Ga naar inhoud

Wimmerd

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    37

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Wimmerd

  1. Wimmerd
    Heb Delfix zijn ding laten doen! Is er nu nog een bepaalde actie vereist? Heel erg bedankt vanwege mijn kennis en ook vanwege mezelf voor de hulp! Mvg, Wimmerd
  2. Wimmerd
    Ja hoor, geen problemen meer! Zijn verdere stappen die ik nog moet ondernemen? En een dikke merci!
  3. Wimmerd
    En hier het andere logje die jullie nodig hebben! Logfile of random's system information tool 1.09 (written by random/random) Run by Dirk Maddelein at 2013-10-29 11:28:09 Microsoft Windows 7 Home Premium Service Pack 1 System drive C: has 1830 GB (97%) free of 1894 GB Total RAM: 6051 MB (78% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:28:14, on 29/10/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16720) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingApp.exe C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingBar.exe C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files\trend micro\Dirk Maddelein.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube Download - C:\Users\Dirk Maddelein\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dirk Maddelein\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12955 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch winlogon.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs "C:\Program Files\IDT\WDM\STacSV64.exe" "C:\Program Files\HitmanPro\hmpsched.exe" C:\Windows\system32\svchost.exe -k NetworkService "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "taskhost.exe" "C:\Program Files\IDT\WDM\AESTSr64.exe" C:\Windows\SysWOW64\ezSharedSvcHost.exe "C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files\IDT\WDM\sttray64.exe" "C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe" "C:\Windows\System32\igfxtray.exe" "C:\Windows\System32\igfxpers.exe" C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt "C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe" "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /s "NIS" /m "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\diMaster.dll" /prefetch:1 "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE "C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe" "C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe" "C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" /AUTORUN "C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe" /c /a /s UserSession "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" WLIDSvcM.exe 3240 "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" "C:\Program Files (x86)\Browny02\BrYNSvc.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-de2fbc01-eb7f-4706-a7fc-3a200d6ff37b -SystemEventPortName:HostProcess-543f1f67-2e37-4fb0-b37b-8534e4978111 -IoCancelEventPortName:HostProcess-e5643058-8594-4c03-a335-dcf5d57d37d7 -NonStateChangingEventPortName:HostProcess-dffd11c6-3da8-416e-b4f5-bc2a7cd30ab5 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:7f09ec5c-9b96-48f8-ba87-77625efc2a97 -DeviceGroupId:WpdFsGroup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe" -CtxID "#Hewlett-Packard#HP Deskjet F2400 series#1331050050" -Startup "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe" -Embedding "C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe" -Embedding "C:\Program Files\Internet Explorer\iexplore.exe" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:78849 /prefetch:2 "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingApp.exe" -Embedding "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingBar.exe" -Embedding "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe" -Embedding "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe" -Embedding "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingSurrogate.exe" -Embedding "C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe" "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe" "C:\Windows\system32\wuauclt.exe" "C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe" "C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-811456756-103072874-835193467-10017_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-811456756-103072874-835193467-10017 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2732 CREDAT:734382 /prefetch:2 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe8_ Global\UsGthrCtrlFltPipeMssGthrPipe8 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "C:\Users\Dirk Maddelein\Downloads\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF} ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job C:\Windows\tasks\HPCeeScheduleForDirk Maddelein.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}] Lync Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-09-17 205472] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 529280] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-09-17 878296] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}] Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-09-17 2328776] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}] HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21 328248] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}] Symantec NCO BHO - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}] Symantec Intrusion Prevention - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL [2011-03-31 210872] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21 439168] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-09-17 705240] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2012-04-14 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09 351136] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}] HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21 509496] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll [2012-06-07 436192] {8dcb7100-df86-4384-8842-8fa844297b3f} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll [2013-07-23 1451680] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"=c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [2008-11-20 62768] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2011-01-26 835072] "IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-02-09 167960] "Persistence"=C:\Windows\system32\igfxpers.exe [2011-02-09 418328] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"=c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08 54576] ""= [] "Norton Online Backup"=C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2010-06-02 1155928] "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2011-02-10 61112] "PDF Complete"=C:\Program Files (x86)\PDF Complete\pdfsty.exe [2011-02-01 656920] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2011-01-07 253672] "BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2010-06-10 2621440] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup HP Digital Imaging Monitor.lnk - C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\Windows\system32\igfxdev.dll [2011-01-27 385024] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DisableLockWorkstation"=0 "DisableTaskMgr"=0 "DisableChangePassword"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=5 "ConsentPromptBehaviorUser"=3 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "HideFastUserSwitching"=0 "EnableSecureUIAPath"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 "EnableShellExecuteHooks"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvyu"=msyuv.dll "vidc.iyuv"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "vidc.yvu9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2013-10-29 11:28:09 ----D---- C:\rsit 2013-10-29 11:28:09 ----D---- C:\Program Files\trend micro 2013-10-28 11:22:01 ----AD---- C:\Kaspersky Rescue Disk 10.0 2013-10-17 17:20:03 ----RD---- C:\Users\Dirk Maddelein\AppData\Roaming\Brother 2013-10-11 17:01:59 ----A---- C:\Windows\SYSWOW64\ieui.dll 2013-10-11 17:01:59 ----A---- C:\Windows\system32\ieui.dll 2013-10-11 17:01:58 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe 2013-10-11 17:01:58 ----A---- C:\Windows\SYSWOW64\iesysprep.dll 2013-10-11 17:01:58 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2013-10-11 17:01:58 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2013-10-11 17:01:58 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2013-10-11 17:01:58 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe 2013-10-11 17:01:58 ----A---- C:\Windows\system32\iesysprep.dll 2013-10-11 17:01:58 ----A---- C:\Windows\system32\iesetup.dll 2013-10-11 17:01:58 ----A---- C:\Windows\system32\iertutil.dll 2013-10-11 17:01:58 ----A---- C:\Windows\system32\iernonce.dll 2013-10-11 17:01:58 ----A---- C:\Windows\system32\ie4uinit.exe 2013-10-11 17:01:57 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2013-10-11 17:01:57 ----A---- C:\Windows\SYSWOW64\jscript.dll 2013-10-11 17:01:57 ----A---- C:\Windows\system32\msfeeds.dll 2013-10-11 17:01:57 ----A---- C:\Windows\system32\jscript.dll 2013-10-11 17:01:56 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2013-10-11 17:01:56 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2013-10-11 17:01:56 ----A---- C:\Windows\system32\jscript9.dll 2013-10-11 17:01:55 ----A---- C:\Windows\SYSWOW64\wininet.dll 2013-10-11 17:01:55 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2013-10-11 17:01:55 ----A---- C:\Windows\system32\urlmon.dll 2013-10-11 17:01:55 ----A---- C:\Windows\system32\jsproxy.dll 2013-10-11 17:01:54 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2013-10-11 17:01:54 ----A---- C:\Windows\system32\wininet.dll 2013-10-11 17:01:53 ----A---- C:\Windows\system32\ieframe.dll 2013-10-11 17:01:52 ----A---- C:\Windows\system32\mshtml.dll 2013-10-11 17:01:51 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2013-10-11 07:04:40 ----A---- C:\Windows\SYSWOW64\comctl32.dll 2013-10-11 07:04:40 ----A---- C:\Windows\system32\comctl32.dll 2013-10-11 07:04:39 ----A---- C:\Windows\SYSWOW64\lpk.dll 2013-10-11 07:04:39 ----A---- C:\Windows\SYSWOW64\fontsub.dll 2013-10-11 07:04:39 ----A---- C:\Windows\SYSWOW64\dciman32.dll 2013-10-11 07:04:39 ----A---- C:\Windows\SYSWOW64\atmlib.dll 2013-10-11 07:04:39 ----A---- C:\Windows\SYSWOW64\atmfd.dll 2013-10-11 07:04:39 ----A---- C:\Windows\system32\lpk.dll 2013-10-11 07:04:39 ----A---- C:\Windows\system32\fontsub.dll 2013-10-11 07:04:39 ----A---- C:\Windows\system32\drivers\Wdf01000.sys 2013-10-11 07:04:39 ----A---- C:\Windows\system32\dciman32.dll 2013-10-11 07:04:39 ----A---- C:\Windows\system32\atmlib.dll 2013-10-11 07:04:39 ----A---- C:\Windows\system32\atmfd.dll 2013-10-11 07:04:38 ----A---- C:\Windows\system32\drivers\usbcir.sys 2013-10-11 07:04:37 ----A---- C:\Windows\system32\drivers\usbscan.sys 2013-10-11 07:04:37 ----A---- C:\Windows\system32\drivers\hidparse.sys 2013-10-11 07:04:37 ----A---- C:\Windows\system32\drivers\hidclass.sys 2013-10-11 07:04:35 ----A---- C:\Windows\SYSWOW64\WebClnt.dll 2013-10-11 07:04:35 ----A---- C:\Windows\SYSWOW64\davclnt.dll 2013-10-11 07:04:35 ----A---- C:\Windows\system32\WebClnt.dll 2013-10-11 07:04:35 ----A---- C:\Windows\system32\drivers\mrxdav.sys 2013-10-11 07:04:35 ----A---- C:\Windows\system32\davclnt.dll 2013-10-11 07:04:34 ----A---- C:\Windows\system32\drivers\tcpip.sys 2013-10-11 07:04:33 ----A---- C:\Windows\SYSWOW64\mswsock.dll 2013-10-11 07:04:33 ----A---- C:\Windows\system32\mswsock.dll 2013-10-11 07:04:33 ----A---- C:\Windows\system32\drivers\afd.sys 2013-10-11 07:04:32 ----A---- C:\Windows\system32\win32k.sys 2013-10-11 07:04:28 ----A---- C:\Windows\system32\ntoskrnl.exe 2013-10-11 07:04:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe 2013-10-11 07:04:27 ----A---- C:\Windows\system32\advapi32.dll 2013-10-11 07:04:26 ----A---- C:\Windows\SYSWOW64\tdh.dll 2013-10-11 07:04:26 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe 2013-10-11 07:04:26 ----A---- C:\Windows\SYSWOW64\advapi32.dll 2013-10-11 07:04:26 ----A---- C:\Windows\system32\tdh.dll 2013-10-11 07:04:26 ----A---- C:\Windows\system32\ntdll.dll 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\wow32.dll 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\user.exe 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\setup16.exe 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2013-10-11 07:04:25 ----A---- C:\Windows\SYSWOW64\instnm.exe 2013-10-11 07:04:25 ----A---- C:\Windows\system32\wow64.dll 2013-10-11 07:04:17 ----A---- C:\Windows\SYSWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 07:04:17 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-11 07:04:14 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys 2013-10-11 07:04:13 ----A---- C:\Windows\system32\scavengeui.dll 2013-10-06 14:56:32 ----D---- C:\Users\Dirk Maddelein\AppData\Roaming\OpenOffice 2013-10-06 14:55:24 ----D---- C:\Program Files (x86)\OpenOffice 4 2013-10-06 14:54:01 ----D---- C:\Program Files\Openoffice 2013-09-30 08:14:03 ----D---- C:\Brother 2013-09-30 08:13:51 ----D---- C:\Program Files (x86)\Browny02 2013-09-30 08:13:50 ----A---- C:\Windows\SYSWOW64\BRTCPCON.DLL 2013-09-30 08:13:50 ----A---- C:\Windows\SYSWOW64\BRRBTOOL.EXE 2013-09-30 08:13:49 ----A---- C:\Windows\SYSWOW64\BRLMW03A.INI 2013-09-30 08:13:49 ----A---- C:\Windows\SYSWOW64\BRLMW03A.DLL 2013-09-30 08:13:49 ----A---- C:\Windows\SYSWOW64\BRLM03A.DLL 2013-09-30 08:13:48 ----A---- C:\Windows\system32\BRADM10A.DAT 2013-09-30 08:13:45 ----N---- C:\Windows\SYSWOW64\NSSearch.dll 2013-09-30 08:13:45 ----N---- C:\Windows\SYSWOW64\BrDctF2S.dll 2013-09-30 08:13:45 ----N---- C:\Windows\SYSWOW64\BrDctF2L.dll 2013-09-30 08:13:45 ----N---- C:\Windows\SYSWOW64\BrDctF2.dll 2013-09-30 08:13:45 ----D---- C:\Program Files (x86)\Brother 2013-09-30 08:13:44 ----N---- C:\Windows\SYSWOW64\BroSNMP.dll 2013-09-30 08:12:57 ----D---- C:\Users\Dirk Maddelein\AppData\Roaming\InstallShield 2013-09-30 08:12:45 ----D---- C:\ProgramData\Brother ======List of files/folders modified in the last 1 month====== 2013-10-29 11:28:14 ----D---- C:\Windows\Prefetch 2013-10-29 11:28:09 ----RD---- C:\Program Files 2013-10-29 11:27:41 ----D---- C:\Windows\Temp 2013-10-29 11:04:39 ----D---- C:\Windows\system32\config 2013-10-29 10:54:49 ----D---- C:\Windows\System32 2013-10-29 10:54:49 ----D---- C:\Windows\inf 2013-10-29 10:54:49 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-29 10:54:33 ----SHD---- C:\Windows\Installer 2013-10-29 10:54:33 ----HD---- C:\Config.Msi 2013-10-29 10:53:48 ----SHD---- C:\System Volume Information 2013-10-29 10:53:12 ----D---- C:\Windows\system32\drivers 2013-10-29 10:52:06 ----A---- C:\Windows\SYSWOW64\log.txt 2013-10-29 10:50:03 ----D---- C:\ProgramData\PDFC 2013-10-29 10:49:44 ----HD---- C:\ProgramData 2013-10-29 10:47:50 ----D---- C:\ProgramData\HitmanPro 2013-10-28 19:20:55 ----D---- C:\ProgramData\Recovery 2013-10-27 19:42:25 ----D---- C:\Windows\system32\wdi 2013-10-25 09:54:31 ----D---- C:\Users\Dirk Maddelein\AppData\Roaming\SoftGrid Client 2013-10-18 18:31:26 ----D---- C:\Windows\Tasks 2013-10-18 18:31:26 ----D---- C:\Windows\system32\Tasks 2013-10-18 18:31:03 ----A---- C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt 2013-10-18 18:30:14 ----D---- C:\Users\Dirk Maddelein\AppData\Roaming\HpUpdate 2013-10-18 18:30:14 ----D---- C:\Users\Dirk Maddelein\AppData\Roaming\HP Support Assistant 2013-10-16 16:50:52 ----D---- C:\ProgramData\Microsoft Help 2013-10-12 11:14:42 ----D---- C:\Windows\rescache 2013-10-12 08:50:34 ----D---- C:\Windows\Microsoft.NET 2013-10-12 08:50:16 ----RSD---- C:\Windows\assembly 2013-10-12 08:27:25 ----D---- C:\Windows\winsxs 2013-10-12 08:25:44 ----D---- C:\Program Files (x86)\Internet Explorer 2013-10-12 08:25:44 ----AD---- C:\Windows\SysWOW64 2013-10-12 08:25:43 ----D---- C:\Program Files\Internet Explorer 2013-10-12 08:25:42 ----D---- C:\Windows\AppPatch 2013-10-12 08:25:38 ----D---- C:\Windows\system32\DriverStore 2013-10-12 08:25:12 ----D---- C:\Program Files\Microsoft Silverlight 2013-10-12 08:25:11 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2013-10-11 17:02:20 ----D---- C:\Windows\system32\catroot2 2013-10-11 17:02:20 ----D---- C:\Windows\system32\catroot 2013-10-11 17:01:00 ----D---- C:\Windows\system32\nl-NL 2013-10-11 07:14:46 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2013-10-09 11:31:19 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2013-10-06 14:55:52 ----RSD---- C:\Windows\Fonts 2013-10-06 14:55:24 ----RD---- C:\Program Files (x86) 2013-10-06 14:03:49 ----D---- C:\Windows\system32\NDF 2013-09-30 08:13:41 ----HD---- C:\Program Files (x86)\InstallShield Installation Information ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel RAID Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NISx64\1207020.003\SYMDS64.SYS [2011-01-27 450680] R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NISx64\1207020.003\SYMEFA64.SYS [2011-03-15 912504] R1 BHDrvx64;BHDrvx64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\BASHDefs\20131022.001\BHDrvx64.sys [2013-10-23 1524824] R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [2013-08-30 484952] R1 IDSVia64;IDSVia64; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\IPSDefs\20131025.002\IDSvia64.sys [2013-10-25 521816] R1 SRTSPX;Symantec Real Time Storage Protection (PEL) x64; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [2011-03-31 40568] R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [2011-01-27 171128] R1 SymNetS;Symantec Network Security WFP Driver; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [2011-04-21 386168] R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-08-30 140376] R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-01-27 12273408] R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440] R3 MEIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2010-10-19 56344] R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20131028.038\ENG64.SYS [2013-08-30 126040] R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.1.0.37\Definitions\VirusDefs\20131028.038\EX64.SYS [2013-08-30 2099288] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2010-12-28 412776] R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2013-06-26 767144] R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2013-06-26 273576] R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2013-06-26 28840] R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2013-06-26 23208] R3 SRTSP;Symantec Real Time Storage Protection x64; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [2011-03-31 744568] R3 STHDA;@%SystemRoot%\system32\stlang64.dll,-10301; C:\Windows\system32\DRIVERS\stwrt64.sys [2011-01-26 520192] R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [2012-02-22 174200] S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-21 19968] S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008] S3 Impcd;Impcd; C:\Windows\system32\drivers\Impcd.sys [2010-02-26 158976] S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\drivers\usbscan.sys [2013-07-03 42496] S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-21 41984] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\AESTSr64.exe [2009-03-02 89600] R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2013-04-22 822504] R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\syswow64\ezSharedSvcHost.exe [2010-04-23 514232] R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-10-28 109352] R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2012-09-27 86528] R2 HPClientSvc;HP Client Services; C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168] R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136] R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2011-02-01 326168] R2 NIS;Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe [2011-04-17 130008] R2 NOBU;Norton Online Backup; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-06-02 2804568] R2 OfficeSvc;Microsoft Office-service; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-07-21 1901752] R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-02-01 1127448] R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-06-26 523944] R2 STacSV;@%SystemRoot%\system32\stlang64.dll,-10101; C:\Program Files\IDT\WDM\STacSV64.exe [2011-01-26 296448] R2 UNS;Intel® Management and Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-02-01 2656280] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2010-09-21 2286976] R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe [2013-07-23 240288] R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2010-01-25 245760] R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136] R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-06-26 207528] S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BBSvc.exe [2013-07-23 193696] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416] S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-19 44376] S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072] S3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2012-08-10 1001376] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2013-08-20 5132888] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-22 1255736] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 wlcrasvc;Windows Live Mesh remote connections service; C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184] -----------------EOF----------------- En nog eens bedankt voor de hulp!
