vancoillie johan

Sorry, ik weet niet hoe ik bij deze extenties of plugins moet komen, waar die ergens te vinden zijn op mijn computer.

Zoek.exe Version 4.0.0.3 Updated 05-July-2013 Tool run by Johan on zo 07/07/2013 at 9:39:01,10. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CC7EAB46-A1C4-450B-BE6C-4E14E61813ED} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\prefs.js: user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "qvo6"); user_pref("browser.search.order.1", "qvo6"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.useDBForOrder", true); Added to C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default ---- Lines yeo_dyh0@hdbh.com removed from prefs.js ---- user_pref("extensions.bootstrappedAddons", "{\"mvdt9s8pc@mky-gbkr.com\":{\"version\":\"1.0\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Settings\\\\Johan\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\wnjmdj5p.default\\\\extensions\\\\mvdt9s8pc@mky-gbkr.com\"},\"yeo_dyh0@hdbh.com\":{\"version\":\"3.8\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Documents and Settings\\\\Johan\\\\Application Data\\\\Mozilla\\\\Firefox\\\\Profiles\\\\wnjmdj5p.default\\\\extensions\\\\yeo_dyh0@hdbh.com\"}}"); ---- Lines yeo_dyh0@hdbh.com modified from prefs.js ---- ---- Lines yeo_dyh0@hdbh.com removed from user.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines qvo6 removed from user.js ---- ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- Lines browser.startup.page modified from prefs.js ---- ---- Lines browser.startup.page removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20130707_0943_.backup user_20131703_1139_.backup prefs_20130707_0943_.backup prefs_20131703_1139_.backup ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\Johan\Application Data\desktop.ini" deleted "C:\Documents and Settings\Johan\Application Data\swk.ini" deleted "C:\WINDOWS\002692_.tmp" deleted "C:\WINDOWS\SET21.tmp" deleted "C:\WINDOWS\SET3.tmp" deleted "C:\WINDOWS\SET4.tmp" deleted "C:\WINDOWS\SET8.tmp" deleted "C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk" deleted "C:\Program Files\Mozilla Firefox\searchplugins\fcmdSrchvsl.xml" deleted "C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe" deleted "C:\Documents and Settings\All Users\Application Data\BBrioewsee2savae" deleted "C:\Program Files\Freecorder 6" deleted "C:\Program Files\Freecorder Toolbar" deleted "C:\Documents and Settings\Johan\Application Data\eIntaller" deleted "C:\Documents and Settings\All Users\Application Data\eSafe" not deleted "C:\Documents and Settings\Johan\Local Settings\Application Data\PackageAware" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\yeo_dyh0@hdbh.com" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default - Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com - Norton Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn - Seaarch-NNeewTuaab - %ProfilePath%\extensions\mvdt9s8pc@mky-gbkr.com - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com - VideoFileDownload - Download YouTube Videos - %ProfilePath%\extensions\plugin@videofiledownload.com - Freecorder 6 - %ProfilePath%\extensions\{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default 56020318257475B33ECD4D7B71AC2544 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 56020318257475B33ECD4D7B71AC2544 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 2B4683530D5C852440FCA132BA927F1B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 2B4683530D5C852440FCA132BA927F1B - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update C548328E9DE5EB73350EF292D7140662 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 6A5514D088820307BD97F5A7B24007C0 - C:\Program Files\Nitro\Reader 3\npnitromozilla.dll - Nitro PDF plugin for Firefox and Chrome 05C4A7136F3012BB47107333B5D351D3 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java Platform SE 7 U17 D4BD9F86123C87ECA570418B69326F99 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2 E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 6AD7B1D887D26F06033280F4B5C2034B - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll - Shockwave Flash E87E216C7B839EA112FCD317DE642F47 - C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\npMozillaSpoonPlugin.dll - Spoon Plugin 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system 3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows® 7D388990149D424EBDB31896C2A4ACC3 - C:\Program Files\Nitro\Reader 3\npdf.dll - Nitro PDF Library B18B7242761F8630BD8BC71325C7F16A - C:\Program Files\Nitro\Reader 3\npnitroie.dll - Nitro PDF plugin for Internet Explorer ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\plugin@getwebcake.com" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30/05/2012 16:56] ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[10/09/2012 18:55] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\20.4.0.40\Exts\Chrome.crx[31/05/2013 03:49] Google Docs - Johan - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Johan - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Johan - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Freemake Video Downloader - Johan - Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf Google Search - Johan - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Freemake Video Downloader - Johan - Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh Norton Identity Protection - Johan - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Gmail - Johan - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage-journal deleted successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_vuzeremote.ourtoolbar.com_0.localstorage-journal deleted successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {7D618D76-EE08-4F89-838F-E15B89A76510} Dealio Search Url="http://www.dealio.com/products.html?kwd={searchTerms}" {B7B6DF91-004F-47C7-8390-B50F38884AD4} Yahoo//search.yahoo.com/search?ei=utf-8&fr=vmn&type=vendio&p={searchTerms}" ==== Reset Google Chrome ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\Johan\Bureaublad\4ling.lnk - C:\Program Files\4ling\4ling.exe C:\Documents and Settings\Johan\Bureaublad\Any Audio Converter.lnk - C:\Program Files\AnvSoft\Any Audio Converter\AudioConverter.exe C:\Documents and Settings\Johan\Bureaublad\Any Video Converter.lnk - C:\Program Files\AnvSoft\Any Video Converter\VideoConverter.exe C:\Documents and Settings\Johan\Bureaublad\Audacity.lnk - C:\Program Files\Audacity\audacity.exe C:\Documents and Settings\Johan\Bureaublad\Band-in-a-Box.lnk - C:\bb\bbw.exe C:\Documents and Settings\Johan\Bureaublad\bsplayer.lnk - C:\Program Files\Bs player\bsplayer.exe C:\Documents and Settings\Johan\Bureaublad\Chords.lnk - E:\MY DOWNLOAD FILES\sgcfinder20\sgcfinder.exe C:\Documents and Settings\Johan\Bureaublad\Corel PHOTO-PAINT 9.LNK - C:\Program Files\Corel\Graphics9\Programs\photopnt.exe C:\Documents and Settings\Johan\Bureaublad\Dropbox.lnk - C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /home C:\Documents and Settings\Johan\Bureaublad\ExtraFilm Designer BE NL.lnk - C:\Program Files\ExtraFilm Designer BE NL\ExtrafilmDesigner.exe C:\Documents and Settings\Johan\Bureaublad\FLAC Player.lnk - C:\Program Files\FLAC Player\FLAC Player.exe C:\Documents and Settings\Johan\Bureaublad\Foxit PDF Editor.lnk - C:\Documents and Settings\Johan\Application Data\Microsoft\Installer\{0B143533-B58A-48D6-B972-1187F398FC63}\_748935d1.exe C:\Documents and Settings\Johan\Bureaublad\Guitar Pro 5.lnk - C:\Program Files\Guitar Pro 5\GP5.exe C:\Documents and Settings\Johan\Bureaublad\GuitarLogic.lnk - C:\Program Files\Java\jre1.6.0_03\bin\javaw.exe -cp "C:\Program Files\MidiLogic\GuitarLogic\GuitarLogic.jar" -Xms256m -Xmx256m -Dawt.useSystemAAFontSettings=lcd com.noiselogic.ui.MainFrame C:\Documents and Settings\Johan\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\Johan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Documents and Settings\Johan\Bureaublad\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Documents and Settings\Johan\Bureaublad\IsoBuster.lnk - C:\Program Files\Smart Projects\IsoBuster\IsoBuster.exe C:\Documents and Settings\Johan\Bureaublad\Light Image Resizer 4.lnk - C:\Program Files\ObviousIdea\Image Resizer 4\Resize.exe C:\Documents and Settings\Johan\Bureaublad\Media Player Classic.lnk - C:\Program Files\XP Codec Pack\mpc\mplayerc.exe C:\Documents and Settings\Johan\Bureaublad\Microsoft Excel.lnk - C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\xlicons.exe C:\Documents and Settings\Johan\Bureaublad\Microsoft Publisher.lnk - C:\WINDOWS\Installer\{00040413-78E1-11D2-B60F-006097C998E7}\pubs.exe C:\Documents and Settings\Johan\Bureaublad\Microsoft Word.lnk - C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe C:\Documents and Settings\Johan\Bureaublad\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Qvo6.com C:\Documents and Settings\Johan\Bureaublad\n-Track Studio.lnk - C:\Program Files\FASoft\n-Track Studio 6\ntrack.exe C:\Documents and Settings\Johan\Bureaublad\Naslagbibliotheek Winkler Prins.lnk - C:\WINDOWS\Installer\{034E00C0-3975-4267-9F39-1DC4745090B7}\ENCSCICO.EXE C:\Documents and Settings\Johan\Bureaublad\Norton-installatiebestanden.lnk - C:\Documents and Settings\All Users\Documenten\Norton\{N360202019-SHPD-FSD31014} C:\Documents and Settings\Johan\Bureaublad\Outlook Express.lnk - C:\Program Files\Outlook Express\msimn.exe C:\Documents and Settings\Johan\Bureaublad\save2pc Light.lnk - C:\Program Files\FDRLab\save2pc\save2pc_light.exe C:\Documents and Settings\Johan\Bureaublad\Snelkoppeling (2) naar P1040661.lnk - G:\Mijn afbeeldingen\Mamie en papie november 2012\P1040661.JPG C:\Documents and Settings\Johan\Bureaublad\Snelkoppeling naar P1040661 (2).lnk - G:\Mijn afbeeldingen\Mamie en papie november 2012\P1040661.JPG C:\Documents and Settings\Johan\Bureaublad\Snelkoppeling naar P1040661.lnk - G:\Mijn afbeeldingen\Mamie en papie november 2012\P1040661.JPG C:\Documents and Settings\Johan\Bureaublad\Spector Photo Software.lnk - C:\Program Files\Spector Photo Software\ImageViewer.exe C:\Documents and Settings\Johan\Bureaublad\vanBasco's Karaoke Player.lnk - C:\Program Files\vanBasco's Karaoke Player\vmidi.exe C:\Documents and Settings\Johan\Bureaublad\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Documents and Settings\Johan\Bureaublad\Windows Movie Maker.lnk - C:\Program Files\Movie Maker\moviemk.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft Audio Converter.lnk - C:\Program Files\Xilisoft\Audio Converter\audioenc.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft CD Ripper.lnk - C:\Program Files\Xilisoft\CD Ripper\cdripper.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft DVD Ripper 4.lnk - C:\Program Files\Xilisoft\DVD Ripper 4\dvdrip.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft MPEG to DVD Converter.lnk - C:\Program Files\Xilisoft\MPEG to DVD Converter\MPEG to DVD Converter.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft Video Converter 3.lnk - C:\Program Files\Xilisoft\Video Converter 3\videoenc.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft Video Converter Wizard 3.lnk - C:\Program Files\Xilisoft\Video Converter 3\VCW.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft Video to Audio Converter 3.lnk - C:\Program Files\Xilisoft\Video to Audio Converter 3\videoenc.exe C:\Documents and Settings\Johan\Bureaublad\Xilisoft Video to Audio Converter Wizard 3.lnk - C:\Program Files\Xilisoft\Video to Audio Converter 3\VCW.exe ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\3600 printer assistent.lnk - C:\Program Files\Hewlett-Packard\hp deskjet assistant\bin\browser.exe -s"dugout:///dugout_home.html" -l"nld" -p"3600" C:\Documents and Settings\All Users\Bureaublad\Adobe Reader 8.