Besmet met het SSSchedular virus

[wexxel99]

Hoi Kape,

Inderdaad die heb ik tussentijds geinstalleerd. Probeer voor het eerst in mijn leven te downloaden, eerst via Spotnet, dit gaat wel erg langzaam, daarom na een tip van mijn collega via demenoid. Helaas gaat dit ook zeer langzaam.

ComboFix 12-03-10.02 - Wessel Kampen 11/03/2012 13:23:25.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1014.515 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Wessel Kampen\Bureaublad\ComboFix.exe

AV: Norton Internet Security 2006 *Enabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Internet Security 2006 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Wessel Kampen\Application Data\.#

c:\documents and settings\Wessel Kampen\Application Data\PriceGong

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\1.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\2229.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\2258.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\946.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\a.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\b.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\c.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\d.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\e.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\f.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\g.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\h.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\i.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\j.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\k.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\l.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\m.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\mru.xml

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\n.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\o.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\p.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\q.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\r.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\s.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\t.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\u.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\v.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\w.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\wlu.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\x.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\y.txt

c:\documents and settings\Wessel Kampen\Application Data\PriceGong\Data\z.txt

c:\documents and settings\Wessel Kampen\Menu Start\Programma's\Opstarten\OpenOffice.org 3.2 .lnk

c:\windows\dasetup.log

c:\windows\IsUn0413.exe

c:\windows\system32\roboot.exe

c:\windows\system32\SET2D6.tmp

c:\windows\system32\SET2E2.tmp

c:\windows\system32\SET2EB.tmp

c:\windows\system32\SET2EC.tmp

c:\windows\system32\SET2ED.tmp

c:\windows\system32\SET2F0.tmp

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-02-11 to 2012-03-11 ))))))))))))))))))))))))))))))

.

.

2012-03-11 12:05 . 2012-03-11 12:05 141312 ----a-w- c:\windows\system32\javacpl.cpl

2012-03-11 11:45 . 2012-03-11 12:05 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-03-11 11:45 . 2012-03-11 12:05 567696 ----a-w- c:\windows\system32\deployJava1.dll

2012-03-10 23:43 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-10 23:43 . 2012-03-10 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-03-10 17:17 . 2012-03-10 17:17 -------- d-----w- c:\program files\Conduit

2012-03-10 17:17 . 2012-03-10 17:20 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL

2012-03-10 17:17 . 2012-03-10 17:20 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit

2012-03-10 17:17 . 2012-03-10 17:17 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Temp

2012-03-10 17:17 . 2012-03-10 17:17 -------- d-----w- c:\program files\uTorrent

2012-03-10 17:16 . 2012-03-11 12:28 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\uTorrent

2012-03-10 16:49 . 2012-03-10 16:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-10 00:09 . 2012-03-10 00:09 388096 ----a-r- c:\documents and settings\Wessel Kampen\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-08 20:18 . 2012-03-08 20:19 -------- d-----w- c:\program files\Safari

2012-03-08 20:11 . 2012-03-08 20:11 -------- d-----w- c:\program files\iPod

2012-03-04 19:55 . 2012-03-04 19:55 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Spotnet

2012-03-04 16:24 . 2012-03-04 16:24 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\Malwarebytes

2012-03-04 16:24 . 2012-03-04 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-03-04 15:01 . 2012-03-04 15:01 -------- d-----w- c:\windows\system32\wbem\Repository

2012-03-04 13:20 . 2012-03-04 13:20 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\I Want This

2012-03-04 13:20 . 2012-03-04 14:54 -------- d-----w- c:\program files\I Want This

2012-03-04 13:20 . 2012-03-04 14:54 -------- d-----w- c:\program files\Complitly

2012-03-04 13:19 . 2012-03-04 13:19 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon

2012-03-04 13:19 . 2012-03-04 13:19 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\Babylon

2012-03-04 13:01 . 2012-03-04 14:54 -------- d-----w- c:\program files\Windows Media Connect 2

