Ga naar inhoud

hijackthis


Aanbevolen berichten

  • Reacties 49
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

ComboFix 11-02-27.01 - Eigenaar 27/02/2011 21:54:11.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1278.894 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\All Users\Application Data\page

c:\documents and settings\All Users\Application Data\page\page.ico

c:\documents and settings\All Users\Application Data\page\page.URL

c:\documents and settings\Eigenaar\Application Data\PriceGong

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\1.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\a.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\b.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\c.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\d.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\e.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\f.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\g.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\h.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\i.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\J.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\k.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\l.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\m.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\n.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\o.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\p.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\q.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\r.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\s.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\t.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\u.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\v.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\w.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\x.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\y.xml

c:\documents and settings\Eigenaar\Application Data\PriceGong\Data\z.xml

c:\program files\Internet Explorer\SET91.tmp

c:\program files\Internet Explorer\SET92.tmp

c:\program files\Internet Explorer\SET93.tmp

c:\program files\Internet Explorer\SET95.tmp

c:\program files\Internet Explorer\SET96.tmp

c:\program files\Internet Explorer\SET97.tmp

c:\program files\Internet Explorer\SETAC7.tmp

c:\program files\Internet Explorer\SETAC8.tmp

c:\program files\Internet Explorer\SETAC9.tmp

c:\program files\Internet Explorer\SETB27.tmp

c:\program files\Internet Explorer\SETB28.tmp

c:\program files\Internet Explorer\SETB29.tmp

c:\program files\Internet Explorer\SETD.tmp

c:\program files\Internet Explorer\SETE.tmp

c:\program files\Internet Explorer\SETF.tmp

c:\restoration\Restoration.exe

c:\windows\system32\drivers\fad.sys

c:\windows\system32\Thumbs.db

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-27 to 2011-02-27 ))))))))))))))))))))))))))))))

.

2011-02-25 14:34 . 2011-02-27 20:45 -------- dc-h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2011-02-24 21:52 . 2011-02-24 21:52 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes

2011-02-24 21:52 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-24 21:52 . 2011-02-24 21:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-02-24 21:52 . 2011-02-24 21:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-02-24 21:52 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-24 12:54 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2011-02-24 12:51 . 2011-02-24 12:54 -------- d--h--w- c:\windows\msdownld.tmp

2011-02-24 12:50 . 2011-02-24 12:50 -------- d-----w- c:\windows\Logs

2011-02-23 04:14 . 2011-02-27 20:58 -------- dc----w- C:\Restoration

2011-02-23 03:47 . 2011-02-23 03:47 -------- dc----w- C:\NICO_restore{5F153C28-D96E-41F1-8451-588A13421FDC}

2011-02-23 03:37 . 2011-02-23 03:37 -------- dc----w- C:\_P513

2011-02-23 03:36 . 2011-02-23 03:36 -------- dc----w- C:\_P512

2011-02-23 02:59 . 2011-02-23 02:59 -------- d-----w- c:\program files\Convar

2011-02-22 20:43 . 2011-02-22 20:43 -------- d-----w- c:\program files\Conduit

2011-02-22 20:43 . 2011-02-22 22:03 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU

2011-02-22 20:43 . 2011-02-25 13:54 -------- d-----w- c:\program files\ToggleDU

2011-02-22 20:42 . 2011-02-23 01:08 -------- d-----w- c:\program files\File Scavenger 3.2

2011-02-22 01:15 . 2011-02-22 01:15 -------- d-----w- c:\windows\system32\XPSViewer

2011-02-22 01:15 . 2011-02-22 01:15 -------- d-----w- c:\program files\Reference Assemblies

2011-02-22 01:15 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

2011-02-22 01:14 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2011-02-22 01:14 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2011-02-22 01:14 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2011-02-22 01:14 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2011-02-22 01:14 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2011-02-22 01:14 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2011-02-22 01:14 . 2011-02-22 01:15 -------- dc----w- C:\7fc0986e05a3b8fab23ad14a0de8894f