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Documents and Settings\All Users\Bureaublad\Anvil Studio.lnk - C:\Program Files\Anvil Studio\astudio.exe C:\Documents and Settings\All Users\Bureaublad\Applian FLV and Media Player.lnk - C:\Program Files\Applian Technologies\Applian FLV and Media Player\amp.exe -I skins2 --one-instance C:\Documents and Settings\All Users\Bureaublad\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe C:\Documents and Settings\All Users\Bureaublad\Cool Edit Pro 2.1.lnk - C:\Program Files\coolpro2\coolpro2.exe C:\Documents and Settings\All Users\Bureaublad\DCR-DVD106E Eerste kennismaking (PDF).lnk - C:\Program Files\Sony\Sony Digital Imaging Handbook\DCR-DVD106E\FirstStepGuide.pdf C:\Documents and Settings\All Users\Bureaublad\eID-Viewer.lnk - C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Documents and Settings\All Users\Bureaublad\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe Qvo6.com C:\Documents and Settings\All Users\Bureaublad\Google Earth starten.lnk - C:\Program Files\Google\Google Earth\googleearth.exe C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Bureaublad\Mediabestanden importeren (Handycam).lnk - D:\Data\Importer\Disc\SPUDiscImporter.exe C:\Documents and Settings\All Users\Bureaublad\musette.lnk - C:\Program Files\Musette\musette.exe C:\Documents and Settings\All Users\Bureaublad\Nero Home.lnk - C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe -ScParameter=65 C:\Documents and Settings\All Users\Bureaublad\Nero StartSmart.lnk - C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe -ScParameter=65 C:\Documents and Settings\All Users\Bureaublad\Nitro Reader.lnk - C:\Program Files\Nitro\Reader 3\NitroPDFReader.exe C:\Documents and Settings\All Users\Bureaublad\Norton 360.LNK - C:\Program Files\Norton 360\Engine\20.4.0.40\uistub.exe C:\Documents and Settings\All Users\Bureaublad\Picture Motion Browser.lnk - D:\Data\Browser\SPUBrowser.exe C:\Documents and Settings\All Users\Bureaublad\QuickTime Player.lnk - C:\Program Files\QuickTime\QuickTimePlayer.exe C:\Documents and Settings\All Users\Bureaublad\Video Disc Copier.lnk - D:\Data\VideoDiscCopier\SPUVideoDiscCopier.exe C:\Documents and Settings\All Users\Bureaublad\Vuze.lnk - C:\Program Files\Azureus\Azureus.exe C:\Documents and Settings\All Users\Bureaublad\Wireless Connection Manager.lnk - C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Documents and Settings\All Users\Bureaublad\Woordenboek.lnk - C:\Program Files\Microsoft Encarta\Encarta Naslagbibliotheek Winkler Prins\EDICT.EXE ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\Johan\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Documents and Settings\Johan\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Documents and Settings\Johan\Menu Start\Programma's\Dropbox\Dropbox.lnk - C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /home C:\Documents and Settings\Johan\Menu Start\Programma's\Opstarten\Dropbox.lnk - C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /systemstartup ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Apple Software Update.lnk - C:\WINDOWS\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Word.lnk - C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Qvo6.com C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Rekenmachine.lnk - C:\WINDOWS\system32\calc.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe Qvo6.com C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\LiveUpdate.LNK - C:\Program Files\Norton 360\Engine\20.4.0.40\uistub.exe /lu C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton 360 verwijderen.LNK - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\20.4.0.40\inststub.exe /X /shortcut C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton 360.LNK - C:\Program Files\Norton 360\Engine\20.4.0.40\uistub.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton Recovery Tools.LNK - C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Ondersteuning verkrijgen.LNK - C:\Program Files\Norton 360\Engine\20.4.0.40\symerr.exe /support C:\Documents and Settings\All Users\Menu Start\Programma's\QuickTime\Over QuickTime.lnk - C:\WINDOWS\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\RichText.ico C:\Documents and Settings\All Users\Menu Start\Programma's\QuickTime\PictureViewer.lnk - C:\WINDOWS\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\PictureViewer.ico C:\Documents and Settings\All Users\Menu Start\Programma's\QuickTime\QuickTime deïnstalleren.lnk - C:\WINDOWS\system32\msiexec.exe /i {7BE15435-2D3E-4B58-867F-9C75BED0208C} /qf C:\Documents and Settings\All Users\Menu Start\Programma's\QuickTime\QuickTime Player.lnk - C:\WINDOWS\Installer\{7BE15435-2D3E-4B58-867F-9C75BED0208C}\QTPlayer.ico ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe Qvo6.com C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Qvo6.com C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero Home.lnk - C:\Program Files\Nero\Nero8\Nero Home\NeroHome.exe -ScParameter=65 C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Nero StartSmart.lnk - C:\Program Files\Nero\Nero8\Nero StartSmart\NeroStartSmart.exe -ScParameter=65 C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files\Azureus\Azureus.exe C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Xilisoft MPEG to DVD Converter.lnk - C:\Program Files\Xilisoft\MPEG to DVD Converter\MPEG to DVD Converter.exe ==== shortcuts After Repair ====================== C:\Documents and Settings\Johan\Bureaublad\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Johan\Bureaublad\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Bureaublad\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Johan\Menu Start\Programma's\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Johan\Menu Start\Programma's\Bureau-accessoires\Systeembeheer\Internet Explorer (zonder invoegtoepassingen).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\Documents and Settings\All Users\Menu Start\Programma's\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\De Internet Explorer-browser starten.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe ==== HijackThis Entries ====================== R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM') O4 - S-1-5-18 Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user') O4 - .DEFAULT Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user') O4 - .DEFAULT Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Wsys Service (WsysSvc) - Unknown owner - C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe (file missing) ==== Empty IE Cache ====================== C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Johan\LOCALS~1\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\All Users\Application Data\eSafe" not found ==== EOF on zo 07/07/2013 at 9:50:19,20 ======================

ComboFix 13-07-07.01 - Johan 06/07/2013 23:15:27.10.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2555 [GMT 2:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Johan\Bureaublad\CFScript.txt AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Tarma Installer c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe c:\documents and settings\All Users\Application Data\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico c:\documents and settings\Johan\Application Data\WebCake c:\documents and settings\Johan\Application Data\WebCake\dat\Desktop.OS.dll c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2013-06-06 to 2013-07-06 )))))))))))))))))))))))))))))) . . 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\Johan\Application Data\eIntaller 2013-07-05 06:49 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\All Users\Application Data\eSafe 2013-06-17 19:29 . 2013-06-17 19:29 -------- d-----w- c:\program files\Apple Software Update 2013-06-14 14:42 . 2013-06-19 14:25 -------- d-----w- c:\windows\system32\drivers\N360\1404000.028 2013-06-07 08:17 . 2013-06-07 08:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-05 06:49 . 2011-02-19 21:03 420944 ----a-w- c:\windows\system32\msvcp100.dll 2013-07-05 06:49 . 2011-02-18 22:40 773712 ----a-w- c:\windows\system32\msvcr100.dll 2013-06-19 00:22 . 2009-12-15 17:24 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-06-17 05:53 . 2012-04-16 15:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-17 05:53 . 2011-05-17 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-07 22:27 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2013-05-03 05:39 . 2006-03-02 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39 . 2004-08-04 00:58 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-12 14:01 . 2006-03-02 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe 2012-12-17 20:40 . 2012-12-17 20:40 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2013-01-29 55360] "gStart"="c:\program files\Garmin\gStart.exe" [2008-08-13 1891416] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe Startup [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [14/06/2013 16:42 367704] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [14/06/2013 16:42 934488] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130702.001\BHDrvx86.sys [2/07/2013 20:13 1002072] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [14/06/2013 16:42 134744] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 19:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [14/06/2013 16:42 175264] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 21:13 147456] R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [6/11/2012 17:52 8704] R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.4.0.40\ccsvchst.exe [14/06/2013 16:42 144368] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [26/03/2013 19:01 196624] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/02/2011 23:23 35088] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/03/2013 6:07 93072] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/08/2012 11:48 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130705.001\IDSXpx86.sys [6/07/2013 10:23 373728] S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [6/11/2012 17:52 101376] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22 133104] S2 WsysSvc;Wsys Service;c:\documents and settings\All Users\Application Data\eSafe\eGdpSvc.exe [5/07/2013 8:49 386112] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 17:45 1684736] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-20 15:38 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 05:53] . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - ExtSQL: 2013-07-05 09:13; plugin@getwebcake.com; c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\plugin@getwebcake.com FF - ExtSQL: !HIDDEN! 2009-08-10 17:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: extentions.webcake.installId - 2ce365b8-efde-4b92-804b-5c5c6b2a8a4a FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-07-06 23:21 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2013-07-06 23:22:59 ComboFix-quarantined-files.txt 2013-07-06 21:22 ComboFix2.txt 2013-07-06 11:04 ComboFix3.txt 2013-07-06 08:23 ComboFix4.txt 2013-02-27 16:26 ComboFix5.txt 2013-07-06 21:14 . Pre-Run: 12.143.132.672 bytes beschikbaar Post-Run: 12.133.834.752 bytes beschikbaar . - - End Of File - - B5D3EC1F0AFB699E0A1C7AD84547F374 3051207086651214E435112E51817DC5