2012-03-04 12:59 . 2012-03-04 14:54 -------- d-----w- c:\windows\system32\drivers\UMDF

2012-03-03 21:09 . 2012-03-04 14:54 -------- d-----w- c:\program files\Ask.com

2012-03-03 21:09 . 2012-03-04 14:54 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar

2012-03-03 19:09 . 2012-03-11 04:33 -------- d-----w- c:\documents and settings\Wessel Kampen\Downloads

2012-03-03 18:37 . 2012-03-03 18:37 -------- d-----w- c:\program files\Microsoft.NET

2012-03-03 18:34 . 2012-03-05 22:34 -------- d-----w- c:\program files\Spotnet

2012-03-03 18:34 . 2012-03-04 19:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet

2012-03-01 21:44 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-03-01 21:44 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-15 10:01 . 2010-03-24 19:15 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-02-15 10:01 . 2010-03-24 19:15 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2012-01-12 17:20 . 2006-03-01 02:55 1860096 ----a-w- c:\windows\system32\win32k.sys

2011-12-17 19:42 . 2006-03-01 02:55 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:42 . 2006-03-01 02:55 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-17 19:42 . 2006-03-01 02:55 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-16 12:23 . 2006-03-01 02:55 385024 ----a-w- c:\windows\system32\html.iec

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-03-10 739704]

"MSMSGS"="c:\program files\Messenger\msmsgs.exe" [2008-04-14 1695232]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]

"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 14720000]

"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-04-29 45056]

"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-08-05 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-08-05 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-08-05 114688]

"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 184320]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]

"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-01-26 52848]

"URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2006-01-26 23168]

"Norton Ghost 10.0"="c:\program files\Norton Ghost\Agent\GhostTray.exe" [2005-10-14 1537648]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"VAIO Update 5"="c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe" [2010-04-09 1459568]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2005-05-20 16:42 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

.

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [5/10/2009 9:08 65584]

R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [6/07/2004 14:07 45627]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/03/2012 0:43 652360]

R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/03/2012 0:43 20464]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232]

S3 RTL8187B;TG123g USB Wireless Adapter;c:\windows\system32\drivers\RTL8187B.sys [27/08/2009 18:03 264576]

S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [15/05/2011 12:27 722288]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - COMHOST

*NewlyCreated* - JAVAQUICKSTARTERSERVICE

.

Inhoud van de 'Gedeelde Taken' map

.

2012-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2012-03-09 c:\windows\Tasks\Norton AntiVirus - Volledige systeemscan uitvoeren - Wessel Kampen.job

- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-01-26 09:26]

.

2010-03-14 c:\windows\Tasks\Symantec NetDetect.job

- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2006-03-01 13:15]

.

2012-03-11 c:\windows\Tasks\User_Feed_Synchronization-{6580C2F0-BC6C-4BFB-87D2-B3FA7CC787B4}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hotmail.com/

uInternet Connection Wizard,ShellNext = hxxp://www.club-vaio.com/en/

uInternet Settings,ProxyOverride = *.local

IE: &Google Zoeken - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html

IE: &Woord vertalen in het Nederlands - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html

IE: Gelijkwaardige pagina's - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html

IE: Koppelingspagina's - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html

IE: Opgeslagen momentopname van de pagina - c:\program files\Google\GoogleToolbar1.dll/cmcache.html

Trusted Zone: sony-europe.com

Trusted Zone: sonystyle-europe.com

Trusted Zone: vaio-link.com

TCP: DhcpNameServer = 192.168.1.1 192.168.1.1

.

- - - - ORPHANS VERWIJDERD - - - -

.

WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)

HKCU-Run-Registry Reviver - c:\program files\Reviversoft\Registry Reviver\RegistryReviver.exe

AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-03-11 13:32

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(932)

c:\windows\system32\VESWinlogon.dll

.

