Ga naar inhoud

Internet heel traag

Have0
 Delen

Aanbevolen berichten

Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst:

Beste Kape, ik heb beiden in de veilige modus uitgevoerd. Als het goed is hieronder beide logfiles.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 21:18:13, on 23-12-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Safe mode

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

C:\WINDOWS\system32\ctfmon.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe

O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe

O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe

--

End of file - 5632 bytes

ComboFix 12-12-22.02 - Fam. Haverkamp 23-12-2012 20:59:27.13.1 - x86 MINIMAL

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1767 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Fam. Haverkamp\Bureaublad\CFScript.txt

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-23 to 2012-12-23 ))))))))))))))))))))))))))))))

.

.

2012-12-22 19:16 . 2012-12-23 19:53 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend

2012-12-22 13:39 . 2012-12-22 13:39 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DDMSettings

2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013

2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013

2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI

2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI

2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI

2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn

2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn

2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO

2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll

2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects

2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft

2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys

2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013

2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013

2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software

2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013

2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013

2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData

2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO

2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared

2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN

2012-12-03 22:07 . 2012-12-03 22:07 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\Softonic

2012-12-03 22:06 . 2012-12-03 22:06 -------- dc----w- c:\program files\Softonic

2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free

2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter

2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z

2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z

2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX

2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX

2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX

2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages

2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft

2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll

2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll

2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll

2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll

2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter

2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AnvSoft

2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\program files\AnvSoft

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll

2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe

2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys

2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys

2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys

2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys

2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll

2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT

2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll

2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll

2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec

2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT

2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT

2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT

2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT

2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT

2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT

2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys

2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys

2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll

2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys

2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys

2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]

"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk

backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk

backup=c:\windows\pss\Statusvenster.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]

2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]

2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]

2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]

2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"vToolbarUpdater"=2 (0x2)

"AdvancedSystemCareService5"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"=

"c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552]

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936]

S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936]

S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712]

S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832]

S1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272]

S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392]

S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624]

S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576]

S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848]

S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.telegraaf.nl/

mStart Page = hxxp://www.google.com

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.54.40.25 212.54.35.25

FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/

FF - ExtSQL: 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin

FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5

FF - user.js: extensions.funmoods.hmpg - true

FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049

FF - user.js: extensions.funmoods.dfltSrch - true

FF - user.js: extensions.funmoods.srchPrvdr - Search

FF - user.js: extensions.funmoods.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true

FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049

FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049&q=

FF - user.js: extensions.funmoods.id - 000C762341DA213B

FF - user.js: extensions.funmoods.instlDay - 15619

FF - user.js: extensions.funmoods.vrsn - 1.5.23.22

FF - user.js: extensions.funmoods.vrsni - 1.5.23.22

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:23

FF - user.js: extensions.funmoods.prtnrId - funmoods

FF - user.js: extensions.funmoods.prdct - funmoods

FF - user.js: extensions.funmoods.aflt - test331

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods.tlbrId - base

FF - user.js: extensions.funmoods.instlRef - test331

FF - user.js: extensions.funmoods.dfltLng -

FF - user.js: extensions.funmoods.excTlbr - false

FF - user.js: extensions.funmoods.autoRvrt - false

FF - user.js: extensions.funmoods.envrmnt - production

FF - user.js: extensions.funmoods.isdcmntcmplt - true

FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0

FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b03f213b000000000000000c762341da&q=

FF - user.js: extensions.BabylonToolbar.id - b03f213b000000000000000c762341da

FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}

FF - user.js: extensions.BabylonToolbar.instlDay - 15676

FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8

FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8

FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.812:10

FF - user.js: extensions.BabylonToolbar.prtnrId - babylon

FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar

FF - user.js: extensions.BabylonToolbar.aflt - babsst

FF - user.js: extensions.BabylonToolbar_i.smplGrp - none

FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew

FF - user.js: extensions.BabylonToolbar.instlRef - sst

FF - user.js: extensions.BabylonToolbar.dfltLng - en

FF - user.js: extensions.BabylonToolbar.excTlbr - false

FF - user.js: extensions.BabylonToolbar.admin - false

FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings

FF - user.js: extensions.Softonic.autoRvrt - false

FF - user.js: extensions.Softonic_i.hmpg - true

FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc=

FF - user.js: extensions.Softonic.hpOld - hxxp://www.telegraaf.nl/

FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc=

FF - user.js: extensions.Softonic.dfltSrch - true

FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)

FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=2&cc=&q=

FF - user.js: extensions.Softonic.dspOld -

FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic)