ComboFix 13-07-06.03 - Johan 06/07/2013 12:57:40.9.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2637 [GMT 2:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2013-06-06 to 2013-07-06 )))))))))))))))))))))))))))))) . . 2013-07-05 07:13 . 2013-07-05 15:21 -------- d-----w- c:\documents and settings\Johan\Application Data\WebCake 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\Johan\Application Data\eIntaller 2013-07-05 06:49 . 2013-07-05 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer 2013-07-05 06:49 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\All Users\Application Data\eSafe 2013-06-17 19:29 . 2013-06-17 19:29 -------- d-----w- c:\program files\Apple Software Update 2013-06-14 14:42 . 2013-06-19 14:25 -------- d-----w- c:\windows\system32\drivers\N360\1404000.028 2013-06-07 08:17 . 2013-06-07 08:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-05 06:49 . 2011-02-19 21:03 420944 ----a-w- c:\windows\system32\msvcp100.dll 2013-07-05 06:49 . 2011-02-18 22:40 773712 ----a-w- c:\windows\system32\msvcr100.dll 2013-06-19 00:22 . 2009-12-15 17:24 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-06-17 05:53 . 2012-04-16 15:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-17 05:53 . 2011-05-17 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-07 22:27 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2013-05-03 05:39 . 2006-03-02 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39 . 2004-08-04 00:58 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-12 14:01 . 2006-03-02 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe 2012-12-17 20:40 . 2012-12-17 20:40 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2013-01-29 55360] "gStart"="c:\program files\Garmin\gStart.exe" [2008-08-13 1891416] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe Startup [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [14/06/2013 16:42 367704] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [14/06/2013 16:42 934488] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130702.001\BHDrvx86.sys [2/07/2013 20:13 1002072] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [14/06/2013 16:42 134744] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 19:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [14/06/2013 16:42 175264] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 21:13 147456] R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [6/11/2012 17:52 8704] R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.4.0.40\ccsvchst.exe [14/06/2013 16:42 144368] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [26/03/2013 19:01 196624] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/02/2011 23:23 35088] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/03/2013 6:07 93072] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/08/2012 11:48 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130705.001\IDSXpx86.sys [6/07/2013 10:23 373728] S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [6/11/2012 17:52 101376] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22 133104] S2 WsysSvc;Wsys Service;c:\documents and settings\All Users\Application Data\eSafe\eGdpSvc.exe [5/07/2013 8:49 386112] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 17:45 1684736] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-20 15:38 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 05:53] . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: browser.search.selectedEngine - qvo6 FF - prefs.js: browser.startup.homepage - hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=ST3320620AS_9QF8X3VYXXXX9QF8X3VY&ts=1373006947 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - ExtSQL: 2013-07-05 09:13; plugin@getwebcake.com; c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\plugin@getwebcake.com FF - ExtSQL: !HIDDEN! 2009-08-10 17:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: extentions.webcake.installId - 2ce365b8-efde-4b92-804b-5c5c6b2a8a4a FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-07-06 13:03 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2332) c:\progra~1\Raptr\ltc_help32-68721.dll c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2013-07-06 13:04:53 ComboFix-quarantined-files.txt 2013-07-06 11:04 ComboFix2.txt 2013-07-06 08:23 ComboFix3.txt 2013-02-27 16:26 ComboFix4.txt 2012-11-12 22:38 ComboFix5.txt 2013-07-06 10:56 . Pre-Run: 11.633.201.152 bytes beschikbaar Post-Run: 11.621.777.408 bytes beschikbaar . - - End Of File - - 20C7BE12EC79832C3C32B6BD76773CCF 3051207086651214E435112E51817DC5

ComboFix 13-07-06.02 - Johan 06/07/2013 10:15:31.8.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2518 [GMT 2:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Seaarch-NNeewTuaab c:\documents and settings\All Users\Application Data\Seaarch-NNeewTuaab\512bcd6b61c86.tlb c:\documents and settings\All Users\Application Data\Seaarch-NNeewTuaab\settings.ini c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2013-06-06 to 2013-07-06 )))))))))))))))))))))))))))))) . . 2013-07-05 07:13 . 2013-07-05 15:21 -------- d-----w- c:\documents and settings\Johan\Application Data\WebCake 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\LocalService\Bureaublad 2013-07-05 07:13 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\Johan\Application Data\eIntaller 2013-07-05 06:49 . 2013-07-05 13:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Tarma Installer 2013-07-05 06:49 . 2013-07-05 07:13 -------- d-----w- c:\documents and settings\All Users\Application Data\eSafe 2013-06-17 19:29 . 2013-06-17 19:29 -------- d-----w- c:\program files\Apple Software Update 2013-06-14 14:42 . 2013-06-19 14:25 -------- d-----w- c:\windows\system32\drivers\N360\1404000.028 2013-06-07 08:17 . 2013-06-07 08:17 -------- d-----w- c:\documents and settings\LocalService\Application Data\McAfee . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-07-05 06:49 . 2011-02-19 21:03 420944 ----a-w- c:\windows\system32\msvcp100.dll 2013-07-05 06:49 . 2011-02-18 22:40 773712 ----a-w- c:\windows\system32\msvcr100.dll 2013-06-19 00:22 . 2009-12-15 17:24 142496 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2013-06-17 05:53 . 2012-04-16 15:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-17 05:53 . 2011-05-17 14:40 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-05-07 22:27 . 2006-03-02 12:00 920064 ----a-w- c:\windows\system32\wininet.dll 2013-05-07 22:27 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2013-05-07 22:27 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2013-05-07 21:53 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2013-05-03 05:39 . 2006-03-02 12:00 2154496 ----a-w- c:\windows\system32\ntoskrnl.exe 2013-05-03 05:39 . 2004-08-04 00:58 2033152 ----a-w- c:\windows\system32\ntkrnlpa.exe 2013-04-12 14:01 . 2006-03-02 12:00 1876480 ----a-w- c:\windows\system32\win32k.sys 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe 2012-12-17 20:40 . 2012-12-17 20:40 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2013-05-25 00:36 130736 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.19.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-03-22 248208] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2013-01-29 55360] "gStart"="c:\program files\Garmin\gStart.exe" [2008-08-13 1891416] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2011-10-24 421888] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe Startup [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\1404000.028\symds.sys [14/06/2013 16:42 367704] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\1404000.028\symefa.sys [14/06/2013 16:42 934488] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\BASHDefs\20130702.001\BHDrvx86.sys [2/07/2013 20:13 1002072] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\1404000.028\ccsetx86.sys [14/06/2013 16:42 134744] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 19:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\1404000.028\ironx86.sys [14/06/2013 16:42 175264] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 21:13 147456] R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\Freemake\CaptureLib\CaptureLibService.exe [6/11/2012 17:52 8704] R2 N360;Norton 360;c:\program files\Norton 360\Engine\20.4.0.40\ccsvchst.exe [14/06/2013 16:42 144368] R2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe [26/03/2013 19:01 196624] R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [11/02/2011 23:23 35088] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/03/2013 6:07 93072] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [9/08/2012 11:48 106656] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\Definitions\IPSDefs\20130704.001\IDSXpx86.sys [4/07/2013 22:20 373728] S2 Freemake Improver;Freemake Improver;c:\documents and settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [6/11/2012 17:52 101376] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22 133104] S2 WsysSvc;Wsys Service;c:\documents and settings\All Users\Application Data\eSafe\eGdpSvc.exe [5/07/2013 8:49 386112] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 17:45 1684736] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-06-20 15:38 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.116\Installer\chrmstp.exe . Inhoud van de 'Gedeelde Taken' map . 2013-07-05 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 05:53] . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2013-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2013-07-02 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2013-07-06 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?btnG=Google+Search&q= FF - prefs.js: browser.search.selectedEngine - qvo6 FF - prefs.js: browser.startup.homepage - hxxp://www.qvo6.com/?utm_source=b&utm_medium=amt&from=amt&uid=ST3320620AS_9QF8X3VYXXXX9QF8X3VY&ts=1373006947 FF - prefs.js: keyword.URL - hxxp://www.google.com/search?btnG=Google+Search&q= FF - ExtSQL: 2013-07-05 09:13; plugin@getwebcake.com; c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\plugin@getwebcake.com FF - ExtSQL: !HIDDEN! 2009-08-10 17:57; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - user.js: extentions.webcake.installId - 2ce365b8-efde-4b92-804b-5c5c6b2a8a4a FF - user.js: extentions.webcake.defaultEnableAppsList - layers,brain/features,newOffers/wc . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-OptimizerPro - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\OPTIMI~1\Setup.exe AddRemove-SP_48c708f2 - c:\program files\BrowseToSave\uninstall.exe AddRemove-SP_56ec1d15 - c:\program files\MocaFlix\uninstall.exe AddRemove-SP_b0285714 - c:\program files\WebSearch\uninstall.exe AddRemove-vfd-ob - c:\program files\OApps\vfd-ob_uninstall.exe AddRemove-{8DD94C0D-4A7A-C532-ED82-9926C6F4FC5A} - c:\docume~1\ALLUSE~1\APPLIC~1\INSTAL~1\{C1E50~1\Setup.exe AddRemove-FoxTab PDF Creator - c:\program files\FoxTabPDFConverter\Uninstall\Uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-07-06 10:21 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\20.4.0.40\diMaster.dll\" /prefetch:1" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . Voltooingstijd: 2013-07-06 10:23:18 ComboFix-quarantined-files.txt 2013-07-06 08:23 ComboFix2.txt 2013-02-27 16:26 ComboFix3.txt 2012-11-12 22:38 ComboFix4.txt 2012-05-05 07:08 ComboFix5.txt 2013-07-06 08:13 . Pre-Run: 11.580.149.760 bytes beschikbaar Post-Run: 11.472.203.776 bytes beschikbaar . - - End Of File - - 946B39CA95F8DDB63EFE985B0E6D4CB1 3051207086651214E435112E51817DC5

Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.07.05.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Johan :: JOHAN-91485BE8A [administrator] 5/07/2013 15:25:42 mbam-log-2013-07-05 (15-25-42).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 216105 Verstreken tijd: 10 minuut/minuten, 55 seconde(n) Geheugenprocessen gedetecteerd: 1 C:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> 3732 -> Zal worden verwijderd tijdens het herstarten. Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 16 HKCR\CLSID\{33333333-3333-3333-3333-330133183325} (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Updater.AmiUpd.1 (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\Updater.AmiUpd (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Api (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Api.1 (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Layers (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\WebCakeIEClient.Layers.1 (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\AppID\WebCakeIEClient.DLL (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 4 C:\Documents and Settings\Johan\Application Data\SwvUpdater (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\WebCake (PUP.WebCake) -> Zal worden verwijderd tijdens het herstarten. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38} (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Cache (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. Bestanden gedetecteerd: 13 C:\Documents and Settings\Johan\Application Data\SwvUpdater\Updater.exe (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Johan\Application Data\SwvUpdater\Updater.xml (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Johan\Application Data\SwvUpdater\status.cfg (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\WINDOWS\Tasks\AmiUpdXp.job (PUP.Software.Updater) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\WebCake\WebCakeLayers.crx (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\WebCake\OptChrome.exe (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\WebCake\sqlite3.exe (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Program Files\WebCake\WebCakeDesktop.Updater.exe (PUP.WebCake) -> Zal worden verwijderd tijdens het herstarten. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.ico (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.dat (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\Setup.exe (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setup.dll (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\All Users\Application Data\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll (PUP.WebCake) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:02:08, on 5/07/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Garmin\gStart.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\notepad.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe -- End of file - 13046 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:21:49, on 5/07/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Garmin\gStart.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\Johan\Application Data\WebCake\WebCakeDesktop.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\WebCake\WebCakeDesktop.Updater.exe C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Microsoft Office\Office12\WINWORD.EXE C:\Program Files\Google\Chrome\Application\chrome.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Qvo6.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Qvo6.com R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Qvo6.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Qvo6.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files\WebCake\WebCakeIEClient.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.4.0.40\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.4.0.40\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WebCake Desktop] "C:\Documents and Settings\Johan\Application Data\WebCake\WebCakeDesktop.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.4.0.40\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool3 (NitroReaderDriverReadSpool3) - Nitro PDF Software - C:\Program Files\Nitro\Reader 3\NitroPDFReaderDriverService3.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: WebCake Desktop Updater - WebCake LLC - C:\Program Files\WebCake\WebCakeDesktop.Updater.exe O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\Documents and Settings\All Users\Application Data\eSafe\eGdpSvc.exe -- End of file - 15105 bytes

Telkens ik Google wil starten verschijnt de zoekmachine Qvo6. Ik krijg die niet verwijderd.

# AdwCleaner v2.114 - Verslag gemaakt op 17/03/2013 om 16:48:45 # Geactualiseerd op 05/03/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : Johan - JOHAN-91485BE8A # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\Johan\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Documents and Settings\All Users\Bureaublad\iLivid.lnk File Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage File Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_apps.conduit.com_0.localstorage-journal File Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_images.search.conduit.com_0.localstorage-journal File Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage-journal File Verwijdert : C:\WINDOWS\system32\conduitEngine.tmp Map Verwijdert : C:\Documents and Settings\All Users\Application Data\{B49A644A-1076-4A3D-B124-DAA7862F2318} Map Verwijdert : C:\Documents and Settings\All Users\Application Data\FreeRIP Map Verwijdert : C:\Documents and Settings\All Users\Menu Start\Programma's\Ilivid Map Verwijdert : C:\Documents and Settings\Johan\Application Data\Ironsource Map Verwijdert : C:\Documents and Settings\Johan\Application Data\searchquband Map Verwijdert : C:\Documents and Settings\Johan\Application Data\Searchqutoolbar Map Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\Johan\Local Settings\Application Data\OpenCandy Map Verwijdert : C:\Program Files\GreenTree Applications Map Verwijdert : C:\Program Files\Ilivid Map Verwijdert : C:\Program Files\Ironsource Map Verwijdert : C:\Program Files\OApps ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\APN Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\AskToolbarInfo Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector Sleutel Verwijdert : HKCU\Software\Ask.com Sleutel Verwijdert : HKCU\Software\AskToolbar Sleutel Verwijdert : HKCU\Software\Complitly Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\Crossrider Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\DealPly Sleutel Verwijdert : HKCU\Software\facemoods.com Sleutel Verwijdert : HKCU\Software\GreenTree Applications Sleutel Verwijdert : HKCU\Software\Headlight Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\IM Sleutel Verwijdert : HKCU\Software\ImInstaller Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\InstalledBrowserExtensions Sleutel Verwijdert : HKCU\Software\Ironsource Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\Search Settings Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RewardsArcade Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A87B991-A31F-4130-AE72-6D0C294BF082} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CFC4F59B-A2DA-4E12-B337-52A4F871E10C} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E908B145-C847-4E85-B315-07E2E70DECF8} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18} Sleutel Verwijdert : HKCU\Software\PIP Sleutel Verwijdert : HKCU\Software\RewardsArcade Sleutel Verwijdert : HKCU\Software\searchqutoolbar Sleutel Verwijdert : HKCU\Software\SmartBar Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\TBSB00808 Sleutel Verwijdert : HKLM\Software\APN Sleutel Verwijdert : HKLM\Software\AskToolbar Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{15F6BCB7-BB0F-4A66-8762-4765B05597EB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{1973277F-87B0-4EA3-9ED2-470A91D284CF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{54B24FA9-87E8-47FC-8589-F9D382D8B299} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5B45AC88-523C-431E-86D7-F339B2EE262E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{6801410E-CC88-42D6-A93B-909E95645407} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{8B0C188C-F6F3-484D-8225-E40262DDE633} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\esrv.searchyaESrvc.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\I Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ilivid Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160 Sleutel Verwijdert : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2E9A2DCB-F5DB-40D0-8E62-3B47DD476A77} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{59B23951-2232-4AFB-81D4-64A8A16D457A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{81E522F1-9E90-47DD-A2CE-39B0C00274A0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8E096DFB-6AB7-45C7-BF64-B313C7096529} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{996A9940-2F2C-4486-A479-439C4A15F278} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9B7D44BA-376C-456F-B289-5034270322FD} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9BD8FF26-2C71-4D35-9FE2-AD8D25AECC36} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BCE6E914-AEF0-4FEE-8FC8-06F9B42BF890} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BD8D5FFA-4F92-48AD-BFBE-7896916656F5} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C92E6D80-EC54-45CC-AC4B-A7CF42F11B52} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D1CB564E-F38A-4F2A-8257-60E3F8BE9F34} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D5A1EF9A-7948-435D-8B87-D6A598317288} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F293BBC0-DA7E-4CF1-9EEA-CE90CFE0DF86} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FEFBC559-C3C7-4287-B05B-49D489B80749} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\ironsource.searchyaappCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbRequest Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbTask Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2504091 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{15F6BCB7-BB0F-4A66-8762-4765B05597EB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{69332529-EEC8-4D0D-9FD3-202C4AE8E589} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B00FE392-639D-4688-976E-A1BFF368CB96} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{CD082CCA-086F-4FD8-8FD7-247A0DBBD1CC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DealPly Sleutel Verwijdert : HKLM\Software\facemoods.com Sleutel Verwijdert : HKLM\Software\Freeze.com Sleutel Verwijdert : HKLM\Software\ilivid Sleutel Verwijdert : HKLM\Software\ImInstaller Sleutel Verwijdert : HKLM\Software\Ironsource Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{819DC4CA-4FFF-4C2E-800D-F346471D99BC} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facemoods Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\PlayMP3 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Searchqu Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\searchya Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\817FDB46B46DE8B4AAD499F1DAFF341D Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5A9327D31011C244A196F700637C701 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6B84CEB2810F104BA0E5FC5C8EACD7E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\searchya Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\Software\Search Settings Sleutel Verwijdert : HKLM\Software\SimplyGen Sleutel Verwijdert : HKLM\Software\SP Global Sleutel Verwijdert : HKLM\Software\SProtector Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F}] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (nl) File : C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\prefs.js C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\user.js ... Verwijdert ! Verwijdert : user_pref("aol_toolbar.default.homepage.check", false); Verwijdert : user_pref("aol_toolbar.default.search.check", false); Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Verwijdert : user_pref("extensions.512bcd2dafaa9.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...] Verwijdert : user_pref("extensions.facemoods.aflt", "_#vsl"); Verwijdert : user_pref("extensions.facemoods.firstRun", false); Verwijdert : user_pref("extensions.facemoods.lastActv", "6"); -\\ Google Chrome v25.0.1364.172 File : C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[s1].txt - [26422 octets] - [17/03/2013 16:48:45] ########## EOF - C:\AdwCleaner[s1].txt - [26483 octets] ##########

Ik heb de indruk dat hij weer sneller werkt. In elk geval ben ik van RegClean Pro verlost. Is het aan te raden om regelmatig zoek.exe te gebruiken ? In elk geval reeds van harte bedankt.