Voltooingstijd: 2012-03-11 13:36:09

ComboFix-quarantined-files.txt 2012-03-11 12:35

.

Pre-Run: 11.680.546.816 bytes beschikbaar

Post-Run: 12.242.653.184 bytes beschikbaar

.

WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect

.

- - End Of File - - 1973859AC6511D929793BF2E5ABC3BF0

[kape]

Open een kladblokbestand.

Kopieer en plak daarin de onderstaande vetgedrukte tekst.

Folder::

c:\program files\Conduit

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit

c:\program files\Complitly

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon

c:\documents and settings\Wessel Kampen\Application Data\Babylon

c:\program files\Ask.com

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar

Sla dit bestand op je bureaublad op als CFScript.

Sleep CFScript.txt in ComboFix.exe

Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

Post na herstart de inhoud van de Combofix.txt in je volgende bericht samen met een nieuw logje van HijackThis.

[wexxel99]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:49:11, on 11/03/2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINDOWS\System32\GEARSec.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Motive\McciCMService.exe

C:\Program Files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe

C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Apoint\Apoint.exe

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\ICO.EXE

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

C:\Program Files\Sony\ISB Utility\ISBMgr.exe

C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

C:\Program Files\Common Files\Symantec Shared\ccApp.exe

C:\Program Files\Apoint\Apntex.exe

C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\Citrix\ICA Client\wfcrun32.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\Program Files\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\hijackthis\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Sign In

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, nieuws en entertainment vind je op MSN.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = Sony: Community: Welcome to the Sony Community for Computing

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll

O2 - BHO: GoogleAFE - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\PROGRA~1\GOOGLE~1\GoogleAFE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe

O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] ICO.EXE

O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [sonyPowerCfg] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

O4 - HKLM\..\Run: [iSBMgr.exe] C:\Program Files\Sony\ISB Utility\ISBMgr.exe

O4 - HKLM\..\Run: [PDService.exe] C:\Program Files\Utimaco\SafeGuard PrivateDisk\pdservice.exe

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [urlLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe

O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Program Files\Norton Ghost\Agent\GhostTray.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe

O4 - HKLM\..\Run: [VAIO Update 5] "C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe" /Stationary

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: &Google Zoeken - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &Woord vertalen in het Nederlands - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Gelijkwaardige pagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Koppelingspagina's - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://www.club-vaio.com/en/

O15 - Trusted Zone: *.sony-europe.com

O15 - Trusted Zone: *.sonystyle-europe.com

O15 - Trusted Zone: *.vaio-link.com

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Norton Internet Security\comHost.exe

O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\Image Converter 2\IcVzMon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe

O23 - Service: Norton AntiVirus Auto-Protect-service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe

O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe

O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe

O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe

O23 - Service: VAIO Media Integrated Server (VAIOMediaPlatform-IntegratedServer-AppServer) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe

O23 - Service: VAIO Media Integrated Server (HTTP) (VAIOMediaPlatform-IntegratedServer-HTTP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe

O23 - Service: VAIO Media Integrated Server (UPnP) (VAIOMediaPlatform-IntegratedServer-UPnP) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe

O23 - Service: VAIO Media Gateway Server (VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation - C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe

O23 - Service: VAIO Entertainment UPnP Client Adapter (Vcsw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe

O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update 5\VUAgent.exe

O23 - Service: VAIO Entertainment Database Service (VzCdbSvc) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

O23 - Service: VAIO Entertainment File Import Service (VzFw) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe

--

End of file - 14613 bytes

---------- Post toegevoegd om 20:51 ---------- Vorige post was om 20:49 ----------

ComboFix 12-03-10.02 - Wessel Kampen 11/03/2012 20:18:31.2.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1014.377 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Wessel Kampen\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Wessel Kampen\Bureaublad\CFScript.txt

AV: Norton Internet Security 2006 *Enabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}

FW: Norton Internet Security 2006 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