  4. Wimmerd
    Hallo, hieronder het logje van hitmanpro. HitmanPro 3.7.8.207 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : DIRKMADDELEIN Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : NT AUTHORITY\SYSTEM UAC . . . . . . . . . : Disabled License . . . . . . . : Paid (364 days left) Scan date . . . . . . : 2013-10-29 10:45:50 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 53s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : Yes Threats . . . . . . . : 4 Traces . . . . . . . : 12 Objects scanned . . . : 1.585.306 Files scanned . . . . : 25.650 Remnants scanned . . : 269.847 files / 1.289.809 keys Malware _____________________________________________________________________ C:\ProgramData\b14ofbn.pss -> PendingDelete Size . . . . . . . : 61.544 bytes Age . . . . . . . : 4.0 days (2013-10-25 09:52:05) Entropy . . . . . : 7.1 SHA-256 . . . . . : B1B6D76515CB754C534C6C31A26B54D805ADE35EBAFE2990C5C95891C5E09F24 Product . . . . . : Microsoft® Windows® Operating System Publisher . . . . : Microsoft Corporation Description . . . : Non-COM WMI Event Provision APIs Version . . . . . : 5.1.2600.5512 Copyright . . . . : © Microsoft Corporation. All rights reserved. Service . . . . . : Winmgmt > HitmanPro . . . . : Win64/DriveByInfection.Behavior Fuzzy . . . . . . : 62.0 The file name extension of this program is not common. This file was most recently added as automatic startup. This file possibly got dropped on this system via Java exploit (drive-by-download). This file is part of a suspicious group. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Starts automatically as a service during system bootup. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. The file is in use by one or more active processes. Startup HKLM\SYSTEM\CurrentControlSet\Services\Winmgmt\ Forensic Cluster -65.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\favicon[1].ico -64.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\1682cbd27885236329bbbe37ed5a614b.5[1].jpg -64.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\663a078eda723243a4abfaa8abc9374c.5[1].jpg -64.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\831ced7ce9f8df1aa5221c85a3bee788.24[1].jpg -64.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\0c4cac04527188bebcc0a91dbd5fcb20.2[1].jpg -64.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\b062b7ab66e6ea37f83984132a757e8c.25[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.15[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\387101bbf49e39c2bf17d8063ee89bc6.5[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\xnb[1].gif -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\ad12b0e753d5e27a6223e573ad4903f1.7[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\bba16b20fec0bf9da926dffcd81abe1f.28[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\efa7b53213e057d7c539488553e9154f.20[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\0b7ebe6409d83a6d3791d0cf0eb031be.13[1].jpg -64.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\b7e23c740f54aed131a4b37bbf849525.10[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8091b2e9f0a19b28bead0ea9817a0f89.1[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7ad2951db39fa81ce294ca5a664a938d.12[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\3b22a95503e1d59a171a3b94d7bcbbd8.17[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\80c82f4b9f5b8e1b547b0de413ad8515.28[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b796d2977eb8aa4f986551d20e7b7021.11[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\e4149aa25539f18a3ec48d8ea8acf523.24[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.29[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.17[1].jpg -64.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\55f146f7623c9d6cc1a18446517e11e2.18[1].jpg -64.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\EJKBOO3A\[url=http://www.xnxx]PC Helpforum - Gratis hulp bij computer problemen[/url][1].xml -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.5[1].jpg -59.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\efa7b53213e057d7c539488553e9154f.23[1].jpg -59.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\efa7b53213e057d7c539488553e9154f.26[1].jpg -59.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\a22076986cae1007024318e6fd1cccec.26[1].jpg -58.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\a22076986cae1007024318e6fd1cccec.29[1].jpg -57.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b796d2977eb8aa4f986551d20e7b7021.14[1].jpg -56.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\80c82f4b9f5b8e1b547b0de413ad8515.29[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\eb1a320675198feb0ecf022e7445a178.22[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\b45ab1fd806b98404b819b40d3afef55.13[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\66904acc95452bd1bdd5439366bf6187.14[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.21[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\35c4d1063614d697c6e50130af5ee88e.20[1].jpg -53.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\ca9c8831b098f3dfdaf28fcc509998a2.6[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\f6ecadd4f7aa5c1bd038562e1925d540.9[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\b19d194067844de76d626ed579890b23.9[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\f18010d58c64828795f52bdb97afc6de.26[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\185c0e245c2ecf6d3902964864d8d258.30[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.16[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5d4fa7208933d4d0276a615c5d203a9e.1[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.8[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\aaaa8a6c880cc1bdde51b7ac9a48cd5d.18[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\abd776ecb4f54440f3f948aec3709e22.20[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\d1aa5643f31491f160dd8cec5bb44280.5[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\f9d2d2fc7336b8ca4fbf35d8dea55848.19[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1f3cc6818b957e4741f6b091f29c7edd.8[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\83a2c57969d9228aade2398ff35f74c0.18[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\40bd74bb4800e0846b970a7e7d39985b.28[1].jpg -53.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\82d11b14ddb0a85160ad4f4fedaccde8.1[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\09b886969d5dc127bfc6dd8881272168.15[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\21b52abd2c41ecf20cbbf7dd91d9f6aa.21[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\67106ae395dda34d8dcf4f2824da605d.12[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\b9cbd6abe9755f745d8ef00e72e38332.21[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\76b70fb22573b1d24359d9bdf845e9cf.19[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\17b218b696859f7803171ca0808162cc.15[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\a8b7f38eee21a80bbeb7788132603e3b.22[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\0f9dd6d597ab3a92c69ae0c8288a7ad7.1[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\3329e28a41dfe572470fe834e5d33089.11[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\e2c755cc6567b3e64670554a365aad40.21[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\8815ba5bd84eb6e55595677fbbd7a810.25[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.12[1].jpg -53.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\87e99ca375f7e2289e1431348e5137eb.8[1].jpg -53.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b19d194067844de76d626ed579890b23.14[1].jpg -53.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\82136a8009812f2a03ff69d5a6605267.26[1].jpg -53.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.17[1].jpg -52.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.23[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\35c4d1063614d697c6e50130af5ee88e.26[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\35c4d1063614d697c6e50130af5ee88e.29[1].jpg -46.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\35c4d1063614d697c6e50130af5ee88e.2[1].jpg -43.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\8bd03713c7767982472a0fbb3a52a6f1.11[1].jpg -43.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.14[1].jpg -41.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\4ca1841d0d0cedbb2de7b0ed854ecd9f.23[1].jpg -40.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.26[1].jpg -40.7s C:\Windows\Prefetch\BBSVC.EXE-495C7462.pf -39.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.29[1].jpg -38.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\4ca1841d0d0cedbb2de7b0ed854ecd9f.2[1].jpg -37.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\4ca1841d0d0cedbb2de7b0ed854ecd9f.5[1].jpg -36.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\4ca1841d0d0cedbb2de7b0ed854ecd9f.8[1].jpg -36.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\17b218b696859f7803171ca0808162cc.20[1].jpg -35.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\67106ae395dda34d8dcf4f2824da605d.20[1].jpg -34.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\17b218b696859f7803171ca0808162cc.23[1].jpg -32.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\17b218b696859f7803171ca0808162cc.29[1].jpg -28.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\17b218b696859f7803171ca0808162cc.11[1].jpg -27.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\17b218b696859f7803171ca0808162cc.14[1].jpg -21.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\5693599787a02731d649414c308de8d4.12[1].jpg -21.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\7243ac35acfc92adef7861f05a3f3bf6.21[1].jpg -21.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\321ff3361bd4d3ada0e2e7cdde6aff49.9[1].jpg -21.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\8b177cd8d65cc4b8339eea1b7c36b8a4.1[1].jpg -21.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\60fc432c4b26a4e2b9ba37c072a19bfe.13[1].jpg -21.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\vote[1].swf -21.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\xv-player[1].swf -21.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b03021c1d8828d57dc3ac0937fd860a9.9[1].jpg -19.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\8b177cd8d65cc4b8339eea1b7c36b8a4.2[1].jpg -17.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8b177cd8d65cc4b8339eea1b7c36b8a4.8[1].jpg -15.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\8b177cd8d65cc4b8339eea1b7c36b8a4.14[1].jpg -13.2s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I825SZLY.txt -13.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\17b218b696859f7803171ca0808162cc[1].flv -13.0s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\69VXM0ZX.txt -12.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\jquery.min[1].js -12.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\HX7IK261\hotchats[1].xml -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\ -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\settings.sol -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\ -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\superapplication.sol -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\ -12.5s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\ -12.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\9695fe5e3268bed35aafb379be7246c7.20[1].jpg -12.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\9695fe5e3268bed35aafb379be7246c7.23[1].jpg -10.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\03e7ml2e6b[1].htm -9.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[2].js -9.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[3].js -9.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\bimapping[1].js -7.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\5693599787a02731d649414c308de8d4.14[1].jpg -7.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5693599787a02731d649414c308de8d4.17[1].jpg -7.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3bd7e47817cafdccc1215102a749a417.14[1].jpg -7.3s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a.idx -7.3s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a -5.1s C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp -4.8s C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll -4.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\21b52abd2c41ecf20cbbf7dd91d9f6aa.26[1].jpg -4.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\3329e28a41dfe572470fe834e5d33089.14[1].jpg -3.5s C:\ProgramData\nbfo41b.dss -2.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3329e28a41dfe572470fe834e5d33089.20[1].jpg -2.3s C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss -2.2s C:\ProgramData\b14ofbn.bxx -1.7s C:\ProgramData\b14ofbn.fvv -1.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\3329e28a41dfe572470fe834e5d33089.29[1].jpg -0.7s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk 0.0s C:\ProgramData\b14ofbn.pss 1.0s C:\Windows\Prefetch\JP2LAUNCHER.EXE-AADBFF36.pf 3.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\e2c755cc6567b3e64670554a365aad40.26[1].jpg 5.3s C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf 6.6s C:\Windows\Prefetch\RUNDLL32.EXE-4E2672F0.pf 8.4s C:\Windows\Prefetch\RUNDLL32.EXE-13C23B89.pf 8.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\7be28d3cef599d490872302e4b973aed.20[1].jpg 10.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\7be28d3cef599d490872302e4b973aed.26[1].jpg 12.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.2[1].jpg 14.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7be28d3cef599d490872302e4b973aed.8[1].jpg 15.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\7be28d3cef599d490872302e4b973aed.11[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1903b925f0de6695f134ab7a6beaeff2.28[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\dc719e97c4ba751a1d10b9f489c49d20.16[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\b67b04178eff2cb4ae75dc75e7d3ae45.13[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\de2b5827bf4abe44140920a8d67cf2f4.18[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\f12c7a61df46d2c8d04825c13a5c4da2.22[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4e3ffb11eaf22b9fd2e09d688c5dcfcd.5[1].jpg 18.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\faf9d2b8ce2259df7041244ddfa5537c.10[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\ec355c09c06f67143de061e2a63c2607.20[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\ae9b77fc0feb522162a72e2c93a6b616.28[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\884daa894a9baf457aca6110bd5b865f.3[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7b50012d1e6ba24f7518b62beb8da658.16[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\7723a4592fe967072cda31b5a4ba9184.20[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\fecdb0bd906f7d2ef7417f587743d0ab.10[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\c1a8735255007eadfa0b7e9e8d2de910.7[1].jpg 18.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\061aad15e8b44ae51593468b8ed7eca7.5[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\e32630717a4484bc8225b677a7abf1ac.20[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\37d1d6ca8a05c09505ff0b27b508d0ba.8[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\352a5ccdab82161f0340ac267e9fedfe.5[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\cc0877431771da9ae3e852e017ebaea7.7[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\fc2d473807882d668648c3308e21346e.2[1].jpg 18.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\a8620c00fa08e15c315ff7ef702a4710.9[1].jpg 18.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\883238b2078633721e18d3c7d86ab5d6.8[1].jpg 18.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.7[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\352a5ccdab82161f0340ac267e9fedfe.11[1].jpg 24.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\352a5ccdab82161f0340ac267e9fedfe.20[1].jpg 24.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\cc0877431771da9ae3e852e017ebaea7.8[1].jpg 24.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\cc0877431771da9ae3e852e017ebaea7.11[1].jpg 25.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\cc0877431771da9ae3e852e017ebaea7.14[1].jpg 28.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\cc0877431771da9ae3e852e017ebaea7.23[1].jpg 29.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\cc0877431771da9ae3e852e017ebaea7.26[1].jpg 32.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\cc0877431771da9ae3e852e017ebaea7.5[1].jpg 37.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\05987d92532046dcef46c75859b232fa.11[1].jpg 40.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\05987d92532046dcef46c75859b232fa.20[1].jpg 42.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\05987d92532046dcef46c75859b232fa.26[1].jpg 43.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\05987d92532046dcef46c75859b232fa.29[1].jpg 44.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.2[1].jpg 46.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\6c8983f9e48637a92a0ea246a349ee31.29[1].jpg 46.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\3b9842a923fab606f2472674a707c851.30[1].jpg 46.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\93eb35674de2b90f8fc4acec0ba602e2.2[1].jpg 46.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\02d8d035f4fb384433a8426818d23c7e.22[1].jpg 46.1s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RFSXDDQ6.txt 46.3s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1REQNRHR.txt 49.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\782cf79abd9de0a5239a57291c290de3.23[1].jpg 49.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\782cf79abd9de0a5239a57291c290de3.26[1].jpg 49.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\93eb35674de2b90f8fc4acec0ba602e2.8[1].jpg 50.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\93eb35674de2b90f8fc4acec0ba602e2.11[1].jpg 52.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64MV0NHX\782cf79abd9de0a5239a57291c290de3.29[1].jpg 54.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\782cf79abd9de0a5239a57291c290de3.5[1].jpg 55.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\782cf79abd9de0a5239a57291c290de3.8[1].jpg 56.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\782cf79abd9de0a5239a57291c290de3.11[1].jpg 57.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\782cf79abd9de0a5239a57291c290de3.14[1].jpg 58.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\782cf79abd9de0a5239a57291c290de3.17[1].jpg 59.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\040f84403cbc7e8ec815138896c2a243.26[1].jpg 59.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\040f84403cbc7e8ec815138896c2a243.29[1].jpg 60.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\0decd2141ff70e41c57be7d927a3bf2b.29[1].jpg 60.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\0decd2141ff70e41c57be7d927a3bf2b.2[1].jpg C:\ProgramData\nbfo41b.dss -> PendingDelete Size . . . . . . . : 172.032 bytes Age . . . . . . . : 4.0 days (2013-10-25 09:52:02) Entropy . . . . . : 5.3 SHA-256 . . . . . : 9119B531D469C43F80B5108A99B173199D67328548B2BA37EB50A0C8607E2537 Product . . . . . : Sekizenkan Company ® Application perishability manager Publisher . . . . : Sekizenkan Company Description . . . : Application perishability manager Version . . . . . : 1.0.0.10 Copyright . . . . : © Sekizenkan Company. All rights reserved. Gossip . . . . . . : fo41b.dss > G Data . . . . . . : Gen:Variant.Kazy.275893 Fuzzy . . . . . . : 138.0 Startup C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk Forensic Cluster -61.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\favicon[1].ico -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\1682cbd27885236329bbbe37ed5a614b.5[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\663a078eda723243a4abfaa8abc9374c.5[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\831ced7ce9f8df1aa5221c85a3bee788.24[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\0c4cac04527188bebcc0a91dbd5fcb20.2[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\b062b7ab66e6ea37f83984132a757e8c.25[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.15[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\387101bbf49e39c2bf17d8063ee89bc6.5[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\xnb[1].gif -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\ad12b0e753d5e27a6223e573ad4903f1.7[1].jpg -61.