2011-02-22 01:14 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2011-02-22 01:14 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2011-02-22 00:24 . 2011-02-22 00:24 -------- d-----w- c:\windows\system32\wbem\Repository

2011-02-21 19:20 . 2011-02-22 00:24 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL

2011-02-20 17:42 . 2011-02-20 17:42 -------- dc----w- c:\documents and settings\All Users\Application Data\PGWARE

2011-02-20 17:42 . 2011-02-20 17:42 -------- d-----w- c:\program files\PGWARE

2011-02-19 18:51 . 2011-02-19 18:51 -------- d-----w- c:\program files\uTorrent

2011-02-19 18:50 . 2011-02-25 22:07 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\uTorrent

2011-02-19 03:57 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys

2011-02-19 03:57 . 2010-03-30 11:24 317440 -c----w- c:\windows\system32\dllcache\mp4sdecd.dll

2011-02-19 03:55 . 2009-11-27 17:14 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll

2011-02-19 03:53 . 2009-11-27 16:10 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll

2011-02-19 03:53 . 2009-11-27 16:10 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll

2011-02-19 02:25 . 2011-02-19 02:40 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine

2011-02-19 02:25 . 2011-02-19 02:25 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\uTorrentBar_NL

2011-02-18 00:46 . 2011-02-19 02:26 -------- d-----w- c:\program files\Windows Live Safety Center

2011-02-13 08:58 . 2011-02-13 09:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp

2011-01-31 09:26 . 2011-01-31 09:26 -------- d-----w- c:\documents and settings\LocalService\Bureaublad

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-08 12:55 . 2011-01-27 20:59 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-01-28 08:53 . 2011-01-28 08:53 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-01-26 00:31 . 2011-01-26 00:31 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-01-26 00:31 . 2011-01-26 00:31 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-25 17:45 . 2011-01-25 17:45 388096 -c--a-r- c:\documents and settings\Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-01-21 14:44 . 2008-04-15 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09 . 2008-04-15 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 14:04 . 2008-04-15 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys

2010-12-22 12:34 . 2008-04-15 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll

2010-12-20 23:52 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-12-20 23:52 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2010-12-20 23:52 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-12-20 17:25 . 2008-04-15 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll

2010-12-20 12:55 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2010-12-09 15:15 . 2008-04-15 12:00 739328 ----a-w- c:\windows\system32\ntdll.dll

2010-12-09 15:14 . 2008-04-15 12:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-12-09 15:14 . 2008-04-14 22:11 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-12-09 14:30 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2010-12-03 09:05 . 2011-01-27 18:35 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]

"CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2008-04-21 270336]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"PCBoost"="c:\program files\PGWARE\PCBoost\PCBoostTray.exe" [2011-02-13 1722616]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

2007-04-11 13:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

2007-04-11 13:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27/01/2011 19:35 64288]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/12/2010 10:05 1405384]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7/07/2009 22:01 36608]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [1/07/2009 22:57 95744]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [1/07/2009 22:57 51968]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [3/12/2010 10:05 15232]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-27 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 12:55]

2011-02-27 c:\windows\Tasks\User_Feed_Synchronization-{1796E39C-E000-4E90-BC07-F93D543CF26E}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://dutch.toggle.com/nl/index.php?rvs=google

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: {F48912AD-C69A-4A69-998F-A87EE5E88D84} = 192.168.1.1,192.168.1.11

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

.