FF - user.js: extensions.Softonic_i.dnsErr - true

FF - user.js: extensions.Softonic_i.newTab - true

FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc=

FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1&cc=&q=

FF - user.js: extensions.Softonic.id - b03f213b000000000000000c762341da

FF - user.js: extensions.Softonic.instlDay - 15677

FF - user.js: extensions.Softonic.vrsn - 1.6.7.4

FF - user.js: extensions.Softonic.vrsni - 1.6.7.4

FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:08

FF - user.js: extensions.Softonic.prtnrId - softonic

FF - user.js: extensions.Softonic.prdct - Softonic

FF - user.js: extensions.Softonic.aflt - SD

FF - user.js: extensions.Softonic_i.smplGrp - none

FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive

FF - user.js: extensions.Softonic.instlRef - INF00047

FF - user.js: extensions.Softonic.dfltLng - nl

FF - user.js: extensions.Softonic.excTlbr - false

FF - user.js: extensions.Softonic.admin - false

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-12-23 21:12

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]

"ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\

.

[HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(828)

c:\windows\system32\msi.dll

.

Voltooingstijd: 2012-12-23 21:16:16

ComboFix-quarantined-files.txt 2012-12-23 20:16

ComboFix2.txt 2012-12-23 10:55

ComboFix3.txt 2012-12-22 11:19

ComboFix4.txt 2012-12-22 09:36

ComboFix5.txt 2012-12-23 19:56

.

Pre-Run: 17.754.263.552 bytes beschikbaar

Post-Run: 17.754.689.536 bytes beschikbaar

.

- - End Of File - - 7AEA9D2B9624DB9EC301085F7BA4324C

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

Helaas nog niet gelukt :sad

Download AdwCleaner by Xplode naar je bureaublad.

A3qkP9RCEAAOZhQ.jpg

  • Sluit alle openstaande vensters.
  • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
  • Voor XP: Gewoon dubbelklikken op AdwCleaner.
  • Klik vervolgens op Verwijderen.
  • Klik bij AdwCleaner – Informatie op OK
  • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht, samen met een nieuw logje van HijackThis en combofix.

Combofix gewoon opstarten, dus niet met scriptje.

Link naar reactie
Delen op andere sites
Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst:

Beste Kweezie Wabbit en Kape,

bedankt voor jullie hulp en tijd. Nog een goede tweede Kerstdag. Hieronder de logfiles. Misschien maakt het niet uit maar ik heb eerst adwcleaner, daarna hijackthis en als laatste combofix een scan laten uitvoeren. Mijn internet reageert wel sneller nu. Ben benieuwd of en wat jullie nog kunnen vinden. Hartelijk dank

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:00:13, on 26-12-2012

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\PROGRA~1\AVG\AVG2013\avgrsx.exe

C:\Program Files\AVG\AVG2013\avgcsrvx.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\brsvc01a.exe

C:\WINDOWS\system32\brss01a.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

C:\Program Files\AVG\AVG2013\avgidsagent.exe

C:\Program Files\AVG\AVG2013\avgwdsvc.exe

C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe

C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\AVG\AVG2013\avgnsx.exe

C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe

C:\Program Files\Pure Networks\Network Magic\nmapp.exe

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\system32\hkcmd.exe

C:\Program Files\AVG\AVG2013\avgui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll

O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll

O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe"

O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe

O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe

O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe

O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe

--

End of file - 6992 bytes

# AdwCleaner v2.103 - Verslag gemaakt op 26/12/2012 om 17:47:39

# Geactualiseerd op 25/12/2012 door Xplode

# Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits)

# Gebruiker : Fam. Haverkamp - FAM-8CE7DC89595

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\adwcleaner(1).exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi

File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml

File Verwijdert : C:\user.js

Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Babylon

Map Verwijdert : C:\Documents and Settings\Bram\Application Data\AVG Secure Search

Map Verwijdert : C:\Documents and Settings\Bram\Application Data\BabylonToolbar

Map Verwijdert : C:\Documents and Settings\Bram\Application Data\Mozilla\Firefox\Profiles\wxjdntap.default\extensions\crossriderapp4479@crossrider.com

Map Verwijdert : C:\Documents and Settings\Bram\Local Settings\Application Data\ConduitEngine

Map Verwijdert : C:\Documents and Settings\Bram\Local Settings\Application Data\uTorrentBar_NL

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Babylon

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\Conduit

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ConduitEngine

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\engine@conduit.com

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\SweetIMToolbarData

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Softonic

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Conduit

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\ConduitEngine

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Giant Savings

Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\uTorrentBar_NL

Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL

Map Verwijdert : C:\Documents and Settings\Paula\Application Data\Mozilla\Firefox\Profiles\tgl5jznp.default\extensions\crossriderapp4479@crossrider.com