FW: Norton Internet Worm Protection *Disabled* {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\Wessel Kampen\Application Data\Babylon

c:\documents and settings\Wessel Kampen\Application Data\Babylon\log_file.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar\cache.dat

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar\config.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\AskToolbar\osearch.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\bab091.norecovericon.dat

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\Babylon.dat

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\cmbx.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\lngs.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1Lrg.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title1.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\HtmlScreens\vIcn.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.35.zpb

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_1257316_1252989_NL.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\CT2865317\uTorrentBar_NLAutoUpdateHelper.exe

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Conduit\Toolbar\Facebook\http___facebook_conduit-services_com_Settings_ashx_locale=nl&browserType=IE&toolbarVersion=6_8_5_1.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215803994037500_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634215829629975000_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634219291587531250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634220946896281250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634226715423943750_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_634244832697856250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_17_286_CT2865317_Images_SearchActivationButton-go_but01_gif-General-634220918830656250_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_About_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Browse_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Contact_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Hide_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_ConduitEngine_ContextMenu_LikeIcon_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_More_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_MoreFromPublisher_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Options_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Privacy_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Refresh_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_Conduit_com_bankImages_ConduitEngine_ContextMenu_Upgrade_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Events_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Friends_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Groups_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Home_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Inbox_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Logout_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Photos_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Profile_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Settings_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Share_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_bankImages_FaceBook_Status_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_about_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_clear_history_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_contact_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_help_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_home_page_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_options_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_privacy_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_refresh_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_shrink_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_main_menu_upgrade_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_images_search_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_news_icon_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_search_icon_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_searchengines_softonic_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_tfd_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_images_SearchEngines_video_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633826753881225000_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633826758646068750_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827552376087500_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827552502181250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827552614056250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827552723118750_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827565870150000_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_633827655684775000_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_634161798257141250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_634161799307581250_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Images_634161801077882500_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___storage_conduit_com_MarketPlace_b9_e6d_b99f575c-76e9-4402-8755-330aaffa3e6d_Appearance_634161804982048752_png.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_cloudy_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_partly_cloudy_night_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\CacheIcons\http___weather_conduit_com_images_weather_Default_sunny_gif.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\AddedAppDialog\app-added.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\AddedAppDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\DefualtImages\icon.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\DetectedAppDialog\app-2go.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\DetectedAppDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\DialogsAPI.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\EngineFirstTimeDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\EngineFirstTimeDialog\right-click.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\excanvas.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\generalDialogStyle.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\images\ok-button.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\images\separation-line.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\images\warning.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\SearchProtector.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\NewSearchProtectorDialog\SearchProtector.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\PIE.htc

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\RoundedCorners.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\RoundedCornersIE9.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\bubble.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\bubble.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\images\information.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorBubbleDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\Images\info.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\Images\ok-on.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\Images\ok.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\SearchProtector.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\SearchProtectorDialog\SearchProtector.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\settings.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\arrow.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\divider.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\facebook.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAddedAppDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAppApprovalDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAppPendingDialog\main.html

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Dialogs\version.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\AccountTypes.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\aol.com.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\comcast.net.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\google.com.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\hotmail.com.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\EmailNotifier\yahoo.com.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=GottenApps&locale=nl.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=OtherApps&locale=nl.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=SharedApps&locale=nl.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ExternalComponent\http___contextmenu_toolbar_conduit-services_com__name=Toolbar&locale=nl.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ldrtbuTor.dll

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGong_16.png

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\manifest.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.bck.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\AppsMetaData\data.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\DynamicDialogs\data.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarLogin\data.bck.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarLogin\data.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarSettings\data.bck.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_CT2865317\ToolbarSettings\data.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Repository\conduit_CT2865317_nl\ToolbarTranslation\data.txt