- - - - ORPHANS VERWIJDERD - - - -

WebBrowser-{4F11ACBB-393F-4C86-A214-FF3D0D155CC3} - (no file)

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

WebBrowser-{30F9B915-B755-4826-820B-08FBA6BD249D} - (no file)

WebBrowser-{3AD798D0-4642-4C55-BC14-CFE7DD19E0D1} - (no file)

HKLM-Run-NPSStartup - (no file)

AddRemove-Guitar Pro 5_is1 - c:\program files\Guitar Pro 5\unins000.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-02-27 21:58

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2011-02-27 22:01:22

ComboFix-quarantined-files.txt 2011-02-27 21:01

Pre-Run: 44.931.194.880 bytes beschikbaar

Post-Run: 45.300.756.480 bytes beschikbaar

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /numproc=1

- - End Of File - - D9473691442C1F4B43F1A41ADED85F57

Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\msdownld.tmp

Folder::

C:\_P513

C:\_P512

c:\program files\Conduit

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU

c:\program files\ToggleDU

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

Link naar reactie
Delen op andere sites

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 14:00:22, on 28/02/2011

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\CardDetector\ICON225\CardDetector.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\PGWARE\PCBoost\PCBoostTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\notepad.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\Program Files\internet explorer\iexplore.exe

C:\Program Files\internet explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://dutch.toggle.com/nl/index.php?rvs=google

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [CardDetectorICON225] C:\Program Files\CardDetector\ICON225\CardDetector.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [PCBoost] "C:\Program Files\PGWARE\PCBoost\PCBoostTray.exe" /start

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1295978048171

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1295978037921

O17 - HKLM\System\CCS\Services\Tcpip\..\{F48912AD-C69A-4A69-998F-A87EE5E88D84}: NameServer = 192.168.1.1,192.168.1.11

O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: Lavasoft Ad-Aware Service - Lavasoft Limited - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--

End of file - 5720 bytes

ComboFix 11-02-27.02 - Eigenaar 28/02/2011 13:47:55.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.32.1043.18.1278.892 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Eigenaar\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Eigenaar\Bureaublad\CFScript.txt..txt

AV: Lavasoft Ad-Watch Live! Antivirus *Disabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

C:\_P512

C:\_P513

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634220815653506250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634220879921318750_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634220880607100000_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225278165850000_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225279692725000_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225279948156250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225280304131250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225280526593750_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225280643975000_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225281436162500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225281783662500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225284383662500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225284881631250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225287181631250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634225287547412500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634226702545975000_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634226713903631250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_59_284_CT2849859_Images_634244833256762500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_go_btn_new_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_night_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGong_16.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\manifest.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Repository\conduit_CT2849859_CT2849859\ToolbarLogin\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Repository\conduit_CT2849859_CT2849859\ToolbarSettings\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\SearchInNewTab\SearchInNewTabContent.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\BittorrentBar_NL\ThirdPartyComponents.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveLeft_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_MoveRight_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\EngineSettings.json

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu&locale=nl-be.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_app_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=appContextMenu2_0&locale=nl-be.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu&locale=nl-be.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine\ExternalComponent\http___contextmenu_engine_conduit-services_com_apps_TranslatedApps_ashx_productId=1&name=engineContextMenu2_0&locale=nl-be.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a0_twimg_com_profile_images_1232799257_BS_FF_CoverMini-web_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a0_twimg_com_profile_images_1249277772_image_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a0_twimg_com_profile_images_67263363_icon_cnnbrk_normal_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a1_twimg_com_profile_images_1209404430_75312_10150333268180253_15253175252_15798879_2266975_n_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a1_twimg_com_profile_images_784227851_BarackObama_twitter_photo_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a2_twimg_com_profile_images_57465005_twitter_avatar_nyt_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a2_twimg_com_profile_images_626779806_demi-moore_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a3_twimg_com_profile_images_1206050702_twittericon_normal_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___a3_twimg_com_profile_images_1207013292_725a7cb3-12f0-41c4-9775-99a8fd1784c4_normal_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633640087722406250_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804085380906250_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804085560593750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804085717312500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804085909812500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804086101062500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804086273250000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804086486062500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804086673093750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804088020437500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804088250437500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804088974968750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_633804090324031250_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_634243251819762500_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_634261249606181250_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Email_xml-18-Classic-634146310242493750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Facebook_xml-5-Facebook-634146309272962500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16blue_gif-rss16Images-633639924404593750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16blue_gif-rss16Images-633639928679437500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16blue_gif-rss16Images-633639936537875000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639898297562500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639898441000000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639898638500000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639934045531250_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639935326625000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639941289750000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639941425375000_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639941726312500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss-rss01x16grey_gif-rss16Images-633639944466937500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Rss_xml-19-rssIcons-634226632068156250_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_SearchActivationButton-go_but01_gif-General-633789514918037500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Twitter_xml-5-Twitter-634226637017843750_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_33_208_CT2088433_Images_Weather_xml-14-Colorized-634227374168312500_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_Share_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___Storage_conduit_com_BankImages_ConduitEngine_ContextMenu_Upgrade_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_chevron_menu_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_display_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_equalizer_dead_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Equalizer_GIF.GIF