Zoek.exe Version 4.0.0.2 Updated 16-03-2013 Tool run by Johan on zo 17/03/2013 at 11:35:53,40. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e9e8eb35-ff77-455d-b677-91e5e4fc06c2} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully HKEY_USERS\S-1-5-21-2000478354-1682526488-839522115-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== 4ling v.1.0.1 Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8.1.2 - Nederlands Adobe Reader 8.1.2 Security Update 1 (KB403742) Adobe SVG Viewer 3.0 AlgoLab R2V Converter 2.97.2M ANIO Service ANIWZCS2 Service Anvil Studio Any Audio Converter 3.2.2 Any Video Converter 3.3.0 Apple Application Support Apple Software Update Applian FLV and Media Player 3.1.1.12 Applian FLV Player ArcSoft Software Suite Ask Toolbar ASUS Enhanced Display Driver ASUS nVIDIA Driver Audacity 1.2.6 Band-in-a-Box 2007 PlusPAK Belgium e-ID middleware 3.5.1 (build 5075) Beveiligingsupdate for Windows Media Player 9 Series (KB969878) Beveiligingsupdate for Windows XP (KB923689) Beveiligingsupdate for Windows XP (KB941569) Beveiligingsupdate voor Microsoft Windows (KB2564958) Beveiligingsupdate voor Windows Internet Explorer 7 (KB938127) Beveiligingsupdate voor Windows Internet Explorer 7 (KB942615) Beveiligingsupdate voor Windows Internet Explorer 7 (KB944533) Beveiligingsupdate voor Windows Internet Explorer 7 (KB950759) Beveiligingsupdate voor Windows Internet Explorer 7 (KB953838) Beveiligingsupdate voor Windows Internet Explorer 7 (KB956390) Beveiligingsupdate voor Windows Internet Explorer 7 (KB958215) Beveiligingsupdate voor Windows Internet Explorer 7 (KB960714) Beveiligingsupdate voor Windows Internet Explorer 7 (KB961260) Beveiligingsupdate voor Windows Internet Explorer 7 (KB963027) Beveiligingsupdate voor Windows Internet Explorer 7 (KB969897) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2510531) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2544521) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2586448) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2618444) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2647516) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2675157) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2699988) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2722913) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2744842) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2761465) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2792100) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2797052) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2799329) Beveiligingsupdate voor Windows Internet Explorer 8 (KB2809289) Beveiligingsupdate voor Windows Internet Explorer 8 (KB982381) Beveiligingsupdate voor Windows Media Player (KB2378111) Beveiligingsupdate voor Windows Media Player (KB911564) Beveiligingsupdate voor Windows Media Player (KB952069) Beveiligingsupdate voor Windows Media Player (KB954155) Beveiligingsupdate voor Windows Media Player (KB968816) Beveiligingsupdate voor Windows Media Player (KB973540) Beveiligingsupdate voor Windows Media Player (KB975558) Beveiligingsupdate voor Windows Media Player (KB978695) Beveiligingsupdate voor Windows Media Player 11 (KB936782) Beveiligingsupdate voor Windows Media Player 11 (KB954154) Beveiligingsupdate voor Windows Media Player 6.4 (KB925398) Beveiligingsupdate voor Windows Media Player 9 (KB936782) Beveiligingsupdate voor Windows XP (KB2079403) Beveiligingsupdate voor Windows XP (KB2121546) Beveiligingsupdate voor Windows XP (KB2160329) Beveiligingsupdate voor Windows XP (KB2229593) Beveiligingsupdate voor Windows XP (KB2259922) Beveiligingsupdate voor Windows XP (KB2279986) Beveiligingsupdate voor Windows XP (KB2286198) Beveiligingsupdate voor Windows XP (KB2296011) Beveiligingsupdate voor Windows XP (KB2296199) Beveiligingsupdate voor Windows XP (KB2347290) Beveiligingsupdate voor Windows XP (KB2360937) Beveiligingsupdate voor Windows XP (KB2387149) Beveiligingsupdate voor Windows XP (KB2393802) Beveiligingsupdate voor Windows XP (KB2412687) Beveiligingsupdate voor Windows XP (KB2419632) Beveiligingsupdate voor Windows XP (KB2423089) Beveiligingsupdate voor Windows XP (KB2436673) Beveiligingsupdate voor Windows XP (KB2440591) Beveiligingsupdate voor Windows XP (KB2443105) Beveiligingsupdate voor Windows XP (KB2476490) Beveiligingsupdate voor Windows XP (KB2476687) Beveiligingsupdate voor Windows XP (KB2478960) Beveiligingsupdate voor Windows XP (KB2478971) Beveiligingsupdate voor Windows XP (KB2479628) Beveiligingsupdate voor Windows XP (KB2479943) Beveiligingsupdate voor Windows XP (KB2481109) Beveiligingsupdate voor Windows XP (KB2483185) Beveiligingsupdate voor Windows XP (KB2485376) Beveiligingsupdate voor Windows XP (KB2485663) Beveiligingsupdate voor Windows XP (KB2503658) Beveiligingsupdate voor Windows XP (KB2503665) Beveiligingsupdate voor Windows XP (KB2506212) Beveiligingsupdate voor Windows XP (KB2506223) Beveiligingsupdate voor Windows XP (KB2507618) Beveiligingsupdate voor Windows XP (KB2507938) Beveiligingsupdate voor Windows XP (KB2508272) Beveiligingsupdate voor Windows XP (KB2508429) Beveiligingsupdate voor Windows XP (KB2509553) Beveiligingsupdate voor Windows XP (KB2511455) Beveiligingsupdate voor Windows XP (KB2524375) Beveiligingsupdate voor Windows XP (KB2535512) Beveiligingsupdate voor Windows XP (KB2536276-v2) Beveiligingsupdate voor Windows XP (KB2536276) Beveiligingsupdate voor Windows XP (KB2544893-v2) Beveiligingsupdate voor Windows XP (KB2544893) Beveiligingsupdate voor Windows XP (KB2555917) Beveiligingsupdate voor Windows XP (KB2562937) Beveiligingsupdate voor Windows XP (KB2566454) Beveiligingsupdate voor Windows XP (KB2567053) Beveiligingsupdate voor Windows XP (KB2567680) Beveiligingsupdate voor Windows XP (KB2570222) Beveiligingsupdate voor Windows XP (KB2570947) Beveiligingsupdate voor Windows XP (KB2584146) Beveiligingsupdate voor Windows XP (KB2585542) Beveiligingsupdate voor Windows XP (KB2592799) Beveiligingsupdate voor Windows XP (KB2598479) Beveiligingsupdate voor Windows XP (KB2603381) Beveiligingsupdate voor Windows XP (KB2618451) Beveiligingsupdate voor Windows XP (KB2619339) Beveiligingsupdate voor Windows XP (KB2620712) Beveiligingsupdate voor Windows XP (KB2621440) Beveiligingsupdate voor Windows XP (KB2624667) Beveiligingsupdate voor Windows XP (KB2631813) Beveiligingsupdate voor Windows XP (KB2633171) Beveiligingsupdate voor Windows XP (KB2639417) Beveiligingsupdate voor Windows XP (KB2641653) Beveiligingsupdate voor Windows XP (KB2646524) Beveiligingsupdate voor Windows XP (KB2647518) Beveiligingsupdate voor Windows XP (KB2653956) Beveiligingsupdate voor Windows XP (KB2655992) Beveiligingsupdate voor Windows XP (KB2659262) Beveiligingsupdate voor Windows XP (KB2660465) Beveiligingsupdate voor Windows XP (KB2661637) Beveiligingsupdate voor Windows XP (KB2676562) Beveiligingsupdate voor Windows XP (KB2685939) Beveiligingsupdate voor Windows XP (KB2686509) Beveiligingsupdate voor Windows XP (KB2691442) Beveiligingsupdate voor Windows XP (KB2695962) Beveiligingsupdate voor Windows XP (KB2698365) Beveiligingsupdate voor Windows XP (KB2705219) Beveiligingsupdate voor Windows XP (KB2707511) Beveiligingsupdate voor Windows XP (KB2709162) Beveiligingsupdate voor Windows XP (KB2712808) Beveiligingsupdate voor Windows XP (KB2718523) Beveiligingsupdate voor Windows XP (KB2719985) Beveiligingsupdate voor Windows XP (KB2723135) Beveiligingsupdate voor Windows XP (KB2724197) Beveiligingsupdate voor Windows XP (KB2727528) Beveiligingsupdate voor Windows XP (KB2731847) Beveiligingsupdate voor Windows XP (KB2753842-v2) Beveiligingsupdate voor Windows XP (KB2753842) Beveiligingsupdate voor Windows XP (KB2757638) Beveiligingsupdate voor Windows XP (KB2758857) Beveiligingsupdate voor Windows XP (KB2761226) Beveiligingsupdate voor Windows XP (KB2770660) Beveiligingsupdate voor Windows XP (KB2778344) Beveiligingsupdate voor Windows XP (KB2779030) Beveiligingsupdate voor Windows XP (KB2780091) Beveiligingsupdate voor Windows XP (KB2799494) Beveiligingsupdate voor Windows XP (KB2802968) Beveiligingsupdate voor Windows XP (KB923561) Beveiligingsupdate