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\bba16b20fec0bf9da926dffcd81abe1f.28[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\efa7b53213e057d7c539488553e9154f.20[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\0b7ebe6409d83a6d3791d0cf0eb031be.13[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\b7e23c740f54aed131a4b37bbf849525.10[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8091b2e9f0a19b28bead0ea9817a0f89.1[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7ad2951db39fa81ce294ca5a664a938d.12[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\3b22a95503e1d59a171a3b94d7bcbbd8.17[1].jpg -61.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\80c82f4b9f5b8e1b547b0de413ad8515.28[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b796d2977eb8aa4f986551d20e7b7021.11[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\e4149aa25539f18a3ec48d8ea8acf523.24[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.29[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.17[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\55f146f7623c9d6cc1a18446517e11e2.18[1].jpg -61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\EJKBOO3A\[url=http://www.xnxx]PC Helpforum - Gratis hulp bij computer problemen[/url][1].xml -56.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.5[1].jpg -55.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\efa7b53213e057d7c539488553e9154f.23[1].jpg -55.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\efa7b53213e057d7c539488553e9154f.26[1].jpg -55.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\a22076986cae1007024318e6fd1cccec.26[1].jpg -55.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\a22076986cae1007024318e6fd1cccec.29[1].jpg -54.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b796d2977eb8aa4f986551d20e7b7021.14[1].jpg -53.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\80c82f4b9f5b8e1b547b0de413ad8515.29[1].jpg -50.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\eb1a320675198feb0ecf022e7445a178.22[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\b45ab1fd806b98404b819b40d3afef55.13[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\66904acc95452bd1bdd5439366bf6187.14[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.21[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\35c4d1063614d697c6e50130af5ee88e.20[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\ca9c8831b098f3dfdaf28fcc509998a2.6[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\f6ecadd4f7aa5c1bd038562e1925d540.9[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\b19d194067844de76d626ed579890b23.9[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\f18010d58c64828795f52bdb97afc6de.26[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\185c0e245c2ecf6d3902964864d8d258.30[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.16[1].jpg -50.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5d4fa7208933d4d0276a615c5d203a9e.1[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.8[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\aaaa8a6c880cc1bdde51b7ac9a48cd5d.18[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\abd776ecb4f54440f3f948aec3709e22.20[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\d1aa5643f31491f160dd8cec5bb44280.5[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\f9d2d2fc7336b8ca4fbf35d8dea55848.19[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1f3cc6818b957e4741f6b091f29c7edd.8[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\83a2c57969d9228aade2398ff35f74c0.18[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\40bd74bb4800e0846b970a7e7d39985b.28[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\82d11b14ddb0a85160ad4f4fedaccde8.1[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\09b886969d5dc127bfc6dd8881272168.15[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\21b52abd2c41ecf20cbbf7dd91d9f6aa.21[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\67106ae395dda34d8dcf4f2824da605d.12[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\b9cbd6abe9755f745d8ef00e72e38332.21[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\76b70fb22573b1d24359d9bdf845e9cf.19[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\17b218b696859f7803171ca0808162cc.15[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\a8b7f38eee21a80bbeb7788132603e3b.22[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\0f9dd6d597ab3a92c69ae0c8288a7ad7.1[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\3329e28a41dfe572470fe834e5d33089.11[1].jpg -50.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\e2c755cc6567b3e64670554a365aad40.21[1].jpg -50.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\8815ba5bd84eb6e55595677fbbd7a810.25[1].jpg -50.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.12[1].jpg -50.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\87e99ca375f7e2289e1431348e5137eb.8[1].jpg -50.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b19d194067844de76d626ed579890b23.14[1].jpg -50.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\82136a8009812f2a03ff69d5a6605267.26[1].jpg -49.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.17[1].jpg -49.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.23[1].jpg -46.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\35c4d1063614d697c6e50130af5ee88e.26[1].jpg -45.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\35c4d1063614d697c6e50130af5ee88e.29[1].jpg -43.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\35c4d1063614d697c6e50130af5ee88e.2[1].jpg -39.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\8bd03713c7767982472a0fbb3a52a6f1.11[1].jpg -39.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.14[1].jpg -38.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\4ca1841d0d0cedbb2de7b0ed854ecd9f.23[1].jpg -37.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.26[1].jpg -37.3s C:\Windows\Prefetch\BBSVC.EXE-495C7462.pf -36.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.29[1].jpg -35.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\4ca1841d0d0cedbb2de7b0ed854ecd9f.2[1].jpg -34.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\4ca1841d0d0cedbb2de7b0ed854ecd9f.5[1].jpg -33.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\4ca1841d0d0cedbb2de7b0ed854ecd9f.8[1].jpg -32.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\17b218b696859f7803171ca0808162cc.20[1].jpg -32.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\67106ae395dda34d8dcf4f2824da605d.20[1].jpg -30.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\17b218b696859f7803171ca0808162cc.23[1].jpg -28.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\17b218b696859f7803171ca0808162cc.29[1].jpg -24.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\17b218b696859f7803171ca0808162cc.11[1].jpg -23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\17b218b696859f7803171ca0808162cc.14[1].jpg -18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\5693599787a02731d649414c308de8d4.12[1].jpg -18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\7243ac35acfc92adef7861f05a3f3bf6.21[1].jpg -18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\321ff3361bd4d3ada0e2e7cdde6aff49.9[1].jpg -18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\8b177cd8d65cc4b8339eea1b7c36b8a4.1[1].jpg -18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\60fc432c4b26a4e2b9ba37c072a19bfe.13[1].jpg -18.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\vote[1].swf -18.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\xv-player[1].swf -18.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b03021c1d8828d57dc3ac0937fd860a9.9[1].jpg -15.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\8b177cd8d65cc4b8339eea1b7c36b8a4.2[1].jpg -14.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8b177cd8d65cc4b8339eea1b7c36b8a4.8[1].jpg -12.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\8b177cd8d65cc4b8339eea1b7c36b8a4.14[1].jpg -9.7s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I825SZLY.txt -9.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\17b218b696859f7803171ca0808162cc[1].flv -9.5s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\69VXM0ZX.txt -9.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\jquery.min[1].js -9.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\HX7IK261\hotchats[1].xml -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\ -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\settings.sol -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\ -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\superapplication.sol -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\ -9.0s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\ -8.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\9695fe5e3268bed35aafb379be7246c7.20[1].jpg -8.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\9695fe5e3268bed35aafb379be7246c7.23[1].jpg -7.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\03e7ml2e6b[1].htm -5.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[2].js -5.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[3].js -5.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\bimapping[1].js -4.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\5693599787a02731d649414c308de8d4.14[1].jpg -4.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5693599787a02731d649414c308de8d4.17[1].jpg -4.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3bd7e47817cafdccc1215102a749a417.14[1].jpg -3.9s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a.idx -3.9s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a -1.7s C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp -1.4s C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll -1.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\21b52abd2c41ecf20cbbf7dd91d9f6aa.26[1].jpg -0.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\3329e28a41dfe572470fe834e5d33089.14[1].jpg 0.0s C:\ProgramData\nbfo41b.dss 0.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3329e28a41dfe572470fe834e5d33089.20[1].jpg 1.2s C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss 1.2s C:\ProgramData\b14ofbn.bxx 1.8s C:\ProgramData\b14ofbn.fvv 2.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\3329e28a41dfe572470fe834e5d33089.29[1].jpg 2.7s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk 3.5s C:\ProgramData\b14ofbn.pss 4.4s C:\Windows\Prefetch\JP2LAUNCHER.EXE-AADBFF36.pf 6.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\e2c755cc6567b3e64670554a365aad40.26[1].jpg 8.7s C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf 10.0s C:\Windows\Prefetch\RUNDLL32.EXE-4E2672F0.pf 11.8s C:\Windows\Prefetch\RUNDLL32.EXE-13C23B89.pf 12.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\7be28d3cef599d490872302e4b973aed.20[1].jpg 14.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\7be28d3cef599d490872302e4b973aed.26[1].jpg 16.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.2[1].jpg 18.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7be28d3cef599d490872302e4b973aed.8[1].jpg 19.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\7be28d3cef599d490872302e4b973aed.11[1].jpg 22.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1903b925f0de6695f134ab7a6beaeff2.28[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\dc719e97c4ba751a1d10b9f489c49d20.16[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\b67b04178eff2cb4ae75dc75e7d3ae45.13[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\de2b5827bf4abe44140920a8d67cf2f4.18[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\f12c7a61df46d2c8d04825c13a5c4da2.22[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4e3ffb11eaf22b9fd2e09d688c5dcfcd.5[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\faf9d2b8ce2259df7041244ddfa5537c.10[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\ec355c09c06f67143de061e2a63c2607.20[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\ae9b77fc0feb522162a72e2c93a6b616.28[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\884daa894a9baf457aca6110bd5b865f.3[1].jpg 22.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7b50012d1e6ba24f7518b62beb8da658.16[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\7723a4592fe967072cda31b5a4ba9184.20[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\fecdb0bd906f7d2ef7417f587743d0ab.10[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\c1a8735255007eadfa0b7e9e8d2de910.7[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\061aad15e8b44ae51593468b8ed7eca7.5[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\e32630717a4484bc8225b677a7abf1ac.20[1].jpg 22.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\37d1d6ca8a05c09505ff0b27b508d0ba.8[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\352a5ccdab82161f0340ac267e9fedfe.5[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\cc0877431771da9ae3e852e017ebaea7.7[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\fc2d473807882d668648c3308e21346e.2[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\a8620c00fa08e15c315ff7ef702a4710.9[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\883238b2078633721e18d3c7d86ab5d6.8[1].jpg 22.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.7[1].jpg 24.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\352a5ccdab82161f0340ac267e9fedfe.11[1].jpg 27.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\352a5ccdab82161f0340ac267e9fedfe.20[1].jpg 27.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\cc0877431771da9ae3e852e017ebaea7.8[1].jpg 27.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\cc0877431771da9ae3e852e017ebaea7.11[1].jpg 28.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\cc0877431771da9ae3e852e017ebaea7.14[1].jpg 31.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\cc0877431771da9ae3e852e017ebaea7.23[1].jpg 32.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\cc0877431771da9ae3e852e017ebaea7.26[1].jpg 35.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\cc0877431771da9ae3e852e017ebaea7.5[1].jpg 40.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\05987d92532046dcef46c75859b232fa.11[1].jpg 43.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\05987d92532046dcef46c75859b232fa.20[1].jpg 45.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\05987d92532046dcef46c75859b232fa.26[1].jpg 46.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\05987d92532046dcef46c75859b232fa.29[1].jpg 47.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.2[1].jpg 49.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\6c8983f9e48637a92a0ea246a349ee31.29[1].jpg 49.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\3b9842a923fab606f2472674a707c851.30[1].jpg 49.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\93eb35674de2b90f8fc4acec0ba602e2.2[1].jpg 49.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\02d8d035f4fb384433a8426818d23c7e.22[1].jpg 49.6s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RFSXDDQ6.txt 49.7s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1REQNRHR.txt 52.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\782cf79abd9de0a5239a57291c290de3.23[1].jpg 52.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\782cf79abd9de0a5239a57291c290de3.26[1].jpg 52.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\93eb35674de2b90f8fc4acec0ba602e2.8[1].jpg 53.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\93eb35674de2b90f8fc4acec0ba602e2.11[1].jpg 55.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64MV0NHX\782cf79abd9de0a5239a57291c290de3.29[1].jpg 57.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\782cf79abd9de0a5239a57291c290de3.5[1].jpg 58.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\782cf79abd9de0a5239a57291c290de3.8[1].jpg 59.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\782cf79abd9de0a5239a57291c290de3.11[1].jpg 60.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\782cf79abd9de0a5239a57291c290de3.14[1].jpg 61.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\782cf79abd9de0a5239a57291c290de3.17[1].jpg 62.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\040f84403cbc7e8ec815138896c2a243.26[1].jpg 63.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\040f84403cbc7e8ec815138896c2a243.29[1].jpg 64.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\0decd2141ff70e41c57be7d927a3bf2b.29[1].jpg 64.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\0decd2141ff70e41c57be7d927a3bf2b.2[1].jpg C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss -> PendingDelete Size . . . . . . . : 172.032 bytes Age . . . . . . . : 4.0 days (2013-10-25 09:52:03) Entropy . . . . . : 5.3 SHA-256 . . . . . : 9119B531D469C43F80B5108A99B173199D67328548B2BA37EB50A0C8607E2537 Product . . . . . : Sekizenkan Company ® Application perishability manager Publisher . . . . : Sekizenkan Company Description . . . : Application perishability manager Version . . . . . : 1.0.0.10 Copyright . . . . : © Sekizenkan Company. All rights reserved. > G Data . . . . . . : Gen:Variant.Kazy.275893 Fuzzy . . . . . . : 108.0 Forensic Cluster -62.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\favicon[1].ico -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\1682cbd27885236329bbbe37ed5a614b.5[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\663a078eda723243a4abfaa8abc9374c.5[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\831ced7ce9f8df1aa5221c85a3bee788.24[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\0c4cac04527188bebcc0a91dbd5fcb20.2[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\b062b7ab66e6ea37f83984132a757e8c.25[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.15[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\387101bbf49e39c2bf17d8063ee89bc6.5[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\xnb[1].gif -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\ad12b0e753d5e27a6223e573ad4903f1.7[1].jpg -62.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\bba16b20fec0bf9da926dffcd81abe1f.28[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\efa7b53213e057d7c539488553e9154f.20[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\0b7ebe6409d83a6d3791d0cf0eb031be.13[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\b7e23c740f54aed131a4b37bbf849525.10[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8091b2e9f0a19b28bead0ea9817a0f89.1[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7ad2951db39fa81ce294ca5a664a938d.12[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\3b22a95503e1d59a171a3b94d7bcbbd8.17[1].jpg -62.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\80c82f4b9f5b8e1b547b0de413ad8515.28[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b796d2977eb8aa4f986551d20e7b7021.11[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\e4149aa25539f18a3ec48d8ea8acf523.24[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.29[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.17[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\55f146f7623c9d6cc1a18446517e11e2.18[1].jpg -62.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\EJKBOO3A\[url=http://www.xnxx]PC Helpforum - Gratis hulp bij computer problemen[/url][1].xml -57.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.5[1].jpg -56.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\efa7b53213e057d7c539488553e9154f.23[1].jpg -56.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\efa7b53213e057d7c539488553e9154f.26[1].jpg -56.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\a22076986cae1007024318e6fd1cccec.26[1].jpg -56.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\a22076986cae1007024318e6fd1cccec.29[1].jpg -55.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b796d2977eb8aa4f986551d20e7b7021.14[1].jpg -54.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\80c82f4b9f5b8e1b547b0de413ad8515.29[1].jpg -51.