Map Verwijdert : C:\Program Files\Common Files\spigot

Map Verwijdert : C:\Program Files\Conduit

Map Verwijdert : C:\Program Files\ConduitEngine

Map Verwijdert : C:\Program Files\Giant Savings

Map Verwijdert : C:\Program Files\Softonic

Map Verwijdert : C:\Program Files\uTorrentBar_NL

***** [Register] *****

Sleutel Verwijdert : HKCU\Software\Conduit

Sleutel Verwijdert : HKCU\Software\conduitEngine

Sleutel Verwijdert : HKCU\Software\Crossrider

Sleutel Verwijdert : HKCU\Software\Giant Savings

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{749580F7-A82F-4D1E-9F59-F32EA40C0E5E}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68}

Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Sleutel Verwijdert : HKCU\Software\Softonic

Sleutel Verwijdert : HKCU\Software\SweetIM

Sleutel Verwijdert : HKCU\Software\uTorrentBar_NL

Sleutel Verwijdert : HKLM\Software\Babylon

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.dskBnd

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044444479}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565}

Sleutel Verwijdert : HKLM\Software\Conduit

Sleutel Verwijdert : HKLM\Software\conduitEngine

Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DCED0A8-7928-40FE-94B4-B03EB8F75EFF}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F03FBDF2-E275-4B81-BD3C-0443C5197A7D}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_NL Toolbar

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}

Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Sleutel Verwijdert : HKLM\Software\Softonic

Sleutel Verwijdert : HKLM\Software\SweetIM

Sleutel Verwijdert : HKLM\Software\uTorrentBar_NL

Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]

***** [browsers] *****

-\\ Internet Explorer v8.0.6001.18702

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com

-\\ Mozilla Firefox v4.0 (nl)

File : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\prefs.js

C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\user.js ... Verwijdert !

Verwijdert : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");

Verwijdert : user_pref("CT2504091.CTID", "CT2504091");

Verwijdert : user_pref("CT2504091.CurrentServerDate", "27-10-2010");

Verwijdert : user_pref("CT2504091.DialogsAlignMode", "LTR");

Verwijdert : user_pref("CT2504091.DownloadReferralCookieData", "");

Verwijdert : user_pref("CT2504091.EMailNotifierPollDate", "Wed Oct 27 2010 22:57:39 GMT+0200");

Verwijdert : user_pref("CT2504091.FeedLastCount129079840422964131", 0);

Verwijdert : user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Oct 27 2010 23:22:39 GMT+0200");

Verwijdert : user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Oct 27 2010 19:57:57 GMT+0200");

Verwijdert : user_pref("CT2504091.FeedTTL128891351169457140", 40);

Verwijdert : user_pref("CT2504091.FirstServerDate", "27-10-2010");

Verwijdert : user_pref("CT2504091.FirstTime", true);

Verwijdert : user_pref("CT2504091.FirstTimeFF3", true);

Verwijdert : user_pref("CT2504091.FirstTimeSettingsDone", true);

Verwijdert : user_pref("CT2504091.FixPageNotFoundErrors", true);

Verwijdert : user_pref("CT2504091.GroupingServerCheckInterval", 1440);

Verwijdert : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");

Verwijdert : user_pref("CT2504091.Initialize", true);

Verwijdert : user_pref("CT2504091.InitializeCommonPrefs", true);

Verwijdert : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1);

Verwijdert : user_pref("CT2504091.InstallationType", "UnknownIntegration");

Verwijdert : user_pref("CT2504091.InstalledDate", "Wed Oct 27 2010 19:57:57 GMT+0200");

Verwijdert : user_pref("CT2504091.IsGrouping", false);

Verwijdert : user_pref("CT2504091.IsMulticommunity", false);

Verwijdert : user_pref("CT2504091.IsOpenThankYouPage", false);

Verwijdert : user_pref("CT2504091.IsOpenUninstallPage", false);

Verwijdert : user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Oct 27 2010 19:57:59 GMT+0200");

Verwijdert : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440);

Verwijdert : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]

Verwijdert : user_pref("CT2504091.LastLogin_2.7.2.0", "Wed Oct 27 2010 19:57:58 GMT+0200");

Verwijdert : user_pref("CT2504091.LatestVersion", "2.6.0.14");

Verwijdert : user_pref("CT2504091.Locale", "en-us");

Verwijdert : user_pref("CT2504091.LoginCache", 4);

Verwijdert : user_pref("CT2504091.MCDetectTooltipHeight", "83");

Verwijdert : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

Verwijdert : user_pref("CT2504091.MCDetectTooltipWidth", "295");

Verwijdert : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]

Verwijdert : user_pref("CT2504091.SearchFromAddressBarIsInit", true);

Verwijdert : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...]