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___feeds_reuters_com_reuters_topNews_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=fr&hl=fr&topic=h&num=3&output=rss_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_cf=all&ned=us&hl=en&topic=h&num=3&output=rss_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___news_google_nl_news_pz=1&cf=all&ned=nl_nl&hl=nl&topic=h&num=3&output=rss_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_history.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cbc_ca_lineup_latest_xml_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world_history.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___rss_news_yahoo_com_rss_world_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___worldpress_org_feeds_topstories_xml_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\Rss\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_structured.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\SearchInNewTab\SearchInNewTabContent.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\tbuTor.dll

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\ThirdPartyComponents.xml

c:\documents and settings\Wessel Kampen\Local Settings\Application Data\uTorrentBar_NL\toolbar.cfg

c:\program files\Ask.com

c:\program files\Ask.com\assets\oobe\b.png

c:\program files\Ask.com\assets\oobe\bl.png

c:\program files\Ask.com\assets\oobe\br.png

c:\program files\Ask.com\assets\oobe\l.png

c:\program files\Ask.com\assets\oobe\pointer.png

c:\program files\Ask.com\assets\oobe\r.png

c:\program files\Ask.com\assets\oobe\t.png

c:\program files\Ask.com\assets\oobe\tl.png

c:\program files\Ask.com\assets\oobe\tr.png

c:\program files\Ask.com\config.xml

c:\program files\Ask.com\mupcfg.xml

c:\program files\Ask.com\Updater\config.xml

c:\program files\Complitly

c:\program files\Complitly\chrome\ComplitlyChrome.crx

c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png

c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul

c:\program files\Complitly\support@Complitly.com\chrome\content\options.js

c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul

c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js

c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js

c:\program files\Complitly\support@Complitly.com\install.rdf

c:\program files\Complitly\unins000.dat

c:\program files\Conduit

c:\program files\Conduit\Community Alerts\Alert.dll

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-02-11 to 2012-03-11 ))))))))))))))))))))))))))))))

.

.

2012-03-11 12:05 . 2012-03-11 12:05 141312 ----a-w- c:\windows\system32\javacpl.cpl

2012-03-11 11:45 . 2012-03-11 12:05 637848 ----a-w- c:\windows\system32\npdeployJava1.dll

2012-03-11 11:45 . 2012-03-11 12:05 567696 ----a-w- c:\windows\system32\deployJava1.dll

2012-03-10 23:43 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-10 23:43 . 2012-03-10 23:43 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-03-10 17:17 . 2012-03-10 17:17 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Temp

2012-03-10 17:17 . 2012-03-10 17:17 -------- d-----w- c:\program files\uTorrent

2012-03-10 17:16 . 2012-03-11 19:30 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\uTorrent

2012-03-10 16:49 . 2012-03-10 16:49 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-10 00:09 . 2012-03-10 00:09 388096 ----a-r- c:\documents and settings\Wessel Kampen\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-03-08 20:18 . 2012-03-08 20:19 -------- d-----w- c:\program files\Safari

2012-03-08 20:11 . 2012-03-08 20:11 -------- d-----w- c:\program files\iPod

2012-03-04 19:55 . 2012-03-04 19:55 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\Spotnet

2012-03-04 16:24 . 2012-03-04 16:24 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\Malwarebytes

2012-03-04 16:24 . 2012-03-04 16:24 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-03-04 15:41 . 2012-03-04 15:41 -------- d-----w- c:\documents and settings\Wessel Kampen\Application Data\BabylonToolbar

2012-03-04 15:01 . 2012-03-04 15:01 -------- d-----w- c:\windows\system32\wbem\Repository

2012-03-04 13:20 . 2012-03-04 13:20 -------- d-----w- c:\documents and settings\Wessel Kampen\Local Settings\Application Data\I Want This

2012-03-04 13:20 . 2012-03-04 14:54 -------- d-----w- c:\program files\I Want This

2012-03-04 13:01 . 2012-03-04 14:54 -------- d-----w- c:\program files\Windows Media Connect 2

2012-03-04 12:59 . 2012-03-04 14:54 -------- d-----w- c:\windows\system32\drivers\UMDF