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\eb1a320675198feb0ecf022e7445a178.22[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\b45ab1fd806b98404b819b40d3afef55.13[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\66904acc95452bd1bdd5439366bf6187.14[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.21[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\35c4d1063614d697c6e50130af5ee88e.20[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\ca9c8831b098f3dfdaf28fcc509998a2.6[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\f6ecadd4f7aa5c1bd038562e1925d540.9[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\b19d194067844de76d626ed579890b23.9[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\f18010d58c64828795f52bdb97afc6de.26[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\185c0e245c2ecf6d3902964864d8d258.30[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.16[1].jpg -51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5d4fa7208933d4d0276a615c5d203a9e.1[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.8[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\aaaa8a6c880cc1bdde51b7ac9a48cd5d.18[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\abd776ecb4f54440f3f948aec3709e22.20[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\d1aa5643f31491f160dd8cec5bb44280.5[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\f9d2d2fc7336b8ca4fbf35d8dea55848.19[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1f3cc6818b957e4741f6b091f29c7edd.8[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\83a2c57969d9228aade2398ff35f74c0.18[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\40bd74bb4800e0846b970a7e7d39985b.28[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\82d11b14ddb0a85160ad4f4fedaccde8.1[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\09b886969d5dc127bfc6dd8881272168.15[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\21b52abd2c41ecf20cbbf7dd91d9f6aa.21[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\67106ae395dda34d8dcf4f2824da605d.12[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\b9cbd6abe9755f745d8ef00e72e38332.21[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\76b70fb22573b1d24359d9bdf845e9cf.19[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\17b218b696859f7803171ca0808162cc.15[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\a8b7f38eee21a80bbeb7788132603e3b.22[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\0f9dd6d597ab3a92c69ae0c8288a7ad7.1[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\3329e28a41dfe572470fe834e5d33089.11[1].jpg -51.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\e2c755cc6567b3e64670554a365aad40.21[1].jpg -51.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\8815ba5bd84eb6e55595677fbbd7a810.25[1].jpg -51.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.12[1].jpg -51.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\87e99ca375f7e2289e1431348e5137eb.8[1].jpg -51.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b19d194067844de76d626ed579890b23.14[1].jpg -51.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\82136a8009812f2a03ff69d5a6605267.26[1].jpg -50.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.17[1].jpg -50.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.23[1].jpg -48.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\35c4d1063614d697c6e50130af5ee88e.26[1].jpg -46.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\35c4d1063614d697c6e50130af5ee88e.29[1].jpg -44.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\35c4d1063614d697c6e50130af5ee88e.2[1].jpg -41.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\8bd03713c7767982472a0fbb3a52a6f1.11[1].jpg -41.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.14[1].jpg -39.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\4ca1841d0d0cedbb2de7b0ed854ecd9f.23[1].jpg -38.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.26[1].jpg -38.5s C:\Windows\Prefetch\BBSVC.EXE-495C7462.pf -37.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.29[1].jpg -36.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\4ca1841d0d0cedbb2de7b0ed854ecd9f.2[1].jpg -35.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\4ca1841d0d0cedbb2de7b0ed854ecd9f.5[1].jpg -34.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\4ca1841d0d0cedbb2de7b0ed854ecd9f.8[1].jpg -33.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\17b218b696859f7803171ca0808162cc.20[1].jpg -33.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\67106ae395dda34d8dcf4f2824da605d.20[1].jpg -31.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\17b218b696859f7803171ca0808162cc.23[1].jpg -29.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\17b218b696859f7803171ca0808162cc.29[1].jpg -25.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\17b218b696859f7803171ca0808162cc.11[1].jpg -24.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\17b218b696859f7803171ca0808162cc.14[1].jpg -19.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\5693599787a02731d649414c308de8d4.12[1].jpg -19.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\7243ac35acfc92adef7861f05a3f3bf6.21[1].jpg -19.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\321ff3361bd4d3ada0e2e7cdde6aff49.9[1].jpg -19.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\8b177cd8d65cc4b8339eea1b7c36b8a4.1[1].jpg -19.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\60fc432c4b26a4e2b9ba37c072a19bfe.13[1].jpg -19.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\vote[1].swf -19.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\xv-player[1].swf -19.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b03021c1d8828d57dc3ac0937fd860a9.9[1].jpg -16.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\8b177cd8d65cc4b8339eea1b7c36b8a4.2[1].jpg -15.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8b177cd8d65cc4b8339eea1b7c36b8a4.8[1].jpg -13.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\8b177cd8d65cc4b8339eea1b7c36b8a4.14[1].jpg -10.9s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I825SZLY.txt -10.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\17b218b696859f7803171ca0808162cc[1].flv -10.7s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\69VXM0ZX.txt -10.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\jquery.min[1].js -10.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\HX7IK261\hotchats[1].xml -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\ -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\settings.sol -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\ -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\superapplication.sol -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\ -10.2s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\ -9.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\9695fe5e3268bed35aafb379be7246c7.20[1].jpg -9.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\9695fe5e3268bed35aafb379be7246c7.23[1].jpg -8.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\03e7ml2e6b[1].htm -6.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[2].js -6.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[3].js -6.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\bimapping[1].js -5.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\5693599787a02731d649414c308de8d4.14[1].jpg -5.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5693599787a02731d649414c308de8d4.17[1].jpg -5.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3bd7e47817cafdccc1215102a749a417.14[1].jpg -5.1s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a.idx -5.1s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a -2.9s C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp -2.6s C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll -2.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\21b52abd2c41ecf20cbbf7dd91d9f6aa.26[1].jpg -2.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\3329e28a41dfe572470fe834e5d33089.14[1].jpg -1.2s C:\ProgramData\nbfo41b.dss -0.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3329e28a41dfe572470fe834e5d33089.20[1].jpg 0.0s C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss 0.0s C:\ProgramData\b14ofbn.bxx 0.6s C:\ProgramData\b14ofbn.fvv 1.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\3329e28a41dfe572470fe834e5d33089.29[1].jpg 1.5s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk 2.3s C:\ProgramData\b14ofbn.pss 3.2s C:\Windows\Prefetch\JP2LAUNCHER.EXE-AADBFF36.pf 5.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\e2c755cc6567b3e64670554a365aad40.26[1].jpg 7.5s C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf 8.8s C:\Windows\Prefetch\RUNDLL32.EXE-4E2672F0.pf 10.6s C:\Windows\Prefetch\RUNDLL32.EXE-13C23B89.pf 11.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\7be28d3cef599d490872302e4b973aed.20[1].jpg 13.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\7be28d3cef599d490872302e4b973aed.26[1].jpg 15.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.2[1].jpg 17.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7be28d3cef599d490872302e4b973aed.8[1].jpg 18.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\7be28d3cef599d490872302e4b973aed.11[1].jpg 20.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1903b925f0de6695f134ab7a6beaeff2.28[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\dc719e97c4ba751a1d10b9f489c49d20.16[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\b67b04178eff2cb4ae75dc75e7d3ae45.13[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\de2b5827bf4abe44140920a8d67cf2f4.18[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\f12c7a61df46d2c8d04825c13a5c4da2.22[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4e3ffb11eaf22b9fd2e09d688c5dcfcd.5[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\faf9d2b8ce2259df7041244ddfa5537c.10[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\ec355c09c06f67143de061e2a63c2607.20[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\ae9b77fc0feb522162a72e2c93a6b616.28[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\884daa894a9baf457aca6110bd5b865f.3[1].jpg 20.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7b50012d1e6ba24f7518b62beb8da658.16[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\7723a4592fe967072cda31b5a4ba9184.20[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\fecdb0bd906f7d2ef7417f587743d0ab.10[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\c1a8735255007eadfa0b7e9e8d2de910.7[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\061aad15e8b44ae51593468b8ed7eca7.5[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\e32630717a4484bc8225b677a7abf1ac.20[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\37d1d6ca8a05c09505ff0b27b508d0ba.8[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\352a5ccdab82161f0340ac267e9fedfe.5[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\cc0877431771da9ae3e852e017ebaea7.7[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\fc2d473807882d668648c3308e21346e.2[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\a8620c00fa08e15c315ff7ef702a4710.9[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\883238b2078633721e18d3c7d86ab5d6.8[1].jpg 21.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.7[1].jpg 23.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\352a5ccdab82161f0340ac267e9fedfe.11[1].jpg 26.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\352a5ccdab82161f0340ac267e9fedfe.20[1].jpg 26.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\cc0877431771da9ae3e852e017ebaea7.8[1].jpg 26.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\cc0877431771da9ae3e852e017ebaea7.11[1].jpg 27.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\cc0877431771da9ae3e852e017ebaea7.14[1].jpg 30.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\cc0877431771da9ae3e852e017ebaea7.23[1].jpg 31.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\cc0877431771da9ae3e852e017ebaea7.26[1].jpg 34.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\cc0877431771da9ae3e852e017ebaea7.5[1].jpg 39.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\05987d92532046dcef46c75859b232fa.11[1].jpg 42.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\05987d92532046dcef46c75859b232fa.20[1].jpg 44.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\05987d92532046dcef46c75859b232fa.26[1].jpg 45.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\05987d92532046dcef46c75859b232fa.29[1].jpg 46.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.2[1].jpg 48.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\6c8983f9e48637a92a0ea246a349ee31.29[1].jpg 48.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\3b9842a923fab606f2472674a707c851.30[1].jpg 48.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\93eb35674de2b90f8fc4acec0ba602e2.2[1].jpg 48.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\02d8d035f4fb384433a8426818d23c7e.22[1].jpg 48.4s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RFSXDDQ6.txt 48.5s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1REQNRHR.txt 51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\782cf79abd9de0a5239a57291c290de3.23[1].jpg 51.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\782cf79abd9de0a5239a57291c290de3.26[1].jpg 51.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\93eb35674de2b90f8fc4acec0ba602e2.8[1].jpg 52.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\93eb35674de2b90f8fc4acec0ba602e2.11[1].jpg 54.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64MV0NHX\782cf79abd9de0a5239a57291c290de3.29[1].jpg 56.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\782cf79abd9de0a5239a57291c290de3.5[1].jpg 57.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\782cf79abd9de0a5239a57291c290de3.8[1].jpg 58.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\782cf79abd9de0a5239a57291c290de3.11[1].jpg 59.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\782cf79abd9de0a5239a57291c290de3.14[1].jpg 60.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\782cf79abd9de0a5239a57291c290de3.17[1].jpg 61.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\040f84403cbc7e8ec815138896c2a243.26[1].jpg 61.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\040f84403cbc7e8ec815138896c2a243.29[1].jpg 62.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\0decd2141ff70e41c57be7d927a3bf2b.29[1].jpg 62.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\0decd2141ff70e41c57be7d927a3bf2b.2[1].jpg C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll -> Quarantined Size . . . . . . . : 172.032 bytes Age . . . . . . . : 4.0 days (2013-10-25 09:52:00) Entropy . . . . . : 5.3 SHA-256 . . . . . : 9119B531D469C43F80B5108A99B173199D67328548B2BA37EB50A0C8607E2537 Product . . . . . : Sekizenkan Company ® Application perishability manager Publisher . . . . : Sekizenkan Company Description . . . : Application perishability manager Version . . . . . : 1.0.0.10 Copyright . . . . : © Sekizenkan Company. All rights reserved. > G Data . . . . . . : Gen:Variant.Kazy.275893 Fuzzy . . . . . . : 102.0 Forensic Cluster -60.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\favicon[1].ico -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\1682cbd27885236329bbbe37ed5a614b.5[1].jpg -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\663a078eda723243a4abfaa8abc9374c.5[1].jpg -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\831ced7ce9f8df1aa5221c85a3bee788.24[1].jpg -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\0c4cac04527188bebcc0a91dbd5fcb20.2[1].jpg -60.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\b062b7ab66e6ea37f83984132a757e8c.25[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.15[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\387101bbf49e39c2bf17d8063ee89bc6.5[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\xnb[1].gif -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\ad12b0e753d5e27a6223e573ad4903f1.7[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\bba16b20fec0bf9da926dffcd81abe1f.28[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\efa7b53213e057d7c539488553e9154f.20[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\0b7ebe6409d83a6d3791d0cf0eb031be.13[1].jpg -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\b7e23c740f54aed131a4b37bbf849525.10[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8091b2e9f0a19b28bead0ea9817a0f89.1[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7ad2951db39fa81ce294ca5a664a938d.12[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\3b22a95503e1d59a171a3b94d7bcbbd8.17[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\80c82f4b9f5b8e1b547b0de413ad8515.28[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b796d2977eb8aa4f986551d20e7b7021.11[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\e4149aa25539f18a3ec48d8ea8acf523.24[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.29[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.17[1].jpg -59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\55f146f7623c9d6cc1a18446517e11e2.18[1].jpg -59.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\EJKBOO3A\[url=http://www.xnxx]PC Helpforum - Gratis hulp bij computer problemen[/url][1].xml -55.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.5[1].jpg -54.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\efa7b53213e057d7c539488553e9154f.23[1].jpg -54.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\efa7b53213e057d7c539488553e9154f.26[1].jpg -54.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\a22076986cae1007024318e6fd1cccec.26[1].jpg -54.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\a22076986cae1007024318e6fd1cccec.29[1].jpg -53.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b796d2977eb8aa4f986551d20e7b7021.14[1].jpg -51.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\80c82f4b9f5b8e1b547b0de413ad8515.29[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\eb1a320675198feb0ecf022e7445a178.22[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\b45ab1fd806b98404b819b40d3afef55.13[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\66904acc95452bd1bdd5439366bf6187.14[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.21[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\35c4d1063614d697c6e50130af5ee88e.20[1].jpg -48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\ca9c8831b098f3dfdaf28fcc509998a2.6[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\f6ecadd4f7aa5c1bd038562e1925d540.9[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\b19d194067844de76d626ed579890b23.9[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\f18010d58c64828795f52bdb97afc6de.26[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\185c0e245c2ecf6d3902964864d8d258.30[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.16[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5d4fa7208933d4d0276a615c5d203a9e.1[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.8[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\aaaa8a6c880cc1bdde51b7ac9a48cd5d.18[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\abd776ecb4f54440f3f948aec3709e22.20[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\d1aa5643f31491f160dd8cec5bb44280.5[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\f9d2d2fc7336b8ca4fbf35d8dea55848.19[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1f3cc6818b957e4741f6b091f29c7edd.8[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\83a2c57969d9228aade2398ff35f74c0.18[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\40bd74bb4800e0846b970a7e7d39985b.28[1].jpg -48.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\82d11b14ddb0a85160ad4f4fedaccde8.1[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\09b886969d5dc127bfc6dd8881272168.15[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\21b52abd2c41ecf20cbbf7dd91d9f6aa.21[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\67106ae395dda34d8dcf4f2824da605d.12[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\b9cbd6abe9755f745d8ef00e72e38332.21[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\76b70fb22573b1d24359d9bdf845e9cf.19[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\17b218b696859f7803171ca0808162cc.15[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\a8b7f38eee21a80bbeb7788132603e3b.22[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\0f9dd6d597ab3a92c69ae0c8288a7ad7.1[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\3329e28a41dfe572470fe834e5d33089.11[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\e2c755cc6567b3e64670554a365aad40.21[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\8815ba5bd84eb6e55595677fbbd7a810.25[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.12[1].jpg -48.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\87e99ca375f7e2289e1431348e5137eb.8[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b19d194067844de76d626ed579890b23.14[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\82136a8009812f2a03ff69d5a6605267.26[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.17[1].jpg -47.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.23[1].jpg -45.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\35c4d1063614d697c6e50130af5ee88e.26[1].jpg -43.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\35c4d1063614d697c6e50130af5ee88e.29[1].jpg -42.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\35c4d1063614d697c6e50130af5ee88e.2[1].jpg -38.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\8bd03713c7767982472a0fbb3a52a6f1.11[1].jpg -38.