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Error_GIF.GIF

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_Loading_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_maxi_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_minimize_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_dn_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_pause_over_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_chevron_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_dn_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_play_over_mini_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_slider_bg_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_slider_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_chevron_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_stop_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_dn_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_vol_over_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_ClientImages_radio_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_tell_a_friend_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_SearchEngines_site_search_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_Apollo_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_battle pong siii_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_blobpirs_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_Blobwars si_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_Bubblewrap_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_flicker_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_gamelandia_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_Jugar_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_Kartracing_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_kwikshot_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_munchyman_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_power-pong_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_reaction_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_slide_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_sonic_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_spacepilot_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_sudoku_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_juegos_tetris_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_adobereader16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_ares_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_avast_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_bittorrent16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_codec16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_Diskette_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_emule_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_emule16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_limeware_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_lphant_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_messenger_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_office_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_utorrent_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_videolan_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_vuze16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_winamp16_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_programas_winrar_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Ares Galaxy_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Binaries usemte_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Bit Comet_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_BiteNova_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Bitsoup_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Bush Torrent_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_CruX_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Devhancer_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Fenopy_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_FlexTorrents_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Fulldls_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_ISO_Hunt_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_LemonWire_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_MetalDonkey_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_MiniNova_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_MP3 Torpedo_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Newtorrents_info_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_ONEKIT_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Pirate Nove_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_SeedPeer_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Snarf-It_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_spynova_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Torrent Swicki_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_TorrentBox_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Torrentmatrix_jpg.jpg

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_TorrentPortal_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_Torrentz_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_websElinks_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\CacheIcons\http___xml_shareware_pro_webs_World Nova_gif.gif

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\AccountTypes.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\aol.com.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\comcast.net.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\google.com.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\hotmail.com.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\EmailNotifier\yahoo.com.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=nl.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___xml_shareware_pro_MenuJuegosGadgetnl_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___xml_shareware_pro_MenuProgramasGadgetnl_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ExternalComponent\http___xml_shareware_pro_MenuWebsGadgeten_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\RadioPlayer\IP_Stations_Media_List.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\RadioPlayer\Predefined_Media_List.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\RadioPlayer\Skins\http___storage_conduit_com_BankImages_RadioSkins_Bluenote_display_xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_CT2088433\AppsMetaData\data.bck.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_CT2088433\AppsMetaData\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_CT2088433\ToolbarLogin\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_CT2088433\ToolbarSettings\data.bck.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_CT2088433\ToolbarSettings\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Repository\conduit_CT2088433_nl\ToolbarTranslation\data.txt