2012-03-03 19:09 . 2012-03-11 16:20 -------- d-----w- c:\documents and settings\Wessel Kampen\Downloads

2012-03-03 18:37 . 2012-03-03 18:37 -------- d-----w- c:\program files\Microsoft.NET

2012-03-03 18:34 . 2012-03-05 22:34 -------- d-----w- c:\program files\Spotnet

2012-03-03 18:34 . 2012-03-04 19:55 -------- d-----w- c:\documents and settings\All Users\Application Data\Spotnet

2012-03-01 21:44 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll

2012-03-01 21:44 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-02-15 10:01 . 2010-03-24 19:15 4547944 ----a-w- c:\windows\system32\usbaaplrc.dll

2012-02-15 10:01 . 2010-03-24 19:15 43520 ----a-w- c:\windows\system32\drivers\usbaapl.sys

2012-01-12 17:20 . 2006-03-01 02:55 1860096 ----a-w- c:\windows\system32\win32k.sys

2011-12-17 19:42 . 2006-03-01 02:55 916992 ----a-w- c:\windows\system32\wininet.dll

2011-12-17 19:42 . 2006-03-01 02:55 43520 ----a-w- c:\windows\system32\licmgr10.dll

2011-12-17 19:42 . 2006-03-01 02:55 1469440 ------w- c:\windows\system32\inetcpl.cpl

2011-12-16 12:23 . 2006-03-01 02:55 385024 ----a-w- c:\windows\system32\html.iec

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-03-10 739704]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Apoint"="c:\program files\Apoint\Apoint.exe" [2003-11-07 114688]

"RTHDCPL"="RTHDCPL.EXE" [2005-06-29 14720000]

"AzMixerSel"="c:\program files\Realtek\InstallShield\AzMixerSel.exe" [2005-04-29 45056]

"Mouse Suite 98 Daemon"="ICO.EXE" [2002-03-14 45056]

"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-08-05 94208]

"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2005-08-05 77824]

"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-08-05 114688]

"SonyPowerCfg"="c:\program files\Sony\VAIO Power Management\SPMgr.exe" [2005-10-19 184320]

"ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2004-02-20 32768]

"PDService.exe"="c:\program files\Utimaco\SafeGuard PrivateDisk\pdservice.exe" [2004-07-06 40960]

"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2006-01-26 52848]

"URLLSTCK.exe"="c:\program files\Norton Internet Security\UrlLstCk.exe" [2006-01-26 23168]

"Norton Ghost 10.0"="c:\program files\Norton Ghost\Agent\GhostTray.exe" [2005-10-14 1537648]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 40048]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-11-02 59240]

"VAIO Update 5"="c:\program files\Sony\VAIO Update 5\VAIOUpdt.exe" [2010-04-09 1459568]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]

"ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]

"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-06 421736]

"Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-17 252296]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]

2005-05-20 16:42 73728 ----a-w- c:\windows\system32\VESWinlogon.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]

"DisableMonitoring"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]

"DisableMonitoring"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Google\\Google Talk\\googletalk.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

.

R1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\drivers\ctxusbm.sys [5/10/2009 9:08 65584]

R1 PrivateDisk;PrivateDisk;c:\windows\system32\drivers\privatediskm.sys [6/07/2004 14:07 45627]

R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [11/03/2012 0:43 652360]

R2 MSSQL$VAIO_VEDB;MSSQL$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlservr.exe -sVAIO_VEDB [?]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [11/03/2012 0:43 20464]

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [18/03/2010 13:16 753504]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [18/03/2010 13:16 130384]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [15/01/2010 13:49 227232]

S3 RTL8187B;TG123g USB Wireless Adapter;c:\windows\system32\drivers\RTL8187B.sys [27/08/2009 18:03 264576]

S3 SQLAgent$VAIO_VEDB;SQLAgent$VAIO_VEDB;c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB --> c:\program files\Microsoft SQL Server\MSSQL$VAIO_VEDB\Binn\sqlagent.EXE -i VAIO_VEDB [?]