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.14[1].jpg -36.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\4ca1841d0d0cedbb2de7b0ed854ecd9f.23[1].jpg -35.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.26[1].jpg -35.9s C:\Windows\Prefetch\BBSVC.EXE-495C7462.pf -34.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.29[1].jpg -33.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\4ca1841d0d0cedbb2de7b0ed854ecd9f.2[1].jpg -32.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\4ca1841d0d0cedbb2de7b0ed854ecd9f.5[1].jpg -31.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\4ca1841d0d0cedbb2de7b0ed854ecd9f.8[1].jpg -31.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\17b218b696859f7803171ca0808162cc.20[1].jpg -30.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\67106ae395dda34d8dcf4f2824da605d.20[1].jpg -29.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\17b218b696859f7803171ca0808162cc.23[1].jpg -27.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\17b218b696859f7803171ca0808162cc.29[1].jpg -23.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\17b218b696859f7803171ca0808162cc.11[1].jpg -22.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\17b218b696859f7803171ca0808162cc.14[1].jpg -17.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\5693599787a02731d649414c308de8d4.12[1].jpg -17.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\7243ac35acfc92adef7861f05a3f3bf6.21[1].jpg -17.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\321ff3361bd4d3ada0e2e7cdde6aff49.9[1].jpg -17.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\8b177cd8d65cc4b8339eea1b7c36b8a4.1[1].jpg -17.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\60fc432c4b26a4e2b9ba37c072a19bfe.13[1].jpg -17.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\vote[1].swf -17.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\xv-player[1].swf -17.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b03021c1d8828d57dc3ac0937fd860a9.9[1].jpg -14.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\8b177cd8d65cc4b8339eea1b7c36b8a4.2[1].jpg -13.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8b177cd8d65cc4b8339eea1b7c36b8a4.8[1].jpg -11.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\8b177cd8d65cc4b8339eea1b7c36b8a4.14[1].jpg -8.4s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I825SZLY.txt -8.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\17b218b696859f7803171ca0808162cc[1].flv -8.2s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\69VXM0ZX.txt -8.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\jquery.min[1].js -8.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\HX7IK261\hotchats[1].xml -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\ -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\settings.sol -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\ -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\superapplication.sol -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\ -7.7s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\ -7.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\9695fe5e3268bed35aafb379be7246c7.20[1].jpg -7.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\9695fe5e3268bed35aafb379be7246c7.23[1].jpg -5.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\03e7ml2e6b[1].htm -4.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[2].js -4.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[3].js -4.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\bimapping[1].js -3.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\5693599787a02731d649414c308de8d4.14[1].jpg -3.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5693599787a02731d649414c308de8d4.17[1].jpg -2.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3bd7e47817cafdccc1215102a749a417.14[1].jpg -2.5s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a.idx -2.5s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a -0.3s C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp 0.0s C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll 0.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\21b52abd2c41ecf20cbbf7dd91d9f6aa.26[1].jpg 0.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\3329e28a41dfe572470fe834e5d33089.14[1].jpg 1.4s C:\ProgramData\nbfo41b.dss 2.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3329e28a41dfe572470fe834e5d33089.20[1].jpg 2.6s C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss 2.6s C:\ProgramData\b14ofbn.bxx 3.1s C:\ProgramData\b14ofbn.fvv 3.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\3329e28a41dfe572470fe834e5d33089.29[1].jpg 4.1s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk 4.8s C:\ProgramData\b14ofbn.pss 5.8s C:\Windows\Prefetch\JP2LAUNCHER.EXE-AADBFF36.pf 7.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\e2c755cc6567b3e64670554a365aad40.26[1].jpg 10.1s C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf 11.4s C:\Windows\Prefetch\RUNDLL32.EXE-4E2672F0.pf 13.2s C:\Windows\Prefetch\RUNDLL32.EXE-13C23B89.pf 13.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\7be28d3cef599d490872302e4b973aed.20[1].jpg 15.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\7be28d3cef599d490872302e4b973aed.26[1].jpg 17.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.2[1].jpg 19.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7be28d3cef599d490872302e4b973aed.8[1].jpg 20.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\7be28d3cef599d490872302e4b973aed.11[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1903b925f0de6695f134ab7a6beaeff2.28[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\dc719e97c4ba751a1d10b9f489c49d20.16[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\b67b04178eff2cb4ae75dc75e7d3ae45.13[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\de2b5827bf4abe44140920a8d67cf2f4.18[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\f12c7a61df46d2c8d04825c13a5c4da2.22[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4e3ffb11eaf22b9fd2e09d688c5dcfcd.5[1].jpg 23.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\faf9d2b8ce2259df7041244ddfa5537c.10[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\ec355c09c06f67143de061e2a63c2607.20[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\ae9b77fc0feb522162a72e2c93a6b616.28[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\884daa894a9baf457aca6110bd5b865f.3[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7b50012d1e6ba24f7518b62beb8da658.16[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\7723a4592fe967072cda31b5a4ba9184.20[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\fecdb0bd906f7d2ef7417f587743d0ab.10[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\c1a8735255007eadfa0b7e9e8d2de910.7[1].jpg 23.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\061aad15e8b44ae51593468b8ed7eca7.5[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\e32630717a4484bc8225b677a7abf1ac.20[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\37d1d6ca8a05c09505ff0b27b508d0ba.8[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\352a5ccdab82161f0340ac267e9fedfe.5[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\cc0877431771da9ae3e852e017ebaea7.7[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\fc2d473807882d668648c3308e21346e.2[1].jpg 23.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\a8620c00fa08e15c315ff7ef702a4710.9[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\883238b2078633721e18d3c7d86ab5d6.8[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.7[1].jpg 25.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\352a5ccdab82161f0340ac267e9fedfe.11[1].jpg 28.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\352a5ccdab82161f0340ac267e9fedfe.20[1].jpg 29.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\cc0877431771da9ae3e852e017ebaea7.8[1].jpg 29.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\cc0877431771da9ae3e852e017ebaea7.11[1].jpg 30.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\cc0877431771da9ae3e852e017ebaea7.14[1].jpg 33.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\cc0877431771da9ae3e852e017ebaea7.23[1].jpg 34.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\cc0877431771da9ae3e852e017ebaea7.26[1].jpg 37.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\cc0877431771da9ae3e852e017ebaea7.5[1].jpg 41.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\05987d92532046dcef46c75859b232fa.11[1].jpg 44.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\05987d92532046dcef46c75859b232fa.20[1].jpg 46.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\05987d92532046dcef46c75859b232fa.26[1].jpg 47.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\05987d92532046dcef46c75859b232fa.29[1].jpg 48.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.2[1].jpg 50.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\6c8983f9e48637a92a0ea246a349ee31.29[1].jpg 50.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\3b9842a923fab606f2472674a707c851.30[1].jpg 50.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\93eb35674de2b90f8fc4acec0ba602e2.2[1].jpg 50.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\02d8d035f4fb384433a8426818d23c7e.22[1].jpg 50.9s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RFSXDDQ6.txt 51.1s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1REQNRHR.txt 53.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\782cf79abd9de0a5239a57291c290de3.23[1].jpg 53.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\782cf79abd9de0a5239a57291c290de3.26[1].jpg 54.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\93eb35674de2b90f8fc4acec0ba602e2.8[1].jpg 55.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\93eb35674de2b90f8fc4acec0ba602e2.11[1].jpg 56.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64MV0NHX\782cf79abd9de0a5239a57291c290de3.29[1].jpg 58.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\782cf79abd9de0a5239a57291c290de3.5[1].jpg 59.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\782cf79abd9de0a5239a57291c290de3.8[1].jpg 60.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\782cf79abd9de0a5239a57291c290de3.11[1].jpg 61.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\782cf79abd9de0a5239a57291c290de3.14[1].jpg 62.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\782cf79abd9de0a5239a57291c290de3.17[1].jpg 64.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\040f84403cbc7e8ec815138896c2a243.26[1].jpg 64.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\040f84403cbc7e8ec815138896c2a243.29[1].jpg 65.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\0decd2141ff70e41c57be7d927a3bf2b.29[1].jpg 65.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\0decd2141ff70e41c57be7d927a3bf2b.2[1].jpg Suspicious files ____________________________________________________________ C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp Size . . . . . . . : 165.550 bytes Age . . . . . . . : 4.0 days (2013-10-25 09:52:00) Entropy . . . . . : 6.7 SHA-256 . . . . . : E56E9503225AFAC870DA5BEB5A6158F758C3F32DFE2147FF3DC46072710CAE2B Fuzzy . . . . . . : 21.0 This file possibly got dropped on this system via Java exploit (drive-by-download). Forensic Cluster -60.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\favicon[1].ico -59.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\1682cbd27885236329bbbe37ed5a614b.5[1].jpg -59.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\663a078eda723243a4abfaa8abc9374c.5[1].jpg -59.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\831ced7ce9f8df1aa5221c85a3bee788.24[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\0c4cac04527188bebcc0a91dbd5fcb20.2[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\b062b7ab66e6ea37f83984132a757e8c.25[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.15[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\387101bbf49e39c2bf17d8063ee89bc6.5[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\xnb[1].gif -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\ad12b0e753d5e27a6223e573ad4903f1.7[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\bba16b20fec0bf9da926dffcd81abe1f.28[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\efa7b53213e057d7c539488553e9154f.20[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\0b7ebe6409d83a6d3791d0cf0eb031be.13[1].jpg -59.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\b7e23c740f54aed131a4b37bbf849525.10[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8091b2e9f0a19b28bead0ea9817a0f89.1[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7ad2951db39fa81ce294ca5a664a938d.12[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\3b22a95503e1d59a171a3b94d7bcbbd8.17[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\80c82f4b9f5b8e1b547b0de413ad8515.28[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b796d2977eb8aa4f986551d20e7b7021.11[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\e4149aa25539f18a3ec48d8ea8acf523.24[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.29[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\270e3662828e5e0a3998146a82b66c4b.17[1].jpg -59.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\55f146f7623c9d6cc1a18446517e11e2.18[1].jpg -59.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\EJKBOO3A\[url=http://www.xnxx]PC Helpforum - Gratis hulp bij computer problemen[/url][1].xml -55.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\6ceca7d4c1d0a2cf5979ea9a5adf5fc4.5[1].jpg -53.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\efa7b53213e057d7c539488553e9154f.23[1].jpg -53.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\efa7b53213e057d7c539488553e9154f.26[1].jpg -53.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\a22076986cae1007024318e6fd1cccec.26[1].jpg -53.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\a22076986cae1007024318e6fd1cccec.29[1].jpg -52.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b796d2977eb8aa4f986551d20e7b7021.14[1].jpg -51.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\80c82f4b9f5b8e1b547b0de413ad8515.29[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\eb1a320675198feb0ecf022e7445a178.22[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\b45ab1fd806b98404b819b40d3afef55.13[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\66904acc95452bd1bdd5439366bf6187.14[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.21[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\35c4d1063614d697c6e50130af5ee88e.20[1].jpg -48.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\ca9c8831b098f3dfdaf28fcc509998a2.6[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\f6ecadd4f7aa5c1bd038562e1925d540.9[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\b19d194067844de76d626ed579890b23.9[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\f18010d58c64828795f52bdb97afc6de.26[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\185c0e245c2ecf6d3902964864d8d258.30[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.16[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5d4fa7208933d4d0276a615c5d203a9e.1[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.8[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\aaaa8a6c880cc1bdde51b7ac9a48cd5d.18[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\abd776ecb4f54440f3f948aec3709e22.20[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\d1aa5643f31491f160dd8cec5bb44280.5[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\f9d2d2fc7336b8ca4fbf35d8dea55848.19[1].jpg -48.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1f3cc6818b957e4741f6b091f29c7edd.8[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\83a2c57969d9228aade2398ff35f74c0.18[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\40bd74bb4800e0846b970a7e7d39985b.28[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\82d11b14ddb0a85160ad4f4fedaccde8.1[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\09b886969d5dc127bfc6dd8881272168.15[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\21b52abd2c41ecf20cbbf7dd91d9f6aa.21[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\67106ae395dda34d8dcf4f2824da605d.12[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\b9cbd6abe9755f745d8ef00e72e38332.21[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\76b70fb22573b1d24359d9bdf845e9cf.19[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\17b218b696859f7803171ca0808162cc.15[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\a8b7f38eee21a80bbeb7788132603e3b.22[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\0f9dd6d597ab3a92c69ae0c8288a7ad7.1[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\3329e28a41dfe572470fe834e5d33089.11[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\e2c755cc6567b3e64670554a365aad40.21[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\8815ba5bd84eb6e55595677fbbd7a810.25[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.12[1].jpg -48.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\87e99ca375f7e2289e1431348e5137eb.8[1].jpg -48.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\b19d194067844de76d626ed579890b23.14[1].jpg -48.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\82136a8009812f2a03ff69d5a6605267.26[1].jpg -48.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.17[1].jpg -47.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7c0f66101188c84efccfe598784dc86d.23[1].jpg -45.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\35c4d1063614d697c6e50130af5ee88e.26[1].jpg -43.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\35c4d1063614d697c6e50130af5ee88e.29[1].jpg -41.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\35c4d1063614d697c6e50130af5ee88e.2[1].jpg -38.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\8bd03713c7767982472a0fbb3a52a6f1.11[1].jpg -38.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\8bd03713c7767982472a0fbb3a52a6f1.14[1].jpg -36.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\4ca1841d0d0cedbb2de7b0ed854ecd9f.23[1].jpg -35.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\4ca1841d0d0cedbb2de7b0ed854ecd9f.26[1].jpg -35.6s C:\Windows\Prefetch\BBSVC.EXE-495C7462.pf -34.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\4ca1841d0d0cedbb2de7b0ed854ecd9f.29[1].jpg -33.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\4ca1841d0d0cedbb2de7b0ed854ecd9f.2[1].jpg -32.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\4ca1841d0d0cedbb2de7b0ed854ecd9f.5[1].jpg -31.5s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\4ca1841d0d0cedbb2de7b0ed854ecd9f.8[1].jpg -31.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\17b218b696859f7803171ca0808162cc.20[1].jpg -30.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\67106ae395dda34d8dcf4f2824da605d.20[1].jpg -29.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\17b218b696859f7803171ca0808162cc.23[1].jpg -27.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\17b218b696859f7803171ca0808162cc.29[1].jpg -23.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\17b218b696859f7803171ca0808162cc.11[1].jpg -22.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\17b218b696859f7803171ca0808162cc.14[1].jpg -16.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\5693599787a02731d649414c308de8d4.12[1].jpg -16.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\7243ac35acfc92adef7861f05a3f3bf6.21[1].jpg -16.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\321ff3361bd4d3ada0e2e7cdde6aff49.9[1].jpg -16.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\8b177cd8d65cc4b8339eea1b7c36b8a4.1[1].jpg -16.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\60fc432c4b26a4e2b9ba37c072a19bfe.13[1].jpg -16.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\vote[1].swf -16.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\xv-player[1].swf -16.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\b03021c1d8828d57dc3ac0937fd860a9.9[1].jpg -13.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\8b177cd8d65cc4b8339eea1b7c36b8a4.2[1].jpg -12.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\8b177cd8d65cc4b8339eea1b7c36b8a4.8[1].jpg -10.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\8b177cd8d65cc4b8339eea1b7c36b8a4.14[1].jpg -8.0s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I825SZLY.txt -7.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\17b218b696859f7803171ca0808162cc[1].flv -7.9s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\69VXM0ZX.txt -7.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\jquery.min[1].js -7.