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_engadget_com_weblogsinc_engadget .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_engadget_com_weblogsinc_engadget _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_gadgettastic_format=xml.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_gadgettastic_format=xml_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_SmashingApps .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_SmashingApps _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_websonic.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___feeds_feedburner_com_websonic_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___newsrss_bbc_co_uk_rss_newsonline_uk_edition_technology_rss_xml .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___newsrss_bbc_co_uk_rss_newsonline_uk_edition_technology_rss_xml _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___reviews_cnet_com_4924-5_7-0_xml_7eChoice=1&orderBy=-7rvDte&maxhits=25&dedup=1 .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___reviews_cnet_com_4924-5_7-0_xml_7eChoice=1&orderBy=-7rvDte&maxhits=25&dedup=1 _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___rss_feedsportal_com_c_692_f_414307_index_rss .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___rss_feedsportal_com_c_692_f_414307_index_rss _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___rss_news_yahoo_com_rss_tech .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___rss_news_yahoo_com_rss_tech _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_16409683_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_16409683_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_16727535_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_16727535_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_18863815_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_18863815_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19058681_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19058681_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19248106_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19248106_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19554706_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19554706_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_19757371_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_428333_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_428333_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_807095_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_807095_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_813286_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___twitter_com_statuses_user_timeline_813286_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_bit-tech_net_xml_all_rss.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_bit-tech_net_xml_all_rss_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_nujij_nl_Rss_Nieuw__topic=Tech_20__20Gadgets.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_nujij_nl_Rss_Nieuw__topic=Tech_20__20Gadgets_structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_nytimes_com_services_xml_rss_userland_Technology_xml .xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Rss\http___www_nytimes_com_services_xml_rss_userland_Technology_xml _structured.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\SearchInNewTab\SearchInNewTabContent.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\ThirdPartyComponents.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\16409683.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\16727535.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\18863815.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\19058681.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\19248106.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\19554706.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\428333.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\807095.xml

c:\documents and settings\Eigenaar\Local Settings\Application Data\ToggleDU\Twitter\813286.xml

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

c:\program files\ToggleDU

c:\program files\ToggleDU\GottenAppsContextMenu.xml

c:\program files\ToggleDU\OtherAppsContextMenu.xml

c:\program files\ToggleDU\SharedAppsContextMenu.xml

c:\program files\ToggleDU\tbTogg.dll

c:\program files\ToggleDU\ToggleDUToolbarHelper.exe

c:\program files\ToggleDU\toolbar.cfg

c:\program files\ToggleDU\ToolbarContextMenu.xml

c:\program files\ToggleDU\UNWISE.EXE

.

(((((((((((((((((((( Bestanden Gemaakt van 2011-01-28 to 2011-02-28 ))))))))))))))))))))))))))))))

.

2011-02-27 23:45 . 2011-02-28 12:43 -------- dc-h--r- c:\documents and settings\Eigenaar\Onlangs geopend

2011-02-24 21:52 . 2011-02-24 21:52 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\Malwarebytes

2011-02-24 21:52 . 2010-12-20 17:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-02-24 21:52 . 2011-02-24 21:52 -------- dc----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-02-24 21:52 . 2011-02-24 21:52 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-02-24 21:52 . 2010-12-20 17:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-02-24 12:54 . 2005-05-26 14:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2011-02-24 12:51 . 2011-02-24 12:54 -------- d--h--w- c:\windows\msdownld.tmp

2011-02-24 12:50 . 2011-02-24 12:50 -------- d-----w- c:\windows\Logs

2011-02-23 04:14 . 2011-02-27 20:58 -------- dc----w- C:\Restoration

2011-02-23 03:47 . 2011-02-23 03:47 -------- dc----w- C:\NICO_restore{5F153C28-D96E-41F1-8451-588A13421FDC}

2011-02-23 02:59 . 2011-02-23 02:59 -------- d-----w- c:\program files\Convar

2011-02-22 20:42 . 2011-02-23 01:08 -------- d-----w- c:\program files\File Scavenger 3.2

2011-02-22 01:15 . 2011-02-22 01:15 -------- d-----w- c:\windows\system32\XPSViewer

2011-02-22 01:15 . 2011-02-22 01:15 -------- d-----w- c:\program files\Reference Assemblies

2011-02-22 01:15 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll

2011-02-22 01:14 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll

2011-02-22 01:14 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll

2011-02-22 01:14 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll

2011-02-22 01:14 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll

2011-02-22 01:14 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe

2011-02-22 01:14 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe

2011-02-22 01:14 . 2011-02-22 01:15 -------- dc----w- C:\7fc0986e05a3b8fab23ad14a0de8894f

2011-02-22 01:14 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll

2011-02-22 01:14 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll

2011-02-22 00:24 . 2011-02-22 00:24 -------- d-----w- c:\windows\system32\wbem\Repository