S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update 5\VUAgent.exe [15/05/2011 12:27 722288]

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - COMHOST

*NewlyCreated* - JAVAQUICKSTARTERSERVICE

.

Inhoud van de 'Gedeelde Taken' map

.

2012-03-08 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57]

.

2012-03-09 c:\windows\Tasks\Norton AntiVirus - Volledige systeemscan uitvoeren - Wessel Kampen.job

- c:\progra~1\NORTON~1\NORTON~1\Navw32.exe [2006-01-26 09:26]

.

2010-03-14 c:\windows\Tasks\Symantec NetDetect.job

- c:\program files\Symantec\LiveUpdate\NDETECT.EXE [2006-03-01 13:15]

.

2012-03-11 c:\windows\Tasks\User_Feed_Synchronization-{6580C2F0-BC6C-4BFB-87D2-B3FA7CC787B4}.job

- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.hotmail.com/

uInternet Connection Wizard,ShellNext = hxxp://www.club-vaio.com/en/

uInternet Settings,ProxyOverride = *.local

IE: &Google Zoeken - c:\program files\Google\GoogleToolbar1.dll/cmsearch.html

IE: &Woord vertalen in het Nederlands - c:\program files\Google\GoogleToolbar1.dll/cmwordtrans.html

IE: Gelijkwaardige pagina's - c:\program files\Google\GoogleToolbar1.dll/cmsimilar.html

IE: Koppelingspagina's - c:\program files\Google\GoogleToolbar1.dll/cmbacklinks.html

IE: Opgeslagen momentopname van de pagina - c:\program files\Google\GoogleToolbar1.dll/cmcache.html

Trusted Zone: sony-europe.com

Trusted Zone: sonystyle-europe.com

Trusted Zone: vaio-link.com

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-03-11 20:30

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'winlogon.exe'(932)

c:\windows\system32\VESWinlogon.dll

.

Voltooingstijd: 2012-03-11 20:34:55

ComboFix-quarantined-files.txt 2012-03-11 19:34

ComboFix2.txt 2012-03-11 12:36

.

Pre-Run: 9.545.875.456 bytes beschikbaar

Post-Run: 9.546.629.120 bytes beschikbaar

.

- - End Of File - - 44B3A9F67926ACCE1C3B9F0BE17AE0C9

[kape]

Combofix heeft flink wat rotzooi opgeruimd. Nog één bestandje dat je manueel mag verwijderen :

c:\documents and settings\Wessel Kampen\Application Data\BabylonToolbar

... en laat dan even weten of je nu nog virusmeldingen krijgt ?

[wexxel99]

Hoi Kape,

Krijg geen virusmeldingen meer, heb ook weer wat meer G op mijn C-schijf... Zeer veel dank voor je hulp en advies!

Kan ik de combo-fix in de toekomst inschakelen om mijn c-schijf schoon te houden en zo ja, hoe?

mvg,

Wessel

[kape]

ComboFix is een (extreem) tooltje dat enkel bij probleemoplossing én onder toezicht mag gebruikt worden. Geen goed idee dus om dit in je reguliere bescherming of controle van de PC in te schakelen. Veel te gevaarlijk !

Nu je probleem van de baan is, is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

Verwijder Combofix: Start -> Uitvoeren/Zoekopdracht en typ: ComboFix /Uninstall

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Download CCleaner.

Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen. Doe dit via Start -> Configuratiescherm -> Prestaties en Onderhoud -> Systeem -> Systeemherstel -> "Systeemherstel op alle stations uitschakelen" aanvinken. Toepassen en OK. PC herstarten en het vinkje terug weg halen.

Indien dit allemaal probleemloos verlopen is, mag je hieronder op "markeer als opgelost" tokkelen !

[wexxel99]

Kape je bent een topper, mijn dank is groot! PC loopt weer als een zonnetje.