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Internet Explorer\DOMStore\HX7IK261\hotchats[1].xml -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\settings.sol -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\ -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#hotchats.org\settings.sol -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\ -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\text.swf\superapplication.sol -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\ -7.4s C:\Users\Dirk Maddelein\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NDUUUXY6\hotchats.org\img\ -6.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\9695fe5e3268bed35aafb379be7246c7.20[1].jpg -6.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\9695fe5e3268bed35aafb379be7246c7.23[1].jpg -5.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\03e7ml2e6b[1].htm -3.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[2].js -3.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\script[3].js -3.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\bimapping[1].js -2.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\5693599787a02731d649414c308de8d4.14[1].jpg -2.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\5693599787a02731d649414c308de8d4.17[1].jpg -2.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3bd7e47817cafdccc1215102a749a417.14[1].jpg -2.2s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a.idx -2.2s C:\Users\Dirk Maddelein\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\48e69c6e-1107949a 0.0s C:\Users\Dirk Maddelein\AppData\Local\Temp\jar_cache3995269468207753946.tmp 0.3s C:\Users\Dirk Maddelein\AppData\Local\Temp\~tmf8485148852604985257.dll 0.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\21b52abd2c41ecf20cbbf7dd91d9f6aa.26[1].jpg 0.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\3329e28a41dfe572470fe834e5d33089.14[1].jpg 1.7s C:\ProgramData\nbfo41b.dss 2.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\3329e28a41dfe572470fe834e5d33089.20[1].jpg 2.9s C:\Users\Dirk Maddelein\AppData\Local\Temp\nbfo41b.dss 2.9s C:\ProgramData\b14ofbn.bxx 3.4s C:\ProgramData\b14ofbn.fvv 4.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\3329e28a41dfe572470fe834e5d33089.29[1].jpg 4.4s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\b14ofbn.lnk 5.1s C:\ProgramData\b14ofbn.pss 6.1s C:\Windows\Prefetch\JP2LAUNCHER.EXE-AADBFF36.pf 8.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\e2c755cc6567b3e64670554a365aad40.26[1].jpg 10.4s C:\Windows\Prefetch\REGSVR32.EXE-D5170E12.pf 11.7s C:\Windows\Prefetch\RUNDLL32.EXE-4E2672F0.pf 13.5s C:\Windows\Prefetch\RUNDLL32.EXE-13C23B89.pf 14.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\7be28d3cef599d490872302e4b973aed.20[1].jpg 16.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\7be28d3cef599d490872302e4b973aed.26[1].jpg 18.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\7be28d3cef599d490872302e4b973aed.2[1].jpg 20.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\7be28d3cef599d490872302e4b973aed.8[1].jpg 21.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\7be28d3cef599d490872302e4b973aed.11[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\1903b925f0de6695f134ab7a6beaeff2.28[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\dc719e97c4ba751a1d10b9f489c49d20.16[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\b67b04178eff2cb4ae75dc75e7d3ae45.13[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\de2b5827bf4abe44140920a8d67cf2f4.18[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\f12c7a61df46d2c8d04825c13a5c4da2.22[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\4e3ffb11eaf22b9fd2e09d688c5dcfcd.5[1].jpg 23.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\faf9d2b8ce2259df7041244ddfa5537c.10[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\ec355c09c06f67143de061e2a63c2607.20[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\ae9b77fc0feb522162a72e2c93a6b616.28[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\884daa894a9baf457aca6110bd5b865f.3[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\7b50012d1e6ba24f7518b62beb8da658.16[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\7723a4592fe967072cda31b5a4ba9184.20[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\fecdb0bd906f7d2ef7417f587743d0ab.10[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\c1a8735255007eadfa0b7e9e8d2de910.7[1].jpg 23.8s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TUPXQ9CZ\061aad15e8b44ae51593468b8ed7eca7.5[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\e32630717a4484bc8225b677a7abf1ac.20[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\37d1d6ca8a05c09505ff0b27b508d0ba.8[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\352a5ccdab82161f0340ac267e9fedfe.5[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\cc0877431771da9ae3e852e017ebaea7.7[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\fc2d473807882d668648c3308e21346e.2[1].jpg 23.9s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\a8620c00fa08e15c315ff7ef702a4710.9[1].jpg 24.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\883238b2078633721e18d3c7d86ab5d6.8[1].jpg 24.0s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.7[1].jpg 26.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\352a5ccdab82161f0340ac267e9fedfe.11[1].jpg 29.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\352a5ccdab82161f0340ac267e9fedfe.20[1].jpg 29.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0VFHGYBM\cc0877431771da9ae3e852e017ebaea7.8[1].jpg 29.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\cc0877431771da9ae3e852e017ebaea7.11[1].jpg 30.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\cc0877431771da9ae3e852e017ebaea7.14[1].jpg 33.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\cc0877431771da9ae3e852e017ebaea7.23[1].jpg 34.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\cc0877431771da9ae3e852e017ebaea7.26[1].jpg 37.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\cc0877431771da9ae3e852e017ebaea7.5[1].jpg 42.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\05987d92532046dcef46c75859b232fa.11[1].jpg 45.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\05987d92532046dcef46c75859b232fa.20[1].jpg 47.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\05987d92532046dcef46c75859b232fa.26[1].jpg 48.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\05987d92532046dcef46c75859b232fa.29[1].jpg 49.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\05987d92532046dcef46c75859b232fa.2[1].jpg 51.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\6c8983f9e48637a92a0ea246a349ee31.29[1].jpg 51.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTRP53DZ\3b9842a923fab606f2472674a707c851.30[1].jpg 51.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PJGO094U\93eb35674de2b90f8fc4acec0ba602e2.2[1].jpg 51.1s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\02d8d035f4fb384433a8426818d23c7e.22[1].jpg 51.2s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RFSXDDQ6.txt 51.4s C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1REQNRHR.txt 54.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\782cf79abd9de0a5239a57291c290de3.23[1].jpg 54.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\782cf79abd9de0a5239a57291c290de3.26[1].jpg 54.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\42TF6TNK\93eb35674de2b90f8fc4acec0ba602e2.8[1].jpg 55.4s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FQLETPVF\93eb35674de2b90f8fc4acec0ba602e2.11[1].jpg 57.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\64MV0NHX\782cf79abd9de0a5239a57291c290de3.29[1].jpg 59.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YKCAB3OB\782cf79abd9de0a5239a57291c290de3.5[1].jpg 60.3s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\P2NDDX7Y\782cf79abd9de0a5239a57291c290de3.8[1].jpg 61.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QO270WNK\782cf79abd9de0a5239a57291c290de3.11[1].jpg 62.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FTBY5GJH\782cf79abd9de0a5239a57291c290de3.14[1].jpg 63.2s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UYPBX4TV\782cf79abd9de0a5239a57291c290de3.17[1].jpg 64.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NQBD1XL3\040f84403cbc7e8ec815138896c2a243.26[1].jpg 64.6s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ISR8D96O\040f84403cbc7e8ec815138896c2a243.29[1].jpg 65.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0XW50BW4\0decd2141ff70e41c57be7d927a3bf2b.29[1].jpg 65.7s C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UHM9Q3SI\0decd2141ff70e41c57be7d927a3bf2b.2[1].jpg
  5. Wimmerd
    Ondertussen hitmanpro aangekocht en deze namiddag bij mijn kennis gaan uitproberen! Zoals vorige keren dan toch nog de logjes van hitmanpro en hijackthis posten? Mvg, Wimmerd
  6. Wimmerd
    Hallo, heb de hier bovenvermelde instructies opgevolgd, maar nadat ik op herstarten gedrukt had, kreeg ik een aantal meldingen met "ok". Maar ook een melding met 2 rode uitroeptekens. Dit was de melding: "Failed because we are using /run" Toch maar best overgaan tot de aankoop van Hitmanpro??? Zou het dan kunnen dat met mijn aankoop van hitmanpro, ik de pc van mijn kennis kan herstellen door de dan mijn verkregen licentiecode te gebruiken??? Mvg, Wimmerd
  7. Wimmerd
    Heb nog es gedaan wat je hierboven hebt aangehaald en blijf deze melding krijgen: "Proeflicentie is verlopen. Het verwijderen van virussen en schadelijke software is uitgeschakeld." Dus heb ik al gebruik gemaakt van de trial-versie. Er zit dus nix anders op dan aan te kopen. Toch een dikke merci voor de vlugge reacties!!! Mvg, Wimmerd - - - Updated - - - Dag Ralph_65, heb Kaspersky ook al es gezien, maar nog nooit gebruikt! Dit werkt dus ongeveer hetzelfde als hitmanpro dan?
  8. Wimmerd
    Alvast bedankt voor je reactie. Ik zal het doorgeven aan hen ivm de aankoop van hitmanpro en anders moeten ze maar de computer bij een welbepaalde winkel binnenbrengen. Nog een vraagje, als ik nu hitmanpro aankoop, dan kan ik met een usb-stick hitmanpro erop zetten en hen helpen? mvg, Wimmerd
  9. Wimmerd
    Ben opnieuw ingeschakeld door een kennis omdat die persoon voor de derde keer het politievirus te pakken heeft. Nu dacht ik om hetzelfde te doen als de vorige keer en met Hitmanpro alvast terug toegang te verkrijgen. Dit lukte tot het moment dat ie alles gescand had en dusdanig het virus zou verwijderen. Toen verkreeg ik de melding dat de proeflicentie is verlopen. Dusdanig kon ik niet herstarten en is het virus dus nog actief. Heb dan opnieuw Hitmanpro gedownload en terug op een usb-stick geplaatst, maar verkreeg dezelfde vermelding. Kunnen jullie mij verder helpen??? Mvg, Wimmerd
  10. Wimmerd
    Alles blijkt terug in orde te zijn! Namens m'n vriend heel erg bedankt!!! mvg, Wimmerd
  11. Wimmerd
    Hallo, bij deze je instructies gevolgd en hier is het logje! Zoek.exe Version 4.0.0.4 Updated 19-July-2013 Tool run by Dirk Maddelein on vr 19/07/2013 at 13:11:42,68. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Dirk Maddelein\Desktop\zoek.exe [script inserted] ==== System Restore Info ====================== 19/07/2013 13:12:12 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-811456756-103072874-835193467-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-811456756-103072874-835193467-1001\Software\Microsoft\Internet Explorer\SearchScopes\{4826FBA8-ABA0-4A58-8FC0-66EA1135C1AD} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{E54729E8-BB3D-4270-9D49-7389EA579090} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== "C:\Users\Dirk Maddelein\AppData\Roaming\cache.ini" deleted "C:\ProgramData\dsgsdgdsgdsgw.pad" deleted "C:\Windows\syswow64\appdata" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Users\Dirk Maddelein\AppData\Roaming\DVDVideoSoftIEHelpers" deleted "C:\Users\Dirk Maddelein\AppData\Roaming\OpenCandy" deleted ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="Google" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{D2FB6696-75DB-4AC9-924F-B9B72A8CBDC3}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}" {b7fca997-d0fb-4fe0-8afd-255e89cf9671} Yahoo Url="{searchTerms} - Yahoo!-Zoekresultaten" {D2FB6696-75DB-4AC9-924F-B9B72A8CBDC3} Google Url="{searchTerms} - Google Search?}" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="Zoekresultaten voor "{searchTerms" - Wikipedia}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="{searchTerms | eBay}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk Maddelein\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Dirk Maddelein\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Dirk Maddelein\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\DIRKMA~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 19/07/2013 at 13:16:27,93 ====================== Alvast bedankt!
  12. Wimmerd
    Nog niet kunnen proberen daar ik nog geen tijd heb gehad om bij mijn vriend langs te gaan. Khou jullie op de hoogte. mvg, Wimmerd
  13. Wimmerd
    Hallo, Zelf heb ik geen last meer gehad van het politievirus, maar een vriend van mij wel. Bij deze heb ik tweemaal een logje van hitmanpro en ook al een hijackthislogje. Alvast heel blij dat deze service bestaat!!! HitmanPro 3.7.2.190 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : DIRKMADDELEIN Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : DirkMaddelein\Dirk Maddelein UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2013-07-17 18:08:34 Scan mode . . . . . . : Normal Scan duration . . . . : 2m 1s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 69 Objects scanned . . . : 1.440.468 Files scanned . . . . : 37.257 Remnants scanned . . : 319.349 files / 1.083.862 keys Suspicious files ____________________________________________________________ C:\Users\Dirk Maddelein\AppData\Roaming\cache.dat Size . . . . . . . : 99.328 bytes Age . . . . . . . : 0.2 days (2013-07-17 14:03:17) Entropy . . . . . : 7.1 SHA-256 . . . . . : 2ED34FE1A4E63CC4994658EFD668FF74A8A4126078D31FF34DCAB37321EA58F4 Fuzzy . . . . . . : 58.0 Substitutes Explorer.exe as the default shell. Malware tends to start this way. This file was most recently added as automatic startup. The file name extension of this program is not common. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. Startup HKU\S-1-5-21-811456756-103072874-835193467-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Cookies _____________________________________________________________________ C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\0KXFYJEM.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\0VEEV83G.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\155I1FG2.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\1E4TGLGJ.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\2CMIJ2IR.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\2OAD43NK.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\2YLVVO3M.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\3DDQYRWF.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\3MB8XKM0.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\3QMYY37J.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\3Y05L3O5.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\4VVTN7TZ.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\5EUW11MP.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\7A6PNZ6S.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\7IWV4ACM.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\90N31D6K.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\91X0TIP8.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\96PHOVVP.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\C0E299IJ.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\CDANQF1E.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\DJSMI2XC.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\DTQKG8UC.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\EMCIED0P.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\EMMSTXPC.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\EMN0RRSH.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\EOPAIQY0.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\EPRRGCAI.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\ETKDXL45.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\G3PNCD44.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\G5WS2LJ4.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\GELXHTR3.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\HDI11ILG.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\HM8SJMJW.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\HQHCDNBL.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\HVJSU0YL.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\I0GAOFCG.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\IBWKVI12.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\IEIL2D2P.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\IVBYFZV3.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\JFANTY9I.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\K1ZUJE4I.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\K3Y70O32.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\KFP6ZSR7.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\KVWG0US0.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\M269JN86.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\MTME2MKF.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\NVEXLR3F.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\O123A3TI.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\O7KLGY89.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\OA00QN6O.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\OT0GMBU5.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\OWEHNJP6.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\P0DBSM0W.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\P8178DB0.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\QB1VKOPM.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RCJYD2OH.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RN67FJF6.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\RSZ1JBR6.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\TC237O0V.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\UM9GRNS0.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\W5U8VQ6I.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\WM4YYOZ6.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\WTZE177Q.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\WZ7G71X5.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\X2O2TTBM.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\XL7A1GDZ.txt C:\Users\Dirk Maddelein\AppData\Roaming\Microsoft\Windows\Cookies\Y915IRBD.txt Hier het tweede: HitmanPro 3.7.2.190 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : DIRKMADDELEIN Windows . . . . . . . : 6.1.1.7601.X64/4 User name . . . . . . : DirkMaddelein\Dirk Maddelein UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2013-07-17 18:15:58 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 51s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 2 Objects scanned . . . : 1.440.435 Files scanned . . . . : 37.207 Remnants scanned . . : 319.294 files / 1.083.934 keys Suspicious files ____________________________________________________________ C:\Users\Dirk Maddelein\AppData\Roaming\cache.dat Size . . . . . . . : 99.328 bytes Age . . . . . . . : 0.2 days (2013-07-17 14:03:17) Entropy . . . . . : 7.1 SHA-256 . . . . . : 2ED34FE1A4E63CC4994658EFD668FF74A8A4126078D31FF34DCAB37321EA58F4 Fuzzy . . . . . . : 58.0 Substitutes Explorer.exe as the default shell. Malware tends to start this way. This file was most recently added as automatic startup. The file name extension of this program is not common. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. Startup HKU\S-1-5-21-811456756-103072874-835193467-1001\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell en als laatste het hijackthislogje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:24:27, on 17/07/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE C:\Users\Dirk Maddelein\Downloads\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN België: Hotmail, Skype, nieuws, entertainment, lifestyle en meer! R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\IPS\IPSBHO.DLL O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\coIEPlg.dll O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Free YouTube Download - C:\Users\Dirk Maddelein\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Dirk Maddelein\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6-windows-i586.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\ccSvcHst.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10498 bytes Dank bij voorbaat!
  14. Wimmerd
    Volgens mij is alles nu terug in orde! Bedankt voor jullie hulp!