Verwijdert : user_pref("CT2504091.SearchInNewTabEnabled", true);

Verwijdert : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440);

Verwijdert : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Oct 27 2010 19:57:59 GMT+0200");

Verwijdert : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]

Verwijdert : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]

Verwijdert : user_pref("CT2504091.SettingsCheckIntervalMin", 120);

Verwijdert : user_pref("CT2504091.SettingsLastCheckTime", "Wed Oct 27 2010 19:57:55 GMT+0200");

Verwijdert : user_pref("CT2504091.SettingsLastUpdate", "1286395440");

Verwijdert : user_pref("CT2504091.ThirdPartyComponentsInterval", 504);

Verwijdert : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:57:54 GMT+0200");

Verwijdert : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578");

Verwijdert : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]

Verwijdert : user_pref("CT2504091.UserID", "UN68962922702853760");

Verwijdert : user_pref("CT2504091.ValidationData_Search", 0);

Verwijdert : user_pref("CT2504091.ValidationData_Toolbar", 0);

Verwijdert : user_pref("CT2504091.alertChannelId", "897164");

Verwijdert : user_pref("CT2504091.clientLogIsEnabled", false);

Verwijdert : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]

Verwijdert : user_pref("CT2504091.myStuffEnabled", true);

Verwijdert : user_pref("CT2504091.myStuffPublihserMinWidth", 400);

Verwijdert : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]

Verwijdert : user_pref("CT2504091.myStuffServiceIntervalMM", 1440);

Verwijdert : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]

Verwijdert : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1257316/1252989/NL", "\"0\"[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/NL", "\"0\"")[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2[...]

Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...]

Verwijdert : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");

Verwijdert : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");

Verwijdert : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");

Verwijdert : user_pref("CommunityToolbar.IsEngineShown", true);

Verwijdert : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");

Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");

Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");

Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]

Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine");

Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,ConduitEngine");

Verwijdert : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 23 2011 19:55:03 GMT+01[...]

Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 17 2011 17:38:55 GMT+0200");

Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");

Verwijdert : user_pref("CommunityToolbar.alert.locale", "en");

Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Aug 25 2011 16:32:32 GMT+0200");

Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");

Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");

Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false);

Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

Verwijdert : user_pref("CommunityToolbar.alert.userId", "c706c0b8-656d-49e7-a65d-31cc5136d00a");

Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

Verwijdert : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Aug 17 2011 16:29:13 GMT+0200");

Verwijdert : user_pref("ConduitEngine.CTID", "ConduitEngine");

Verwijdert : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Aug 23 2011 21:53:15 GMT+0200");

Verwijdert : user_pref("ConduitEngine.FirstServerDate", "03/23/2011 21");

Verwijdert : user_pref("ConduitEngine.FirstTime", true);

Verwijdert : user_pref("ConduitEngine.FirstTimeFF3", true);

Verwijdert : user_pref("ConduitEngine.FixPageNotFoundErrors", false);

Verwijdert : user_pref("ConduitEngine.HasUserGlobalKeys", true);

Verwijdert : user_pref("ConduitEngine.Initialize", true);

Verwijdert : user_pref("ConduitEngine.InitializeCommonPrefs", true);

Verwijdert : user_pref("ConduitEngine.InstallationType", "UnknownIntegration");

Verwijdert : user_pref("ConduitEngine.InstalledDate", "Thu Dec 23 2010 07:25:48 GMT+0100");

Verwijdert : user_pref("ConduitEngine.IsMulticommunity", false);

Verwijdert : user_pref("ConduitEngine.IsOpenThankYouPage", false);

Verwijdert : user_pref("ConduitEngine.IsOpenUninstallPage", false);

Verwijdert : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200");

Verwijdert : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Aug 25 2011 16:32:34 GMT+0200");

Verwijdert : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

Verwijdert : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]

Verwijdert : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200");

Verwijdert : user_pref("ConduitEngine.UserID", "UN37020278140083233");

Verwijdert : user_pref("ConduitEngine.engineLocale", "nl");

Verwijdert : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200");

Verwijdert : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Aug 25 2011 16:32:36 GMT+0200");

Verwijdert : user_pref("ConduitEngine.initDone", true);

Verwijdert : user_pref("ConduitEngine.isAppTrackingManagerOn", true);

Verwijdert : user_pref("ConduitEngine.usagesFlag", 2);

Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");

Verwijdert : user_pref("browser.search.defaultengine", "Ask.com");

Verwijdert : user_pref("extensions.BabylonToolbar.admin", false);

Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst");

Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

Verwijdert : user_pref("extensions.BabylonToolbar.babExt", "");

Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "tt=261211_ctrl");

Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 25);

Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en");

Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", true);

Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false);

Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", true);

Verwijdert : user_pref("extensions.BabylonToolbar.id", "b03f213b000000000000000c762341da");

Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15676");

Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst");

Verwijdert : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109130&tt=261211_ct[...]

Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 25);

Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1712:44:47");

Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0");

Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true);

Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");

Verwijdert : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);

Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 66073223);

Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 1);

Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true);

Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "none");

Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew");

Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]

Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1712:44:47");

Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");

Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.812:10:01");

Verwijdert : user_pref("extensions.Softonic.admin", false);

Verwijdert : user_pref("extensions.Softonic.aflt", "SD");

Verwijdert : user_pref("extensions.Softonic.autoRvrt", "false");

Verwijdert : user_pref("extensions.Softonic.cntry", "NL");

Verwijdert : user_pref("extensions.Softonic.cv", "cv5");

Verwijdert : user_pref("extensions.Softonic.dfltLng", "nl");

Verwijdert : user_pref("extensions.Softonic.dfltSrch", true);

Verwijdert : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)");

Verwijdert : user_pref("extensions.Softonic.dspOld", "");

Verwijdert : user_pref("extensions.Softonic.envrmnt", "production");

Verwijdert : user_pref("extensions.Softonic.excTlbr", false);

Verwijdert : user_pref("extensions.Softonic.hdrMd5", "FCC2A771C6574F24A7AD7FB7DDDFA34F");

Verwijdert : user_pref("extensions.Softonic.hmpg", true);

Verwijdert : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&[...]

Verwijdert : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc[...]

Verwijdert : user_pref("extensions.Softonic.hpOld", "hxxp://www.telegraaf.nl/");

Verwijdert : user_pref("extensions.Softonic.id", "b03f213b000000000000000c762341da");

Verwijdert : user_pref("extensions.Softonic.instlDay", "15677");

Verwijdert : user_pref("extensions.Softonic.instlRef", "INF00047");

Verwijdert : user_pref("extensions.Softonic.isdcmntcmplt", true);

Verwijdert : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=[...]

Verwijdert : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.423:08:33");

Verwijdert : user_pref("extensions.Softonic.mntrvrsn", "1.3.0");

Verwijdert : user_pref("extensions.Softonic.newTab", true);

Verwijdert : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1[...]

Verwijdert : user_pref("extensions.Softonic.prdct", "Softonic");

Verwijdert : user_pref("extensions.Softonic.prtnrId", "softonic");

Verwijdert : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]

Verwijdert : user_pref("extensions.Softonic.sg", "az");

Verwijdert : user_pref("extensions.Softonic.smplGrp", "none");

Verwijdert : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");

Verwijdert : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive");

Verwijdert : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource[...]

Verwijdert : user_pref("extensions.Softonic.vrsn", "1.6.7.4");

Verwijdert : user_pref("extensions.Softonic.vrsnTs", "1.6.7.423:08:33");

Verwijdert : user_pref("extensions.Softonic.vrsni", "1.6.7.4");

Verwijdert : user_pref("extensions.Softonic_i.dnsErr", true);

Verwijdert : user_pref("extensions.Softonic_i.hmpg", true);

Verwijdert : user_pref("extensions.Softonic_i.newTab", true);

Verwijdert : user_pref("extensions.Softonic_i.smplGrp", "none");

Verwijdert : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.423:08:33");

Verwijdert : user_pref("extensions.funmoods.aflt", "test331");

Verwijdert : user_pref("extensions.funmoods.autoRvrt", false);

Verwijdert : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");

Verwijdert : user_pref("extensions.funmoods.cntry", "NL");

Verwijdert : user_pref("extensions.funmoods.cv", "cv5");

Verwijdert : user_pref("extensions.funmoods.dfltLng", "");

Verwijdert : user_pref("extensions.funmoods.dfltSrch", true);

Verwijdert : user_pref("extensions.funmoods.dfltlng", "en");

Verwijdert : user_pref("extensions.funmoods.dfltsrch", true);

Verwijdert : user_pref("extensions.funmoods.dnsErr", true);

Verwijdert : user_pref("extensions.funmoods.envrmnt", "production");

Verwijdert : user_pref("extensions.funmoods.excTlbr", false);

Verwijdert : user_pref("extensions.funmoods.hdrMd5", "5422588FD7DBACB1562990A6347EC966");

Verwijdert : user_pref("extensions.funmoods.hmpg", true);

Verwijdert : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2[...]