2011-02-20 17:42 . 2011-02-20 17:42 -------- dc----w- c:\documents and settings\All Users\Application Data\PGWARE

2011-02-20 17:42 . 2011-02-20 17:42 -------- d-----w- c:\program files\PGWARE

2011-02-19 18:51 . 2011-02-19 18:51 -------- d-----w- c:\program files\uTorrent

2011-02-19 18:50 . 2011-02-25 22:07 -------- dc----w- c:\documents and settings\Eigenaar\Application Data\uTorrent

2011-02-19 03:57 . 2009-10-20 16:20 265728 -c----w- c:\windows\system32\dllcache\http.sys

2011-02-19 03:57 . 2010-03-30 11:24 317440 -c----w- c:\windows\system32\dllcache\mp4sdecd.dll

2011-02-19 03:55 . 2009-11-27 17:14 17920 -c----w- c:\windows\system32\dllcache\msyuv.dll

2011-02-19 03:53 . 2009-11-27 16:10 8704 -c----w- c:\windows\system32\dllcache\tsbyuv.dll

2011-02-19 03:53 . 2009-11-27 16:10 48128 -c----w- c:\windows\system32\dllcache\iyuv_32.dll

2011-02-19 02:25 . 2011-02-19 02:25 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\uTorrentBar_NL

2011-02-19 00:16 . 2011-02-19 02:25 -------- d-----w- c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine(2)

2011-02-18 00:46 . 2011-02-19 02:26 -------- d-----w- c:\program files\Windows Live Safety Center

2011-02-13 08:58 . 2011-02-13 09:00 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Temp

2011-01-31 09:26 . 2011-01-31 09:26 -------- d-----w- c:\documents and settings\LocalService\Bureaublad

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-08 12:55 . 2011-01-27 20:59 16432 ----a-w- c:\windows\system32\lsdelete.exe

2011-01-28 08:53 . 2011-01-28 08:53 98392 ----a-w- c:\windows\system32\drivers\SBREDrv.sys

2011-01-26 00:31 . 2011-01-26 00:31 73728 ----a-w- c:\windows\system32\javacpl.cpl

2011-01-26 00:31 . 2011-01-26 00:31 472808 ----a-w- c:\windows\system32\deployJava1.dll

2011-01-25 17:45 . 2011-01-25 17:45 388096 -c--a-r- c:\documents and settings\Eigenaar\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2011-01-21 14:44 . 2008-04-15 12:00 441344 ----a-w- c:\windows\system32\shimgvw.dll

2011-01-07 14:09 . 2008-04-15 12:00 290048 ----a-w- c:\windows\system32\atmfd.dll

2010-12-31 14:04 . 2008-04-15 12:00 1855104 ----a-w- c:\windows\system32\win32k.sys

2010-12-22 12:34 . 2008-04-15 12:00 301568 ----a-w- c:\windows\system32\kerberos.dll

2010-12-20 23:52 . 2008-04-15 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-12-20 23:52 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll

2010-12-20 23:52 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl

2010-12-20 17:25 . 2008-04-15 12:00 735232 ----a-w- c:\windows\system32\lsasrv.dll

2010-12-20 12:55 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec

2010-12-09 15:15 . 2008-04-15 12:00 739328 ----a-w- c:\windows\system32\ntdll.dll

2010-12-09 15:14 . 2008-04-15 12:00 2197120 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-12-09 15:14 . 2008-04-14 22:11 2073728 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-12-09 14:30 . 2008-04-15 12:00 33280 ----a-w- c:\windows\system32\csrsrv.dll

2010-12-03 09:05 . 2011-01-27 18:35 64288 ----a-w- c:\windows\system32\drivers\Lbd.sys

.

((((((((((((((((((((((((((((( SnapShot@2011-02-27_20.58.50 )))))))))))))))))))))))))))))))))))))))))

.