  15. Wimmerd
    ComboFix 13-03-26.01 - Wim 26/03/2013 16:35:34.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.4061.2868 [GMT 1:00] Gestart vanuit: d:\users\Wim\Music\Afspeellijsten\ComboFix.exe gebruikte Opdracht switches :: d:\users\Wim\Desktop\CFScript.txt AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} AV: Panda Cloud Antivirus *Disabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C} FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Panda Cloud Antivirus *Disabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . FILE :: "c:\program files (x86)\cc_20120920_215304.reg back up van ccleaner.reg" "c:\program files (x86)\cc_20121202_141314.reg" "c:\program files (x86)\cc_20121220_214851.reg" . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\cc_20120920_215304.reg back up van ccleaner.reg c:\program files (x86)\cc_20121202_141314.reg c:\program files (x86)\cc_20121220_214851.reg c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm c:\program files (x86)\Conduit c:\program files (x86)\Conduit\Community Alerts\Alert.dll c:\programdata\blekko toolbars c:\programdata\blekko toolbars\toolbar.txt c:\users\Wim\AppData\Local\Conduit c:\users\Wim\AppData\Local\Smartbar c:\users\Wim\AppData\Local\Smartbar\Application\0Extension.crx c:\users\Wim\AppData\Local\Smartbar\Application\1Extension.crx c:\users\Wim\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\BrowserHelper.exe c:\users\Wim\AppData\Local\Smartbar\Application\BrowserHelper.exe.config c:\users\Wim\AppData\Local\Smartbar\Application\Configs\QueryParameters.xml c:\users\Wim\AppData\Local\Smartbar\Application\Configs\XmlSideBySideProtocol.xml c:\users\Wim\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome.manifest c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\externalJS.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FBImagePreview.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.css c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\FirefoxExtensionMain.xul c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\down.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fb.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\fblike.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\gmail.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\googleplus.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\hide-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\left.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\maximize-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\mgsplusvideo.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\minimize-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\pinit.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\right.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\show-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\twitter.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-1.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-2.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up-3.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\images\up.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\InternalJS.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\jquery-1.5.1.min.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\publisherDefinitions.js c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\QuickShare.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\QuickShare128.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\chrome\PublisherImages\QuickShare16.png c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\ISmartbarFireFoxRemotePlugin.xpt c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_10.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_11.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_12.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_13.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_14.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_15.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_16.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_17.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_18.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_5.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_6.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_7.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_8.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_9.dll c:\users\Wim\AppData\Local\Smartbar\Application\helperbar@helperbar.com\install.rdf c:\users\Wim\AppData\Local\Smartbar\Application\IEButton.png c:\users\Wim\AppData\Local\Smartbar\Application\Interop.SHDocVw.dll c:\users\Wim\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\MACTrackBarLib.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.mshtml.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Common.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.Practices.EnterpriseLibrary.Logging.dll c:\users\Wim\AppData\Local\Smartbar\Application\Microsoft.Practices.ObjectBuilder.dll c:\users\Wim\AppData\Local\Smartbar\Application\NDde.dll c:\users\Wim\AppData\Local\Smartbar\Application\ProductsRemovalTool.exe c:\users\Wim\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\QuickShare.exe.config c:\users\Wim\AppData\Local\Smartbar\Application\RegAsm.exe c:\users\Wim\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.Base.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ChromeLocalPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.DefaultBrowser.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.FireFoxLocalPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.ShareManagerLocalPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessEntities.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PersonalizationSettingsManager.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.UserSettingsManager.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.BrowserHelperUtils.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductsRemovalLibary.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.ProductUninstaller.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettings.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.SetBrowsersSettingsAutoUpdater.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.ShortcutsLibrary.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.XmlSerializers.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.Translations.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.UninstallScreen.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.UrlHistorySupplier.dll c:\users\Wim\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll c:\users\Wim\AppData\Local\Smartbar\Application\SmartbarInstallationIcon.ico c:\users\Wim\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll c:\users\Wim\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll c:\users\Wim\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe c:\users\Wim\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.config c:\users\Wim\AppData\Local\Smartbar\Application\System.Data.SQLite.dll c:\users\Wim\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll c:\users\Wim\AppData\Local\Smartbar\Common\Configs\UserInfo.xml c:\users\Wim\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00c.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\07a9a58b-c653-4285-a870-1fa70cb6c00cPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABE.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133C.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CHover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\30DFF8F0-BA79-4360-A3EA-51B6D006133CPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5252af60-ef03-41a8-babe-415dba235478Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\536b9063-fc09-4e82-8769-73c77317aae6press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\708d8b1e-6545-474a-9f07-d854acf8ad43press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307f.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\87442BEF-FD31-405C-A807-650CB7CC8886press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2C.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Chover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748C.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CHover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\8F4131CE-D4F0-4F08-9102-78C397F3748CPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6eba.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\A75C6A50-13B0-4704-AA87-8DD113E31310press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8f.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico c:\users\Wim\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\CE1500FE-6F59-421C-8005-3E137AC051A2press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D469E1BA-B745-45B3-B7EE-378E000E74C8Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876F.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D5113B95-781C-4737-A26F-3ED3A2CB876Fpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cd.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e2870479-a572-412b-8a8f-5604d19b55cdpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico c:\users\Wim\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12e.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E458493F-867F-4712-A3AF-D9664ED47C19press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212E.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\E8584703-6CA5-4351-82CC-09E40938A066press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580de.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29B.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7b.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png c:\users\Wim\AppData\Local\Smartbar\Common\icons\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\00659FA4-2CAD-45fc-A8A0-DB7862840BA9press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00c.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00chover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\07a9a58b-c653-4285-a870-1fa70cb6c00cpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0DB19630-EB33-4B18-8357-78FC2687C788press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0E29BC94-7C9B-4A23-B682-81D0D1A806E1press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABE.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\0FA6F971-16AA-4921-A39F-543C9839CABEpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE081313press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE08E613press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\139D15A7-C5E1-4C5E-ABF2-484DBE131313press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\1A039A19-BD34-4760-8DE0-E9A8E8AA8827press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BC.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BChover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\2141A104-423C-43EF-A27A-CA0DADB7B9BCpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\28E2C7BC-F857-44D5-A42F-7DD66FAB5EE6press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DEBC8A-1CC6-4480-B3E5-C55E214043A8Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133C.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133CHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\30DFF8F0-BA79-4360-A3EA-51B6D006133CPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\372FF78B-6E4B-4B38-8E3F-797B4680FB98press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\39079B96-6DD1-42DE-89E6-76F79C8BB4E4Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\3f9ac55c-6db5-4c01-9d34-a92da2347be6press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\47BFF758-9581-4C68-9293-1181A70CDEE8Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\48A9C19C-5A4C-4652-A6E7-1C17AEE45675Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\4a110a71-0e7e-4552-af6e-3ef88b2d6511Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BE.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BEHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\511B6809-2468-4A36-A6FC-FC24F05499BEPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5252af60-ef03-41a8-babe-415dba235478Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\536b9063-fc09-4e82-8769-73c77317aae6press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5558C4C6-18C1-4AF3-8F8D-0E2CF70D19C8press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089E.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\56591C8E-DA35-4A97-AC9B-5055E0F7089Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0E.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5D0A6D97-85F2-47E9-8F04-04A747B25A0Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F1B269B-7C66-474F-A473-BE7FA51BE5B2press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\5F488FA5-C35B-44A9-A0E4-2C7B41035780press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1D.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\65B1A402-FC79-410D-AE1C-AF92E206AC1Dpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EC.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7EChover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\69C7DFE3-CDAE-4A22-B753-93ABF8BAE7ECpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\708d8b1e-6545-474a-9f07-d854acf8ad43press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\72CDFC8C-6F2D-4df8-9811-18C4D682C406press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\7fe83ae9-caef-41f0-aa99-d114c0ce3941press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307f.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8217d395-9ebe-4ebb-807c-38cc911a307fPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\83B4B6FE-910D-412E-BED4-E3AFA6E5CA61press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\87442BEF-FD31-405C-A807-650CB7CC8886press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094c-4880-b87a-2af16fc31313Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2C.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Chover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\89582936-094C-4880-B87A-2AF16FC33B2Cpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8b3608b1-c2d5-4ad3-a382-33601228c6d3press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6A.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6AHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8D338D8F-3189-41AB-BCFF-2958D48AAA6APress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748C.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748CHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\8F4131CE-D4F0-4F08-9102-78C397F3748CPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6eba.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\90165d32-a3ef-438c-8625-be9b538b6ebaPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\929407CC-7E48-47E0-A9F9-A4A167AC24D1press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95ae73f0-9799-46fd-bceb-57efcb7f0537press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBE.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\95D9E2EA-40AD-40B8-95D0-58209F584BBEPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A1F75F5D-1D24-4F7A-9ABC-BDA55E332E67press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A46C5E77-16B5-42A0-8761-C6F861D22308Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\A75C6A50-13B0-4704-AA87-8DD113E31310press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8f.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\a94e6710-6021-4cdc-82de-1c001238bd8fPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCB.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\B1BEF453-913F-4EC4-B057-A2BB21C09DCBpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bbf677d4-d0bc-4a59-be4a-6a6cfd3c6c28press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066B.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BC303DD4-37E7-4242-8DDD-8DEE2171066Bpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239ab.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\bc8dcde3-3fd0-4f9b-af5d-15c20f3239abpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BCE4103A-6273-4E49-8B43-2BDEDA1C91B0press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1.PNG c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1HOVER.PNG c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\BE3608B1-C2D5-4AD3-A382-45635338C6D1PRESS.PNG c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cf.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\c1546a00-e42d-4ce7-aac5-5353a895f3cfpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EAB.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EABHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\C41AD485-FE91-4EFE-A613-66CB2BA96EABPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\CE1500FE-6F59-421C-8005-3E137AC051A2press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D2B0680C-17C4-492D-85D7-D4CA3E724D50press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D469E1BA-B745-45B3-B7EE-378E000E74C8Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876F.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D5113B95-781C-4737-A26F-3ED3A2CB876FPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35c1Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\d65acfc2-6ab9-4b66-84fc-ecc7813e35d0Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\D8043E67-EBD0-4ABD-A5A4-63CF4DADFC85press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\DBE2517B-67B8-4D8B-A7CC-B66F8FE52D82press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cd.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e2870479-a572-412b-8a8f-5604d19b55cdpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E3345571-EEF9-4041-8C24-F7F5A9331C23press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12e.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e357f164-c5d8-4257-aab2-fe0cad41c12epress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e3c610dc-deed-47cd-acc0-493d71556c16Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E458493F-867F-4712-A3AF-D9664ED47C19press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212E.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Ehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E52BEFE7-6535-439c-B168-A3B105E4212Epress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\E8584703-6CA5-4351-82CC-09E40938A066press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580de.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580dehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\e8967c62-9ea0-4fde-9832-2c10f1d580depress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29B.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EA99E20A-FBBA-4197-954B-E2013280A29Bpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\EC116BC4-0583-4E07-908A-9D2AD3647177Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aef.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefHover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f41901a8-2a78-4794-b455-d53a24b37aefPress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Hover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\f7fd4890-7f89-4c73-8ff2-52105657cbb6Press.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BD.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\F84A3FBA-7CF5-4F44-A080-C26C04D0E3BDpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.ico c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7b.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bhover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\fac5189f-f2c7-4eed-bae8-011eca170d7bpress.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\youtube.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\youtubehover.png c:\users\Wim\AppData\Local\Smartbar\Common\iconsWide\youtubepress.png c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.DMP.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.MessengerPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.NotepadPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.ScreenCapturePlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.UninstallProductsPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WeatherPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.WordPlugin.dll c:\users\Wim\AppData\Local\Smartbar\Common\ServicesPlugins\Smartbar.Personalization.ServicesPlugins.YoutubeDownloadPlugin.dll c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Configs\IconsSettings.xml c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Configs\LocalMethods.xml c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Configs\ProfileManager.xml c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Configs\PublisherSettings.xml c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Configs\UserSettings.xml c:\users\Wim\AppData\Local\Smartbar\DistributionFiles\Profiles\13131313-1313-1313-1313-131313131313.xml . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-26 to 2013-03-26 )))))))))))))))))))))))))))))) . . 2013-03-26 15:39 . 2013-03-26 15:39 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-26 14:57 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{F6DE7DE9-34AC-4CD4-9D25-85934079311C}\mpengine.dll 2013-03-26 14:47 . 2012-11-07 08:00 58360 ----a-w- c:\windows\system32\drivers\PSKMAD.sys 2013-03-25 20:27 . 2013-03-25 20:27 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2013-03-25 19:22 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-24 13:34 . 2013-03-24 13:34 -------- d-----w- c:\users\Wim\AppData\Roaming\Panda Security 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\users\Wim\AppData\Local\panda4_0dn 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\programdata\Panda Security URL Filtering 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\program files (x86)\pandasecuritytb 2013-03-24 13:32 . 2013-03-24 13:32 -------- d-----w- c:\programdata\Panda Security 2013-03-24 13:32 . 2013-03-24 13:32 -------- d-----w- c:\program files (x86)\Panda Security 2013-03-24 12:41 . 2013-03-24 12:41 -------- d-----w- C:\components 2013-03-23 21:09 . 2012-11-28 10:10 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{44C59B59-90AC-4E0C-8F48-7C74B8FEA79E}\gapaengine.dll 2013-03-23 20:50 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-23 20:47 . 2013-03-23 20:47 -------- d-----w- c:\program files\HitmanPro 2013-03-23 20:47 . 2013-03-23 20:53 -------- d-----w- c:\programdata\HitmanPro 2013-03-14 14:43 . 2013-03-14 14:43 -------- d-----w- c:\program files\Microsoft Silverlight 2013-03-14 14:43 . 2013-03-14 14:43 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-02-25 13:19 . 2013-03-06 10:38 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll 2013-02-25 13:19 . 2013-03-06 10:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-14 13:17 . 2012-07-17 20:14 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-14 13:17 . 2012-07-17 20:14 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-03-04 13:53 . 2012-07-17 18:13 72013344 ----a-w- c:\windows\system32\MRT.exe 2013-02-12 05:45 . 2013-03-14 12:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-14 12:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-14 12:42 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-14 12:42 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-14 12:42 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-14 12:42 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2013-01-09 20:46 . 2013-01-09 20:46 95712 ----a-w- c:\windows\system32\drivers\NNSHttps.sys 2013-01-05 05:53 . 2013-02-14 12:38 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-05 05:00 . 2013-02-14 12:37 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00 . 2013-02-14 12:37 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46 . 2013-02-14 12:37 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 04:51 . 2013-02-14 12:37 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-01-04 04:43 . 2013-02-14 12:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-01-04 03:26 . 2013-02-14 12:37 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-01-04 02:47 . 2013-02-14 12:37 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-01-04 02:47 . 2013-02-14 12:37 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-01-04 02:47 . 2013-02-14 12:37 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-01-04 02:47 . 2013-02-14 12:37 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-01-03 06:00 . 2013-02-14 12:37 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-03 06:00 . 2013-02-14 12:37 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2013-01-08 15:56 87768 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2013-01-30 14:49 281760 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Icon Remover"="c:\program files (x86)\Extrasoft\Iconremover\iconremover.exe" [2012-04-07 742400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-01-04 222424] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-03 946352] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" . R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736] R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160] S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640] S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728] S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712] S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216] S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248] S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312] S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216] S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776] S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216] S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488] S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2013-03-23 108904] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160] S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . --- Andere Services/Drivers In Geheugen --- . *Deregistered* - PSKMAD . Inhoud van de 'Gedeelde Taken' map . 2013-03-26 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 13:17] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService FontCache . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 192.168.1.1 DPF: {49C9FECC-02EE-49D9-8171-F548577E7ACD} - hxxp://ua.foto.com/ImageUploader8.cab . - - - - ORPHANS VERWIJDERD - - - - . HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1301670249-148990362-1122468651-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1301670249-148990362-1122468651-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-03-26 16:41:02 ComboFix-quarantined-files.txt 2013-03-26 15:41 ComboFix2.txt 2013-03-25 19:19 . Pre-Run: 77.583.478.784 bytes beschikbaar Post-Run: 77.861.138.432 bytes beschikbaar . - - End Of File - - 6457085533346C30200EA76F3269BEEE