Verwijdert : user_pref("extensions.funmoods.hrdid", "000C762341DA213B");

Verwijdert : user_pref("extensions.funmoods.id", "000C762341DA213B");

Verwijdert : user_pref("extensions.funmoods.instlDay", "15619");

Verwijdert : user_pref("extensions.funmoods.instlRef", "test331");

Verwijdert : user_pref("extensions.funmoods.instlday", "15619");

Verwijdert : user_pref("extensions.funmoods.instlref", "test331");

Verwijdert : user_pref("extensions.funmoods.isdcmntcmplt", true);

Verwijdert : user_pref("extensions.funmoods.keywordurl", "");

Verwijdert : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:23:13");

Verwijdert : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");

Verwijdert : user_pref("extensions.funmoods.newTab", true);

Verwijdert : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd[...]

Verwijdert : user_pref("extensions.funmoods.newtab", true);

Verwijdert : user_pref("extensions.funmoods.newtaburl", "hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd[...]

Verwijdert : user_pref("extensions.funmoods.prdct", "funmoods");

Verwijdert : user_pref("extensions.funmoods.prtnrId", "funmoods");

Verwijdert : user_pref("extensions.funmoods.prtnrid", "funmoods");

Verwijdert : user_pref("extensions.funmoods.savedVrsnTs", "1");

Verwijdert : user_pref("extensions.funmoods.sg", "none");

Verwijdert : user_pref("extensions.funmoods.smplGrp", "none");

Verwijdert : user_pref("extensions.funmoods.smplgrp", "none");

Verwijdert : user_pref("extensions.funmoods.srch", "");

Verwijdert : user_pref("extensions.funmoods.srchPrvdr", "Search");

Verwijdert : user_pref("extensions.funmoods.srchprvdr", "Search");

Verwijdert : user_pref("extensions.funmoods.tlbrId", "base");

Verwijdert : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&[...]

Verwijdert : user_pref("extensions.funmoods.tlbrid", "base");

Verwijdert : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&[...]

Verwijdert : user_pref("extensions.funmoods.vrsn", "1.5.23.22");

Verwijdert : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:23:13");

Verwijdert : user_pref("extensions.funmoods.vrsni", "1.5.23.22");

Verwijdert : user_pref("extensions.funmoods.vrsnts", "1.5.23.2213:23:13");

Verwijdert : user_pref("extensions.funmoods_i.newTab", true);

Verwijdert : user_pref("extensions.funmoods_i.smplGrp", "none");

Verwijdert : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:23:13");

Verwijdert : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

Verwijdert : user_pref("extensions.wajam.affiliate_id", "1401");

Verwijdert : user_pref("extensions.wajam.firstrun", "false");

Verwijdert : user_pref("extensions.wajam.log_info_only_error", "false");

Verwijdert : user_pref("extensions.wajam.log_send_info", "true");

Verwijdert : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21078\",\"supported_sites\":{\[...]

Verwijdert : user_pref("extensions.wajam.server_current_mapping_version", "0.21078");

Verwijdert : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]

Verwijdert : user_pref("extensions.wajam.trace_log", "1329414887323 - processDOMLoad - mappingList after parse: [[...]

Verwijdert : user_pref("extensions.wajam.unique_id", "01C77991A50A11D0869A3421CD4408F9");

Verwijdert : user_pref("extensions.wajam.user_current_mapping_version", "0");

Verwijdert : user_pref("extensions.wajam.version", "1.22");

Verwijdert : user_pref("extensions.wajam.website_version", "1.00211");

Verwijdert : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");

Verwijdert : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");

Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");

Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");

Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");

Verwijdert : user_pref("sweetim.toolbar.mode.debug", "false");

Verwijdert : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...]

Verwijdert : user_pref("sweetim.toolbar.search.history.capacity", "10");

Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "true");

Verwijdert : user_pref("sweetim.toolbar.simapp_id", "{1B162F4F-C7C1-4F7F-8F6D-7B63AA87779D}");

File : C:\Documents and Settings\Bram\Application Data\Mozilla\Firefox\Profiles\wxjdntap.default\prefs.js

Verwijdert : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...]