+ 2011-02-28 12:34 . 2011-02-28 12:34 16384 c:\windows\Temp\Perflib_Perfdata_1a4.dat

+ 2011-01-28 08:36 . 2011-02-27 21:14 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

- 2011-01-28 08:36 . 2011-02-25 04:25 32768 c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat

+ 2011-01-28 08:36 . 2011-02-27 21:14 16384 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

- 2011-01-28 08:36 . 2011-02-25 04:25 16384 c:\windows\system32\config\systemprofile\Local Settings\Geschiedenis\History.IE5\index.dat

+ 2011-01-28 08:36 . 2011-02-27 21:14 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat

- 2011-01-28 08:36 . 2011-02-25 04:25 16384 c:\windows\system32\config\systemprofile\IETldCache\index.dat

+ 2011-02-27 21:14 . 2011-02-27 21:14 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

- 2011-01-28 08:36 . 2011-02-25 04:25 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-09-20 94208]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-09-20 114688]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-09-20 77824]

"CardDetectorICON225"="c:\program files\CardDetector\ICON225\CardDetector.exe" [2008-04-21 270336]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]

"PCBoost"="c:\program files\PGWARE\PCBoost\PCBoostTray.exe" [2011-02-13 1722616]

"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-04-11 56080]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Kernel and Hardware Abstraction Layer]

2007-04-11 13:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Hardware Abstraction Layer]

2007-04-11 13:32 56080 ----a-w- c:\windows\KHALMNPR.Exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [27/01/2011 19:35 64288]

S2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [3/12/2010 10:05 1405384]

S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [7/07/2009 22:01 36608]

S3 GT72NDISIPXP;GT 72 IP NDIS;c:\windows\system32\drivers\Gt51Ip.sys [1/07/2009 22:57 95744]

S3 GT72UBUS;GT 72 U BUS;c:\windows\system32\drivers\gt72ubus.sys [1/07/2009 22:57 51968]

S3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys --> c:\windows\system32\DRIVERS\ewusbdev.sys [?]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;c:\program files\Lavasoft\Ad-Aware\kernexplorer.sys [3/12/2010 10:05 15232]

.

Inhoud van de 'Gedeelde Taken' map

2011-02-28 c:\windows\Tasks\Ad-Aware Update (Weekly).job

- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2010-12-03 12:55]

2011-02-28 c:\windows\Tasks\User_Feed_Synchronization-{1796E39C-E000-4E90-BC07-F93D543CF26E}.job

- c:\windows\system32\msfeedssync.exe [2007-08-13 03:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.google.be/

mStart Page = hxxp://dutch.toggle.com/nl/index.php?rvs=google

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000

TCP: {F48912AD-C69A-4A69-998F-A87EE5E88D84} = 192.168.1.1,192.168.1.11

Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

.

- - - - ORPHANS VERWIJDERD - - - -

AddRemove-ToggleDU Toolbar - c:\progra~1\ToggleDU\UNWISE.EXE

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2011-02-28 13:52

Windows 5.1.2600 Service Pack 3 NTFS

scannen van verborgen processen ...

scannen van verborgen autostart items ...

scannen van verborgen bestanden ...

Scan succesvol afgerond

verborgen bestanden: 0

**************************************************************************

.

Voltooingstijd: 2011-02-28 13:55:25

ComboFix-quarantined-files.txt 2011-02-28 12:55

ComboFix2.txt 2011-02-27 21:01

Pre-Run: 45.277.454.336 bytes beschikbaar

Post-Run: 45.289.234.432 bytes beschikbaar

- - End Of File - - 0E6EB33319FE3A125C2B2D0DE92207FB

aangepast door kape
Link naar reactie
Delen op andere sites

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

File::

c:\windows\msdownld.tmp

Folder::

c:\documents and settings\Eigenaar\Local Settings\Application Data\uTorrentBar_NL

c:\documents and settings\Eigenaar\Local Settings\Application Data\ConduitEngine(2)

Sla dit bestand op je bureaublad op als CFScript.txt.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht.

Ga naar de site van de [/url].

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.