  16. Wimmerd
    ComboFix 13-03-25.01 - Wim 25/03/2013 20:15:11.1.2 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.32.1043.18.4061.3068 [GMT 1:00] Gestart vanuit: d:\users\Wim\Music\Afspeellijsten\ComboFix.exe AV: Microsoft Security Essentials *Enabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} AV: Panda Cloud Antivirus *Enabled/Updated* {3456760B-FDAA-FFFD-06C2-7BB528D2066C} FW: Cloud Antivirus Firewall *Disabled* {0C6DF72E-B7C5-FEA5-2D9D-D280D6014117} SP: Microsoft Security Essentials *Enabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} SP: Panda Cloud Antivirus *Enabled/Updated* {8F3797EF-DB90-F073-3C72-40C753554CD1} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Wim\AppData\Roaming\skype.ini . . (((((((((((((((((((( Bestanden Gemaakt van 2013-02-25 to 2013-03-25 )))))))))))))))))))))))))))))) . . 2013-03-25 19:18 . 2013-03-25 19:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-03-25 13:04 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{6D805B54-0956-4265-8B49-FD76BF0E3315}\mpengine.dll 2013-03-24 13:34 . 2013-03-24 13:34 -------- d-----w- c:\users\Wim\AppData\Roaming\Panda Security 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\users\Wim\AppData\Local\panda4_0dn 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\programdata\blekko toolbars 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\programdata\Panda Security URL Filtering 2013-03-24 13:33 . 2012-11-07 08:00 58360 ----a-w- c:\windows\system32\drivers\PSKMAD.sys 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\program files (x86)\Toolbar Cleaner 2013-03-24 13:33 . 2013-03-24 13:33 -------- d-----w- c:\program files (x86)\pandasecuritytb 2013-03-24 13:32 . 2013-03-24 13:32 -------- d-----w- c:\programdata\Panda Security 2013-03-24 13:32 . 2013-03-24 13:32 -------- d-----w- c:\program files (x86)\Panda Security 2013-03-24 12:41 . 2013-03-24 12:41 -------- d-----w- C:\components 2013-03-23 21:09 . 2012-11-28 10:10 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{44C59B59-90AC-4E0C-8F48-7C74B8FEA79E}\gapaengine.dll 2013-03-23 21:09 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-03-23 20:50 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-23 20:47 . 2013-03-23 20:47 -------- d-----w- c:\program files\HitmanPro 2013-03-23 20:47 . 2013-03-23 20:53 -------- d-----w- c:\programdata\HitmanPro 2013-03-14 14:43 . 2013-03-14 14:43 -------- d-----w- c:\program files\Microsoft Silverlight 2013-03-14 14:43 . 2013-03-14 14:43 -------- d-----w- c:\program files (x86)\Microsoft Silverlight 2013-02-25 13:19 . 2013-02-25 13:19 -------- d-----w- c:\program files (x86)\Conduit 2013-02-25 13:19 . 2013-03-06 10:38 770384 ----a-w- c:\windows\SysWow64\msvcr100.dll 2013-02-25 13:19 . 2013-03-06 10:38 421200 ----a-w- c:\windows\SysWow64\msvcp100.dll 2013-02-25 13:19 . 2013-02-25 13:28 -------- d-----w- c:\users\Wim\AppData\Local\Conduit 2013-02-24 12:43 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys 2013-02-24 12:43 . 2013-02-24 12:43 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69 2013-02-24 12:43 . 2013-02-24 12:43 -------- d-----w- c:\program files\iTunes 2013-02-24 12:43 . 2013-02-24 12:43 -------- d-----w- c:\program files (x86)\iTunes 2013-02-24 12:43 . 2013-02-24 12:43 -------- d-----w- c:\program files\iPod 2013-02-24 12:40 . 2013-02-24 12:40 -------- d-----w- c:\users\Wim\AppData\Local\Smartbar 2013-02-24 12:39 . 2013-02-24 12:40 -------- d-----w- c:\program files (x86)\DVDVideoSoft 2013-02-24 12:39 . 2013-02-24 12:40 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-03-14 13:17 . 2012-07-17 20:14 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-03-14 13:17 . 2012-07-17 20:14 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-02-12 05:45 . 2013-03-14 12:42 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-02-12 05:45 . 2013-03-14 12:42 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2013-02-12 05:45 . 2013-03-14 12:42 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll 2013-02-12 05:45 . 2013-03-14 12:42 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll 2013-02-12 04:48 . 2013-03-14 12:42 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll 2013-02-12 04:48 . 2013-03-14 12:42 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll 2013-01-30 10:53 . 2010-11-21 03:27 273840 ------w- c:\windows\system32\MpSigStub.exe 2013-01-20 14:59 . 2013-01-20 14:59 230320 ----a-w- c:\windows\system32\drivers\MpFilter.sys 2013-01-20 14:59 . 2012-03-20 18:44 130008 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys 2013-01-09 20:46 . 2013-01-09 20:46 95712 ----a-w- c:\windows\system32\drivers\NNSHttps.sys 2013-01-05 05:53 . 2013-02-14 12:38 5553512 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-01-05 05:00 . 2013-02-14 12:37 3967848 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe 2013-01-05 05:00 . 2013-02-14 12:37 3913064 ----a-w- c:\windows\SysWow64\ntoskrnl.exe 2013-01-04 05:46 . 2013-02-14 12:37 215040 ----a-w- c:\windows\system32\winsrv.dll 2013-01-04 04:51 . 2013-02-14 12:37 5120 ----a-w- c:\windows\SysWow64\wow32.dll 2013-01-04 04:43 . 2013-02-14 12:37 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2013-01-04 03:26 . 2013-02-14 12:37 3153408 ----a-w- c:\windows\system32\win32k.sys 2013-01-04 02:47 . 2013-02-14 12:37 25600 ----a-w- c:\windows\SysWow64\setup16.exe 2013-01-04 02:47 . 2013-02-14 12:37 7680 ----a-w- c:\windows\SysWow64\instnm.exe 2013-01-04 02:47 . 2013-02-14 12:37 2048 ----a-w- c:\windows\SysWow64\user.exe 2013-01-04 02:47 . 2013-02-14 12:37 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll 2013-01-03 06:00 . 2013-02-14 12:37 1913192 ----a-w- c:\windows\system32\drivers\tcpip.sys 2013-01-03 06:00 . 2013-02-14 12:37 288088 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS 2012-12-20 20:48 . 2012-12-20 20:48 530 ----a-w- c:\program files (x86)\cc_20121220_214851.reg 2012-12-02 13:13 . 2012-12-02 13:13 8372 ----a-w- c:\program files (x86)\cc_20121202_141314.reg 2012-09-20 19:54 . 2012-09-20 19:53 21424 ----a-w- c:\program files (x86)\cc_20120920_215304.reg back up van ccleaner.reg . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}] 2013-01-08 15:56 87768 ----a-w- c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2013-01-30 14:49 281760 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}"= "c:\program files (x86)\pandasecuritytb\pandasecurityDx.dll" [2013-01-08 87768] . [HKEY_CLASSES_ROOT\clsid\{b821bf60-5c2d-41eb-92dc-3e4ccd3a22e4}] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Icon Remover"="c:\program files (x86)\Extrasoft\Iconremover\iconremover.exe" [2012-04-07 742400] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-01-28 59720] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-02-20 152392] "PSUAMain"="c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAMain.exe" [2013-01-27 32480] "Panda Security URL Filtering"="c:\programdata\Panda Security URL Filtering\Panda_URL_Filtering.exe" [2013-01-04 222424] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "aux1"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" . R1 NNSNAHSL;Network Activity Hook Server LightWeight Filter Driver;c:\windows\system32\DRIVERS\NNSNAHSL.sys [2012-10-22 33320] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-01-20 130008] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2013-01-27 379360] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-12-13 54784] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-07-17 1255736] R4 NNSPIHSW;NNSPIHSW;c:\windows\system32\DRIVERS\NNSPihsw.sys [2012-11-28 69160] S1 NNSALPC;NNSALPC;c:\windows\system32\DRIVERS\NNSAlpc.sys [2012-11-26 89640] S1 NNSHTTP;NNSHTTP;c:\windows\system32\DRIVERS\NNSHttp.sys [2012-11-26 114728] S1 NNSHTTPS;NNSHTTPS;c:\windows\system32\DRIVERS\NNSHttps.sys [2013-01-09 95712] S1 NNSIDS;NNSIDS;c:\windows\system32\DRIVERS\NNSIds.sys [2012-11-26 114216] S1 NNSPICC;NNSPICC;c:\windows\system32\DRIVERS\NNSPicc.sys [2012-11-26 94248] S1 NNSPOP3;NNSPOP3;c:\windows\system32\DRIVERS\NNSPop3.sys [2012-11-26 118312] S1 NNSPROT;NNSPROT;c:\windows\system32\DRIVERS\NNSProt.sys [2012-11-26 306216] S1 NNSPRV;NNSPRV;c:\windows\system32\DRIVERS\NNSPrv.sys [2012-11-26 116776] S1 NNSSMTP;NNSSMTP;c:\windows\system32\DRIVERS\NNSSmtp.sys [2012-11-26 114216] S1 NNSSTRM;NNSSTRM;c:\windows\system32\DRIVERS\NNSStrm.sys [2012-11-28 232488] S1 NNSTLSC;NNSTLSC;c:\windows\system32\DRIVERS\NNSTlsc.sys [2012-11-26 105000] S1 PSINKNC;PSINKNC;c:\windows\system32\DRIVERS\psinknc.sys [2012-11-09 204328] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624] S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\HitmanPro\hmpsched.exe [2013-03-23 108904] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] S2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSANHost.exe [2013-01-27 140512] S2 PSINAflt;PSINAflt;c:\windows\system32\DRIVERS\PSINAflt.sys [2012-11-09 167976] S2 PSINFile;PSINFile;c:\windows\system32\DRIVERS\PSINFile.sys [2012-11-09 119848] S2 PSINProc;PSINProc;c:\windows\system32\DRIVERS\PSINProc.sys [2012-11-09 123944] S2 PSINProt;PSINProt;c:\windows\system32\DRIVERS\PSINProt.sys [2012-11-09 133160] S2 PSUAService;Panda Product Service;c:\program files (x86)\Panda Security\Panda Cloud Antivirus\PSUAService.exe [2013-01-27 37088] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] S3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys [2012-11-07 58360] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496] . . Inhoud van de 'Gedeelde Taken' map . 2013-03-25 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-17 13:17] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2010-11-21 03:23 444752 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2013-01-30 14:49 342176 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.be/ mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll TCP: DhcpNameServer = 195.130.130.133 195.130.131.133 192.168.1.1 DPF: {49C9FECC-02EE-49D9-8171-F548577E7ACD} - hxxp://ua.foto.com/ImageUploader8.cab . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\S-1-5-21-1301670249-148990362-1122468651-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1301670249-148990362-1122468651-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-03-25 20:19:32 ComboFix-quarantined-files.txt 2013-03-25 19:19 . Pre-Run: 79.026.311.168 bytes beschikbaar Post-Run: 79.401.463.808 bytes beschikbaar . - - End Of File - - 0985EC0F5525FB5F95DAFFD6CF41ECD0 Logje van ComboFix
  17. Wimmerd
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:06:30, on 24/03/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\AdzRemove\AdzRemove.exe C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [icon Remover] C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe /hideapp O4 - HKCU\..\Run: [EPSON SX230 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Wim\AppData\Local\Temp\E_S7C8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SB5F6.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {49C9FECC-02EE-49D9-8171-F548577E7ACD} (Uploader Control) - http://ua.foto.com/ImageUploader8.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8302 bytes Bedankt voor de snelle reactie!
  18. Wimmerd
    Van hetgene ik moest verwijderen via hijackthis heb ik volgende niet in de lijst teruggevonden: O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe O4 - HKCU\..\Run: [searchProtect] C:\Users\Wim\AppData\Roaming\SearchProtect\bin\cltmng.exe Via malwarebytes heb ik bijgevolg niks moeten verwijderen! Hier is toch het logje: Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.03.24.04 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Wim :: PCDELL [administrator] 24/03/2013 13:53:49 mbam-log-2013-03-24 (13-53-49).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 205354 Verstreken tijd: 1 minuut/minuten, 51 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde)
  19. Wimmerd
    Daar u zo vlug reageert, ik ook ! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 22:19:45, on 23/03/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe C:\windows\AdzRemove\AdzRemove.exe C:\Users\Wim\AppData\Roaming\SearchProtect\bin\cltmng.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - mscoree.dll (file missing) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O3 - Toolbar: QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (file missing) O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe O4 - HKCU\..\Run: [icon Remover] C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe /hideapp O4 - HKCU\..\Run: [EPSON SX230 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Wim\AppData\Local\Temp\E_S7C8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SB5F6.tmp" /EF "HKCU" O4 - HKCU\..\Run: [searchProtect] C:\Users\Wim\AppData\Roaming\SearchProtect\bin\cltmng.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {49C9FECC-02EE-49D9-8171-F548577E7ACD} (Uploader Control) - http://ua.foto.com/ImageUploader8.cab O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 8810 bytes
  20. Wimmerd
    Eindelijk de tijd gevonden om jullie tips uit te voeren! Duurde ook wat lang doordat ik hitmanpro moest downloaden met een 10 jaar oude laptop! Bij deze is hier het logje! HitmanPro 3.7.2.190 [url="http://www.hitmanpro.com"]www.hitmanpro.com[/url] Computer name . . . . : PCDELL Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : pcdell\Wim UAC . . . . . . . . . : Disabled License . . . . . . . : Free Scan date . . . . . . : 2013-03-23 21:48:19 Scan mode . . . . . . : Normal Scan duration . . . . : 1m 47s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 4 Traces . . . . . . . : 30 Objects scanned . . . : 984.710 Files scanned . . . . : 15.977 Remnants scanned . . : 180.509 files / 788.224 keys Malware _____________________________________________________________________ C:\Users\Wim\AppData\Local\Smartbar\Application\QuickShare.exe Size . . . . . . . : 13.824 bytes Age . . . . . . . : 27.3 days (2013-02-24 13:40:26) Entropy . . . . . : 5.3 SHA-256 . . . . . : 747632ECF9ABC6C37CC7BAC453D71CE9661A72E29326619F8D51A8501951BD41 Product . . . . . : Smartbar Publisher . . . . : Smartbar Description . . . : Smartbar Version . . . . . : 1.6.1.714 Copyright . . . . : Gossip . . . . . . : QuickShare.exe - Onherstelbare fout Desktop . . . . . : Default Parent Name . . . : C:\Windows\Explorer.EXE Running processes : 2364 > a-Squared . . . . : Adware.MSIL.Agent.AMN!A2 > G Data . . . . . . : Adware.Smartbar.D (Engine A) Fuzzy . . . . . . : 95.0 Startup HKU\S-1-5-21-1301670249-148990362-1122468651-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Browser Infrastructure Helper C:\Users\Wim\AppData\Local\Temp\~tmp6791488172484908665.exe Size . . . . . . . : 98.304 bytes Age . . . . . . . : 6.3 days (2013-03-17 14:49:09) Entropy . . . . . : 5.6 SHA-256 . . . . . : C35089558922E3847D65492538B4349E003ED63D386945FF8E991AA99A58DDC0 Product . . . . . : Publisher . . . . : Software Description . . . : Software Version . . . . . : 14.0.0.715 Copyright . . . . : Copyright . > Ikarus . . . . . . : Trojan-Ransom.Win32.Foreign!IK Fuzzy . . . . . . : 102.0 C:\Users\Wim\AppData\Roaming\OpenCandy\4D73D28A150047BCA145819A32CDA005\setup__759.exe Size . . . . . . . : 150.880 bytes Age . . . . . . . : 27.3 days (2013-02-24 13:40:50) Entropy . . . . . : 7.8 SHA-256 . . . . . : 40050E8481C00A546EFB529D19B38677CFC0A2EE2D3C54F0127826C723FC505F Product . . . . . : Installer Publisher . . . . : Amonetize Description . . . : Installer Version . . . . . : 1.1.3.71 Copyright . . . . : (c) Amonetize ltd., 2012,2013. All rights reserved. RSA Key Size . . . : 2048 Authenticode . . . : Valid > a-Squared . . . . : Trojan.Win32.Amonetize.AMN!A2 Fuzzy . . . . . . : 101.0 C:\Users\Wim\AppData\Roaming\skype.dat Size . . . . . . . : 98.304 bytes Age . . . . . . . : 6.3 days (2013-03-17 14:49:24) Entropy . . . . . : 5.6 SHA-256 . . . . . : C35089558922E3847D65492538B4349E003ED63D386945FF8E991AA99A58DDC0 Product . . . . . : Publisher . . . . : Software Description . . . : Software Version . . . . . : 14.0.0.715 Copyright . . . . : Copyright . > Ikarus . . . . . . : Trojan-Ransom.Win32.Foreign!IK Fuzzy . . . . . . : 148.0 One or more antivirus vendors have indicated that the file is malicious. Substitutes Explorer.exe as the default shell. Malware tends to start this way. This file was most recently added as automatic startup. The file name extension of this program is not common. Program starts automatically without user intervention. Time indicates that the file appeared recently on this computer. Startup HKU\S-1-5-21-1301670249-148990362-1122468651-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell Cookies _____________________________________________________________________ C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\09YUQZFA.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\2D2CHHG5.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\5WIZYCG7.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\5WX9AHKY.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\96V99SQY.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\97MG0PP5.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\C3T9SEIT.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\CX7OD1MT.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\DN2K6OUR.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\FUKPLQO7.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\G0KU8GO1.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\H3M6JLYA.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\HKIS05HY.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\KB0AR0R0.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\L3KLKV8K.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\LA0GLVNI.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\N7WSGA40.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\QK9GBHMH.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\TIV8YEHJ.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\U1X5F6FK.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\XBL6DB6Y.txt C:\Users\Wim\AppData\Roaming\Microsoft\Windows\Cookies\YSY1RWGF.txt
  21. Wimmerd
    Mss een domme vraag,maar een Boot cd is dat een gewone lege cd waarop ik hitmanpro op moet branden? mvg
  22. Wimmerd
    Bedankt voor de snelle reactie! Ik zal dit vavavond es proberen. Mvg, Wimmerd
  23. Wimmerd
    Hallo, ik heb opnieuw te maken met het politievirus, maar ditmaal lukt het me zelfs niet om in veilige modus met netwerkmogelijkheden op te starten. Als ik mijn bureaublad krijg, sluit ie automatisch af en start gewoon op. En daar krijg ik natuurlijk het bekende scherm van het politievirus terug. Weet iemand wat ik moet doen? Dank bij voorbaat
  24. Wimmerd
    Ja hoor! Een dikke merci en echt wel super wat jullie hier doen!
  25. Wimmerd
    Malwarebytes Anti-Malware 1.65.1.1000 www.malwarebytes.org Databaseversie: v2012.11.30.09 Windows 7 Service Pack 1 x64 NTFS (Veilige modus/netwerkmogelijkheden) Internet Explorer 9.0.8112.16421 Wim :: PCDELL [administrator] 1/12/2012 12:41:15 mbam-log-2012-12-01 (12-41-15).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 199479 Verstreken tijd: 1 minuut/minuten, 29 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 C:\Users\Wim\wgsdgsdgdsgsd.exe (Exploit.Drop.GS) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:47:54, on 1/12/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16455) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\windows\AdzRemove\AdzRemove.exe C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\HijackThis.exe C:\Windows\SysWOW64\DllHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKCU\..\Run: [icon Remover] C:\Program Files (x86)\Extrasoft\Iconremover\iconremover.exe /hideapp O4 - HKCU\..\Run: [EPSON SX230 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHKE.EXE /FU "C:\Users\Wim\AppData\Local\Temp\E_S7C8.tmp" /EF "HKCU" O4 - HKCU\..\Run: [EPSON SX125 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE /FU "C:\Windows\TEMP\E_SB5F6.tmp" /EF "HKCU" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 7243 bytes
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.