Verwijdert : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Verwijdert : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1349535277);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.active", true);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbar", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.affid", "0");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundver", 7);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1349535277");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1349535277");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Fri Dec 14 2012 17:[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Tue Dec 18 2012 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22NL%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1355502347");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1349535360086");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2290535%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1349535319201");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.domain", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.emailsig", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.exposesites", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.group", 0);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.homepage", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.iframe", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "44");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Fri Dec 14[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22re[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.newtab", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.opensearch", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 7);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 4);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 4);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,47,1000015");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 17);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.premium", true);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.thankyou", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.ver", 44);

Verwijdert : user_pref("extensions.crossriderapp4479.apps", "4479");

Verwijdert : user_pref("extensions.crossriderapp4479.bic", "13a36921f853f5a2873a651ba22aad60");

Verwijdert : user_pref("extensions.crossriderapp4479.cid", 4479);

Verwijdert : user_pref("extensions.crossriderapp4479.firstrun", false);

Verwijdert : user_pref("extensions.crossriderapp4479.hadappinstalled", true);

Verwijdert : user_pref("extensions.crossriderapp4479.installationdate", 1349535277);

Verwijdert : user_pref("extensions.crossriderapp4479.lastcheck", 22591706);

Verwijdert : user_pref("extensions.crossriderapp4479.lastcheckitem", 22591706);

Verwijdert : user_pref("extensions.crossriderapp4479.misc.lastBgWorkerTimer", "1349561507283");

Verwijdert : user_pref("extensions.crossriderapp4479.misc.lastDomWorkerTimer", "1349561507275");

Verwijdert : user_pref("extensions.crossriderapp4479.modetype", "production");

Verwijdert : user_pref("extensions.enabledAddons", "4zffxtbr%40VideoDownloadConverter_4z.com:2.71.0.60687,crossri[...]

Verwijdert : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...]

Verwijdert : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bf9e33cd0-78dd-4154-9a49-fb007ad4322a%[...]

File : C:\Documents and Settings\Paula\Application Data\Mozilla\Firefox\Profiles\tgl5jznp.default\prefs.js

Verwijdert : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1354548037);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.active", true);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbar", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbarenhanced", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundver", 7);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1354548037");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1354548037");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Fri Dec 21 2012 07:[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Fri Dec 28 2012 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22NL%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1356072346");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.value", "%221356061426%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1354548175495");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%22114825%22");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1354548139039");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.value", "%7B%22path%22%3A%22/nl/Thom[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.domain", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.group", 0);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.homepage", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.iframe", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "47");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Fri Dec 21[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.newtab", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.opensearch", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 8);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 4);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"u[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 4);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.name", "appApiMessage");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.name", "appApiValidation");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.ver", 1);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,64,72,47,1000015");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,64,72,4,1,21,[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...]

Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 20);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.settingsurl", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.thankyou", "");

Verwijdert : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);

Verwijdert : user_pref("extensions.crossriderapp4479.4479.ver", 47);

Verwijdert : user_pref("extensions.crossriderapp4479.adsOldValue", -1);

Verwijdert : user_pref("extensions.crossriderapp4479.apps", "4479");

Verwijdert : user_pref("extensions.crossriderapp4479.bic", "13b615ac6f8a0e5e264b550be848c5ac");

Verwijdert : user_pref("extensions.crossriderapp4479.cid", 4479);

Verwijdert : user_pref("extensions.crossriderapp4479.firstrun", false);

Verwijdert : user_pref("extensions.crossriderapp4479.hadappinstalled", true);

Verwijdert : user_pref("extensions.crossriderapp4479.installationdate", 1354548037);

Verwijdert : user_pref("extensions.crossriderapp4479.lastcheck", 22601206);

Verwijdert : user_pref("extensions.crossriderapp4479.lastcheckitem", 22601249);

Verwijdert : user_pref("extensions.crossriderapp4479.modetype", "production");

Verwijdert : user_pref("extensions.crossriderapp4479.reportInstall", true);

Verwijdert : user_pref("extensions.enabledAddons", "crossriderapp4479%40crossrider.com:0.86.44,%7B972ce4c6-7e08-4[...]

*************************

AdwCleaner[s1].txt - [59633 octets] - [26/12/2012 17:47:39]

########## EOF - C:\AdwCleaner[s1].txt - [59694 octets] ##########

ComboFix 12-12-25.02 - Fam. Haverkamp 26-12-2012 18:08:35.14.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1612 [GMT 1:00]

Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe

AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}

* Nieuw herstelpunt werd aangemaakt

.

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-11-26 to 2012-12-26 ))))))))))))))))))))))))))))))

.

.

2012-12-22 19:16 . 2012-12-23 20:26 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend

2012-12-22 13:39 . 2012-12-22 13:39 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DDMSettings

2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013

2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013

2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI

2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI

2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI

2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn

2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn

2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO

2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll

2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects

2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft

2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys

2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013

2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013

2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software

2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013

2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013

2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData

2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO

2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared

2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN

2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free

2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter

2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z

2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z

2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX

2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX

2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX

2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages

2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft

2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll

2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll

2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll

2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll

2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter

.

