b:2ff5d5128e] in je volgende antwoord samen met een nieuw HijackThislogje.
Belangrijk dat je ook een nieuw Hijackthis log post!
Pim - Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:56, on 2007-12-15
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\QuickTime\QTTask.exe
D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
D:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\MSN Messenger\MSNP13Downgrader.exe
D:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - C:\WINDOWS\system32\ramcznre.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ramcznre.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [Snelkoppeling naar eigenschappenvenster voor High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [DAEMON Tools] "d:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PCSuiteTrayApplication] D:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\Samsung Media Studio 5\SMSTray.exe
O4 - HKLM\..\Run: [MAAgent] C:\Program Files\MarkAny\ContentSafer\MAAgent.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\cmd.exe /c C:\ComboFix\Combobatch.bat
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Snelle start.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://D:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - D:\Program Files\Paltalk Messenger\Paltalk.exe (file missing)
O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: MyCom - {04267913-1948-451C-8762-A91A370E5C8F} - http://www.mycom.nl (file missing) (HKCU)
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/NL-NL/a-UNO1/GAME_UNO1.cab
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://cache.hyves.nl/statics/Aurigma/ImageUploader4.cab
O16 - DPF: {82CF9738-0BDA-4AAF-AB08-5AC5875FF3BB} (YMultiRecord Class) - http://www2.malmberg.nl/online_lessen/localplayer/recording/yrecording.cab
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - Winlogon Notify: ramcznre - ramcznre.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - D:\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-service (iPod Service) - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planner voor Automatische LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - D:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe
–
End of file - 13711 bytes - Mijn Combofix file kan ik wel vinden alleen is niet compleet
wel is eropeens na het fixen een bestand op mijn bureablad gekomen met titel catch me waar het virusbestand inzit
wat moet ik hiermee
Beantwoord deze vraag
Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.