voor Windows XP (KB938464-v2) Beveiligingsupdate voor Windows XP (KB938464) Beveiligingsupdate voor Windows XP (KB946648) Beveiligingsupdate voor Windows XP (KB950760) Beveiligingsupdate voor Windows XP (KB950762) Beveiligingsupdate voor Windows XP (KB950974) Beveiligingsupdate voor Windows XP (KB951066) Beveiligingsupdate voor Windows XP (KB951376-v2) Beveiligingsupdate voor Windows XP (KB951376) Beveiligingsupdate voor Windows XP (KB951698) Beveiligingsupdate voor Windows XP (KB951748) Beveiligingsupdate voor Windows XP (KB952004) Beveiligingsupdate voor Windows XP (KB952954) Beveiligingsupdate voor Windows XP (KB953839) Beveiligingsupdate voor Windows XP (KB954211) Beveiligingsupdate voor Windows XP (KB954459) Beveiligingsupdate voor Windows XP (KB954600) Beveiligingsupdate voor Windows XP (KB955069) Beveiligingsupdate voor Windows XP (KB956391) Beveiligingsupdate voor Windows XP (KB956572) Beveiligingsupdate voor Windows XP (KB956744) Beveiligingsupdate voor Windows XP (KB956802) Beveiligingsupdate voor Windows XP (KB956803) Beveiligingsupdate voor Windows XP (KB956841) Beveiligingsupdate voor Windows XP (KB956844) Beveiligingsupdate voor Windows XP (KB957095) Beveiligingsupdate voor Windows XP (KB957097) Beveiligingsupdate voor Windows XP (KB958644) Beveiligingsupdate voor Windows XP (KB958687) Beveiligingsupdate voor Windows XP (KB958690) Beveiligingsupdate voor Windows XP (KB958869) Beveiligingsupdate voor Windows XP (KB959426) Beveiligingsupdate voor Windows XP (KB960225) Beveiligingsupdate voor Windows XP (KB960715) Beveiligingsupdate voor Windows XP (KB960803) Beveiligingsupdate voor Windows XP (KB960859) Beveiligingsupdate voor Windows XP (KB961371) Beveiligingsupdate voor Windows XP (KB961373) Beveiligingsupdate voor Windows XP (KB961501) Beveiligingsupdate voor Windows XP (KB968537) Beveiligingsupdate voor Windows XP (KB969059) Beveiligingsupdate voor Windows XP (KB969898) Beveiligingsupdate voor Windows XP (KB969947) Beveiligingsupdate voor Windows XP (KB970238) Beveiligingsupdate voor Windows XP (KB970430) Beveiligingsupdate voor Windows XP (KB971468) Beveiligingsupdate voor Windows XP (KB971486) Beveiligingsupdate voor Windows XP (KB971557) Beveiligingsupdate voor Windows XP (KB971633) Beveiligingsupdate voor Windows XP (KB971657) Beveiligingsupdate voor Windows XP (KB972270) Beveiligingsupdate voor Windows XP (KB973346) Beveiligingsupdate voor Windows XP (KB973354) Beveiligingsupdate voor Windows XP (KB973507) Beveiligingsupdate voor Windows XP (KB973525) Beveiligingsupdate voor Windows XP (KB973869) Beveiligingsupdate voor Windows XP (KB973904) Beveiligingsupdate voor Windows XP (KB974112) Beveiligingsupdate voor Windows XP (KB974318) Beveiligingsupdate voor Windows XP (KB974392) Beveiligingsupdate voor Windows XP (KB974571) Beveiligingsupdate voor Windows XP (KB975025) Beveiligingsupdate voor Windows XP (KB975467) Beveiligingsupdate voor Windows XP (KB975560) Beveiligingsupdate voor Windows XP (KB975561) Beveiligingsupdate voor Windows XP (KB975562) Beveiligingsupdate voor Windows XP (KB975713) Beveiligingsupdate voor Windows XP (KB977165) Beveiligingsupdate voor Windows XP (KB977816) Beveiligingsupdate voor Windows XP (KB977914) Beveiligingsupdate voor Windows XP (KB978037) Beveiligingsupdate voor Windows XP (KB978251) Beveiligingsupdate voor Windows XP (KB978262) Beveiligingsupdate voor Windows XP (KB978338) Beveiligingsupdate voor Windows XP (KB978542) Beveiligingsupdate voor Windows XP (KB978601) Beveiligingsupdate voor Windows XP (KB978706) Beveiligingsupdate voor Windows XP (KB979309) Beveiligingsupdate voor Windows XP (KB979482) Beveiligingsupdate voor Windows XP (KB979559) Beveiligingsupdate voor Windows XP (KB979683) Beveiligingsupdate voor Windows XP (KB979687) Beveiligingsupdate voor Windows XP (KB980195) Beveiligingsupdate voor Windows XP (KB980218) Beveiligingsupdate voor Windows XP (KB980232) Beveiligingsupdate voor Windows XP (KB980436) Beveiligingsupdate voor Windows XP (KB981322) Beveiligingsupdate voor Windows XP (KB981852) Beveiligingsupdate voor Windows XP (KB981957) Beveiligingsupdate voor Windows XP (KB981997) Beveiligingsupdate voor Windows XP (KB982132) Beveiligingsupdate voor Windows XP (KB982214) Beveiligingsupdate voor Windows XP (KB982665) Beveiligingsupdate voor Windows XP (KB982802) BrowseToSave 1.74 CAM UnZip 4.42 CCleaner Cd 2 van Microsoft Office 2000 Compatibiliteitspakket voor het 2007 Microsoft Office system Cool Edit Pro 2.1 Corel Applications Cute PDF Writer D-Link Wireless N DWA-140 Drive Image Dropbox DVD Ripper 4 Encarta Naslagbibliotheek Winkler Prins Essentiële update voor Windows Media Player 11 (KB959772) Express Burn Express Rip ExtraFilm Designer BE NL FLAC Player 1.0.1 FLV to AVI MPEG WMV 3GP MP4 iPod Converter 4.2.0620 Foxit Editor FoxTab PDF Creator Freecorder 6 Freecorder 6 Add-on for Firefox Freemake Video Downloader Garmin ANT Agent Garmin MapSource Garmin Training Center Garmin USB Drivers Google Chrome Google Earth Google Earth Plug-in Google Update Helper Guitar Pro 5.2 High Definition Audio Driver Package - KB888111 HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB976002-v5) Hotfix voor Windows Internet Explorer 7 (KB947864) Hotfix voor Windows Media Player 11 (KB939683) Hotfix voor Windows XP (KB2158563) Hotfix voor Windows XP (KB2443685) Hotfix voor Windows XP (KB2570791) Hotfix voor Windows XP (KB2633952) Hotfix voor Windows XP (KB2756822) Hotfix voor Windows XP (KB2779562) Hotfix voor Windows XP (KB952287) Hotfix voor Windows XP (KB961118) Hotfix voor Windows XP (KB970653-v3) Hotfix voor Windows XP (KB976098-v2) Hotfix voor Windows XP (KB979306) Hotfix voor Windows XP (KB981793) hp deskjet 3600 HP Memories Disc HP Photo and Imaging 2.0 - Deskjet Series hp print screen utility iLivid Image Resizer Powertoy for Windows XP IsoBuster 2.8.5 Japanese Fonts Support For Adobe Reader 8 Java 7 Update 17 Java Auto Updater JMB36X Raid Configurer Juniper Networks Secure Application Manager Juniper Networks Setup Client K-Lite Codec Pack 2.27 Full L&H TTS3000 Nederlands Light Image Resizer 4.3.1.0 LiveReg (Symantec Corporation) LiveUpdate 1.80 (Symantec Corporation) LUMIX Simple Viewer MagicTracer Malwarebytes Anti-Malware versie 1.70.0.1100 Marvell Miniport Driver MGET FLAC2MP3 convertor Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 1.1 Security Update (KB979906) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Extended NLD Language Pack Microsoft ActiveSync 4.0 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft National Language Support Downlevel APIs Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (Dutch) 2007 Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office OneNote MUI (Dutch) 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft Office XP Professional Microsoft Software Update for Web Folders (Dutch) 12 Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MidiLogic Mozilla Firefox 17.0.1 (x86 nl) Mozilla Maintenance Service MP4 Player MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Musette version 2.9.9 n-Track Studio 6 Nero 8 Nitro Reader 2 Norton 360 NVIDIA Drivers OGA Notifier 1.7.0105.35.0 OptimizerPro PartitionMagic PC Probe II PG Music DirectX Plugins 1.3.4.1 Photo Notifier and Animation Creator PHOTOfunSTUDIO -viewer- Picasa 3 Picture To Go Power Tab Editor 1.7 PowerQuest Drive Image 2002 PowerQuest PartitionMagic 8.0 QuickTime Raptr RealDrums Sets 8-10 Realtek High Definition Audio Driver save2pc Light 4.03 save2pc Pro Demo 3.55 Search Assistant MocaFlix 1.66 Search Assistant WebSearch 1.74 Search Settings Searchqu Toolbar SearchYa Toolbar on IE and Chrome Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Segoe UI Shockwave Shockwave Director 8.5.1 SILKYPIX Developer Studio 2.0 SE Sonic UDF Reader Sony Picture Utility Sony USB Driver SoundTap Streaming Audio Recorder Spector Photo Software Spoon Sandbox Manager 3.24 Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD Taalpakket voor Microsoft .NET Framework 4 Extended - NLD TomTom HOME 2.8.2.2264 TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768024) 32-Bit Edition Update voor Windows Internet Explorer 8 (KB2598845) Update voor Windows XP (KB2141007) Update voor Windows XP (KB2345886) Update voor Windows XP (KB2467659) Update voor Windows XP (KB2541763) Update voor Windows XP (KB2607712) Update voor Windows XP (KB2616676) Update voor Windows XP (KB2641690) Update voor Windows XP (KB2661254-v2) Update voor Windows XP (KB2718704) Update voor Windows XP (KB2736233) Update voor Windows XP (KB2749655) Update voor Windows XP (KB951072-v2) Update voor Windows XP (KB951978) Update voor Windows XP (KB955759) Update voor Windows XP (KB955839) Update voor Windows XP (KB961503) Update voor Windows XP (KB967715) Update voor Windows XP (KB968389) Update voor Windows XP (KB971029) Update voor Windows XP (KB971737) Update voor Windows XP (KB973687) Update voor Windows XP (KB973815) USB-Flachbettscanner vanBasco's Karaoke Player VectorNow - Raster to Vector Converter Video Converter 3 Video to Audio Converter 3 VideoFileDownload Virtual Sound Canvas DXi Vuze WebFldrs XP Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices (07/07/2009 1.12.2) Windows Driver Package - Garmin (grmnusb) GARMIN Devices (06/03/2009 2.3.0.0) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Validation Tool (KB892130) Windows iLivid Toolbar Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Photo Gallery Windows Live Sync Windows Live Writer Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 3 WinPcap 4.1.2 WinRAR Xilisoft MPEG to DVD Converter XP Codec Pack Xvid 1.2.1 final uninstall XviD MPEG-4 Codec You Tube Driver YTD Video Downloader 3.9.6 ==== Reset Hosts File ====================== # Copyright © 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== FireFox Fix ====================== Deleted from C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\prefs.js: user_pref("browser.startup.homepage", "http://www.mozilla.com/nl/firefox/central/"); user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); user_pref("browser.search.defaulturl", "http://websearch.pu-results.info/?pid=726&r=2013/02/25&hid=3926805331&lg=EN&cc=BE&l=1&q="); user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.defaultenginename", "WebSearch"); user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("extensions.asktb.ff-original-keyword-url", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p="); user_pref("keyword.URL", "http://websearch.pu-results.info/?pid=726&r=2013/02/25&hid=3926805331&lg=EN&cc=BE&l=1&q="); user_pref("sweetim.toolbar.previous.keyword.URL", ""); user_pref("browser.search.useDBForOrder", true); Added to C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("extensions.asktb.ff-original-keyword-url", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p="); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); ProfilePath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "babclient"); user_pref("extensions.BabylonToolbar.babExt", ""); user_pref("extensions.BabylonToolbar.babTrack", "affID=18173"); user_pref("extensions.BabylonToolbar.bbDpng", 6); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.dfltSrch", true); user_pref("extensions.BabylonToolbar.hmpg", true); user_pref("extensions.BabylonToolbar.id", "3026a1f100000000000000265a78d04b"); user_pref("extensions.BabylonToolbar.instlDay", "15512"); user_pref("extensions.BabylonToolbar.instlRef", "std"); user_pref("extensions.BabylonToolbar.keyWordUrl", "http://search.babylon.com/?affID=18173&babsrc=KW_def&mntrId=3026a1f100000000000000265a78d04b&q="); user_pref("extensions.BabylonToolbar.lastDP", 6); user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1722:57:43"); user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "3.6"); user_pref("extensions.BabylonToolbar.newTab", false); user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?affID=18173&babsrc=NT_def"); user_pref("extensions.BabylonToolbar.noFFXTlbr", false); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.propectorlck", 85510682); user_pref("extensions.BabylonToolbar.prtkDS", 0); user_pref("extensions.BabylonToolbar.prtkHmpg", 0); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.ptch_0717", true); user_pref("extensions.BabylonToolbar.smplGrp", "none"); user_pref("extensions.BabylonToolbar.srcExt", "def"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1722:57:43"); user_pref("extensions.BabylonToolbar_i.aflt", "babclient"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=18173"); user_pref("extensions.BabylonToolbar_i.hardId", "3026a1f100000000000000265a78d04b"); user_pref("extensions.BabylonToolbar_i.id", "3026a1f100000000000000265a78d04b"); user_pref("extensions.BabylonToolbar_i.instlDay", "15512"); user_pref("extensions.BabylonToolbar_i.instlRef", "std"); user_pref("extensions.BabylonToolbar_i.newTab", false); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.srcExt", "def"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:57:43"); ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.id", "3026a1f100000000000000265a78d04b"); user_pref("extensions.BabylonToolbar_i.hardId", "3026a1f100000000000000265a78d04b"); user_pref("extensions.BabylonToolbar_i.instlDay", "15512"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1722:57:43"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babclient"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar_i.tlbrId", "base"); user_pref("extensions.BabylonToolbar_i.newTab", false); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=18173"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "def"); user_pref("extensions.BabylonToolbar_i.instlRef", "std"); ---- Lines searchya removed from prefs.js ---- user_pref("extensions.searchya.admin", false); user_pref("extensions.searchya.aflt", "dcom"); user_pref("extensions.searchya.cntry", "BE"); user_pref("extensions.searchya.dfltLng", ""); user_pref("extensions.searchya.dfltSrch", true); user_pref("extensions.searchya.excTlbr", false); user_pref("extensions.searchya.hdrMd5", "EC0622583303066C715690855A0E5B7B"); user_pref("extensions.searchya.hmpg", false); user_pref("extensions.searchya.id", "3026a1f100000000000000265a78d04b"); user_pref("extensions.searchya.instlDay", "15379"); user_pref("extensions.searchya.instlRef", "dcom-100"); user_pref("extensions.searchya.lastVrsnTs", "1.5.11.1319:06:09"); user_pref("extensions.searchya.mntrvrsn", "1.2.0"); user_pref("extensions.searchya.newTab", true); user_pref("extensions.searchya.newTabUrl", "http://searchya.com/?chnl=dcom-100&s=2&cr=1062395452&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtBtDzy"); user_pref("extensions.searchya.noFFXTlbr", false); user_pref("extensions.searchya.prdct", "searchya"); user_pref("extensions.searchya.prtnrId", "ironsrc"); user_pref("extensions.searchya.sg", "none"); user_pref("extensions.searchya.smplGrp", "none"); user_pref("extensions.searchya.srchPrvdr", "SearchYa!"); user_pref("extensions.searchya.stAdmnPrms", true); user_pref("extensions.searchya.tlbrId", "base"); user_pref("extensions.searchya.tlbrSrchUrl", "http://searchya.com/?chnl=dcom-100&s=3&cr=1062395452&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtBtDzy&q="); user_pref("extensions.searchya.vrsn", "1.5.11.13"); user_pref("extensions.searchya.vrsni", "1.5.11.13"); user_pref("extensions.searchya.vrsnTs", "1.5.11.1319:06:09"); ---- Lines searchya modified from prefs.js ---- ---- Lines searchya removed from user.js ---- ---- Lines CT2504091 removed from prefs.js ---- user_pref("CommunityToolbar.ToolbarsList", "CT2720081,CT2504091,ConduitEngine"); user_pref("CommunityToolbar.ToolbarsList2", "CT2720081,CT2504091"); user_pref("CT2504091.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT2504091.alertChannelId", "897164"); user_pref("CT2504091.autoDisableScopes", -1); user_pref("CT2504091.clientLogIsEnabled", true); user_pref("CT2504091.