.

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll

2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe

2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys

2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys

2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys

2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl

2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys

2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll

2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT

2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll

2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll

2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl

2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec

2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT

2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT

2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT

2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT

2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT

2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT

2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys

2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys

2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys

2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll

2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys

2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys

2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920]

"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648]

"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393]

"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240]

"nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216]

"nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976]

"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk

backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk]

path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk

backup=c:\windows\pss\Statusvenster.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent]

2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0]

2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]

2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer]

2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]

2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43]

2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]

2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt]

2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"vToolbarUpdater"=2 (0x2)

"AdvancedSystemCareService5"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=

"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"=

"c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"=

"c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=

"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=

"c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management

.

R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776]

R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376]

R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552]

R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?]

R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936]

R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936]

R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712]

R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832]

R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272]

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048]

R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664]

R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848]

R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360]

S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392]

S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624]

S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576]

S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?]

.

Inhoud van de 'Gedeelde Taken' map

.

2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34]

.

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.telegraaf.nl/

mStart Page = hxxp://www.google.com

IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 212.54.40.25 212.54.35.25

FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/

FF - ExtSQL: 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin

FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2012-12-26 18:19

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver]

"ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\

.

[HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*]

@Allowed: (Read) (RestrictedCode)

@Allowed: (Read) (RestrictedCode)

.

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*]

"3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(2464)

c:\windows\system32\msi.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

.

Voltooingstijd: 2012-12-26 18:24:28

ComboFix-quarantined-files.txt 2012-12-26 17:24

ComboFix2.txt 2012-12-23 20:16

ComboFix3.txt 2012-12-23 10:55

ComboFix4.txt 2012-12-22 11:19

ComboFix5.txt 2012-12-26 17:05

.

Pre-Run: 17.849.163.776 bytes beschikbaar

Post-Run: 17.822.588.928 bytes beschikbaar

.

- - End Of File - - BFC21250ACB6D4E9F8333C0EA46F59C5

Link naar reactie
Delen op andere sites
kweezie wabbit Grootmeester

kweezie wabbit

Geplaatst:
Geplaatst:

AdwCleaner werkt op een andere manier dan combofix.

Combofix en Hijackthis mag je enkel gebruiken onder deskundige begeleiding en daarom gaan we deze verwijderen.

Ga naar Start -> Uitvoeren en typ: ComboFix /Uninstall (met spatie voor de /)

Dit zal Combofix verwijderen + gerelateerde mappen en bestanden, herstelt de klokinstellingen opnieuw, verbergt de bestandsextensies, gaat verborgen bestanden en systeembestanden terug verbergen en maakt een nieuw herstelpunt.

Indien aanwezig mag je de map C:\Qoobox manueel verwijderen.

Hijackthis kan je verwijderen via het configuratiescherm - programma's.

AdwCleaner en Malwarebytes kan je houden en wekelijks uitvoeren als aanvulling op je virusscanner.

Download CCleaner. (Als je het nog niet hebt)

Installeer het (Als je niet wil dat Google Chrome op je pc als standaard webbrowser wordt geïnstalleerd, moet je de 2 vinkjes wegdoen !!!) en start CCleaner op.

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'.

Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”.

Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”.

Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Het is aangewezen om de bestaande herstelpunten te verwijderen (daar kunnen besmette herstelpunten tussen zitten die je zou kunnen terugzetten) door systeemherstel tijdelijk uit te schakelen.

Doe dit via Configuratiescherm -> Prestaties en onderhoud -> Systeem -> tab Systeemherstel

Vink het vakje aan bij systeemherstel en klik OK.

Herstart de pc.

Ga opnieuw naar Configuratiescherm -> Prestaties en onderhoud -> Systeem -> tab Systeemherstel

Vink het vakje uit bij systeemherstel en klik OK.

Dan maak je een nieuw herstelpunt.

Ga naar Start - help en ondersteuning, bij kies een taak klik je op Wijzigingen ongedaan maken met systeemherstel.

Selecteer herstelpunt aanmaken en klik op volgende.

Geef een beschrijving voor het herstelpunt en klik op aanmaken.

Je krijgt dan de melding dat het herstelpunt is aangemaakt en dan kan je alle vensters sluiten.

Als dit allemaal gedaan is, mag je dit onderwerp afsluiten door een klik op de knop +Markeer als opgelost.

Tenzij je nog vragen hebt natuurlijk :-)

Nog veel computerplezier :ciao:

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.