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2504091.CTID", "CT2504091"); user_pref("CT2504091.CurrentServerDate", "15-6-2011"); user_pref("CT2504091.defaultSearch", "false"); user_pref("CT2504091.DialogsAlignMode", "LTR"); user_pref("CT2504091.DownloadReferralCookieData", ""); user_pref("CT2504091.EMailNotifierPollDate", "Wed Jun 15 2011 16:20:16 GMT+0200"); user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":true,\"jsInjection\":true,\"sslGranted\":true}}]"); user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.enableAlerts", "false"); user_pref("CT2504091.enableSearchFromAddressBar", "true"); user_pref("CT2504091.FeedLastCount129079840422964131", 11); user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Jun 15 2011 16:20:18 GMT+0200"); user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Jun 15 2011 16:20:18 GMT+0200"); user_pref("CT2504091.FeedTTL128891351169457140", 40); user_pref("CT2504091.FirstServerDate", "25-10-2010"); user_pref("CT2504091.FirstTime", true); user_pref("CT2504091.firstTimeDialogOpened", true); user_pref("CT2504091.FirstTimeFF3", true); user_pref("CT2504091.FirstTimeSettingsDone", true); user_pref("CT2504091.fixPageNotFoundError", "true"); user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); user_pref("CT2504091.FixPageNotFoundErrors", true); user_pref("CT2504091.fixUrls", true); user_pref("CT2504091.GroupingServerCheckInterval", 1440); user_pref("CT2504091.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2504091.Initialize", true); user_pref("CT2504091.InitializeCommonPrefs", true); user_pref("CT2504091.InstallationAndCookieDataSentCount", 3); user_pref("CT2504091.InstallationType", "UnknownIntegration"); user_pref("CT2504091.InstalledDate", "Mon Oct 25 2010 21:42:11 GMT+0200"); user_pref("CT2504091.installId", "ConduitNSISIntegration"); user_pref("CT2504091.installType", "ConduitNSISIntegration"); user_pref("CT2504091.isCheckedStartAsHidden", true); user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.isFirstTimeToolbarLoading", "false"); user_pref("CT2504091.IsGrouping", false); user_pref("CT2504091.IsMulticommunity", false); user_pref("CT2504091.isNewTabEnabled", true); user_pref("CT2504091.IsOpenThankYouPage", false); user_pref("CT2504091.IsOpenUninstallPage", false); user_pref("CT2504091.isPerformedSmartBarTransition", "true"); user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Jun 15 2011 16:20:18 GMT+0200"); user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); user_pref("CT2504091.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2504091.LastLogin_2.7.2.0", "Wed Jun 15 2011 16:20:18 GMT+0200"); user_pref("CT2504091.LatestVersion", "3.3.3.2"); user_pref("CT2504091.Locale", "en-us"); user_pref("CT2504091.LoginCache", 4); user_pref("CT2504091.LoginRevertSettingsEnabled", true); user_pref("CT2504091.MCDetectTooltipHeight", "83"); user_pref("CT2504091.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2504091.MCDetectTooltipWidth", "295"); user_pref("CT2504091.migrateAppsAndComponents", true); user_pref("CT2504091.myStuffPublihserMinWidth", 400); user_pref("CT2504091.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); user_pref("CT2504091.myStuffServiceIntervalMM", 1440); user_pref("CT2504091.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"https%3A%2F%2Fwww.google.be%2Fsearch%3Fq%3Dcompressorkoelkasten%2B%26ie%3Dutf-8%26oe%3Dutf-8%26aq%3Dt%26rls%3Dorg.mozilla%3Anl%3Aofficial%26client%3Dfirefox-a\",\"EB_MAIN_FRAME_TITLE\":\"compressorkoelkasten%20%20-%20Google%20zoeken\",\"EB_TOOLBAR_SUB_DOMAIN\":\"http://VuzeRemote.OurToolbar.com/\",\"EB_TOOLBAR_ID\":\"CT2504091\",\"EB_TOOLBAR_VERSION\":\"10.13.40.15\",\"EB_ORIGINAL_CTID\":\"CT2504091\",\"EB_DOWNLOAD_PAGE\":\"http://VuzeRemote.OurToolbar.com/\",\"EB_TOOLBAR_NAME\":\"Vuze Remote\"}"); user_pref("CT2504091.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.openThankYouPage", "false"); user_pref("CT2504091.openUninstallPage", "false"); user_pref("CT2504091.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2504091&octid=EB_ORIGINAL_CTID&SearchSource=1"); user_pref("CT2504091.SearchFromAddressBarIsInit", true); user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&q="); user_pref("CT2504091.SearchInNewTabEnabled", true); user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Jun 15 2011 16:20:16 GMT+0200"); user_pref("CT2504091.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2504091.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//xpi\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_services_login_10.10.27.6_lastUpdate", "1349240149154"); user_pref("CT2504091.serviceLayer_services_login_10.13.40.15_lastUpdate", "1362164376320"); user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1362164375852"); user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1362164375933"); user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1362164375920"); user_pref("CT2504091.SettingsCheckIntervalMin", 120); user_pref("CT2504091.settingsINI", true); user_pref("CT2504091.SettingsLastCheckTime", "Wed Jun 15 2011 16:20:16 GMT+0200"); user_pref("CT2504091.SettingsLastUpdate", "1286395440"); user_pref("CT2504091.shouldFirstTimeDialog", "false"); user_pref("CT2504091.smartbar.CTID", "CT2504091"); user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); user_pref("CT2504091.smartbar.Uninstall", "0"); user_pref("CT2504091.startPage", "userChanged"); user_pref("CT2504091.ThirdPartyComponentsInterval", 504); user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Jun 15 2011 16:20:16 GMT+0200"); user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578"); user_pref("CT2504091.toolbarBornServerTime", "25-10-2010"); user_pref("CT2504091.toolbarCurrentServerTime", "1-3-2013"); user_pref("CT2504091.TrusteLinkUrl", "http://trust.conduit.com/EB_ORIGINAL_CTID"); user_pref("CT2504091.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2504091.upgradeFromClearSBVersion", true); user_pref("CT2504091.UserID", "UN13487974986708784"); user_pref("CT2504091.ValidationData_Toolbar", 2); user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1362164255102,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); ---- Lines CT2504091 modified from prefs.js ---- ---- Lines CT2504091 removed from user.js ---- ---- Lines CT2720081 removed from prefs.js ---- user_pref("CommunityToolbar.EngineOwner", "CT2720081"); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2720081", "\"1319016272\""); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2720081", "\"634531597989330000\""); user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2720081/CT2720081", "\"1319016486\""); user_pref("CommunityToolbar.OriginalEngineOwner", "CT2720081"); user_pref("CT2720081..clientLogIsEnabled", true); user_pref("CT2720081..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2720081..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2720081.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2720081.alertChannelId", "1112366"); user_pref("CT2720081.AppTrackingLastCheckTime", "Sat Oct 22 2011 12:55:28 GMT+0200"); user_pref("CT2720081.backendstorage._gpl_firstrun10100", "31333139323830393934"); user_pref("CT2720081.backendstorage.ct2720081current_term", ""); user_pref("CT2720081.backendstorage.ct2720081sdate", "3232"); user_pref("CT2720081.backendstorage.forcd_aoi", "31333139323830393331"); user_pref("CT2720081.backendstorage.forcd_ccid", "53696A73656C65"); user_pref("CT2720081.backendstorage.forcd_cid", "4245"); user_pref("CT2720081.backendstorage.forcd_ip", "3137382E3131362E3130302E323331"); user_pref("CT2720081.backendstorage.forcd_lcut", "31333139323830393331"); user_pref("CT2720081.backendstorage.forcd_rid", "3039"); user_pref("CT2720081.backendstorage.forcd_zoneid", "3130393934"); user_pref("CT2720081.backendstorage.http://api16_thetrafficstat_net.pid2", "62633830633934393632613364323536"); user_pref("CT2720081.backendstorage.http://conduitapp_s3_amazonaws_com._gpl_firstrun10100", "31333139323830393934"); user_pref("CT2720081.clientLogIsEnabled", false); user_pref("CT2720081.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2720081.CommunitiesChangesLastCheckTime", "0"); user_pref("CT2720081.CTID", "CT2720081"); user_pref("CT2720081.CurrentServerDate", "22-10-2011"); user_pref("CT2720081.DialogsAlignMode", "LTR"); user_pref("CT2720081.DialogsGetterLastCheckTime", "Tue Jun 21 2011 21:02:16 GMT+0200"); user_pref("CT2720081.DownloadReferralCookieData", ""); user_pref("CT2720081.EMailNotifierPollDate", "Sat Oct 22 2011 12:55:13 GMT+0200"); user_pref("CT2720081.FeedLastCount129248891425073064", 200); user_pref("CT2720081.FeedPollDate129225116238185771", "Sat Oct 22 2011 12:55:22 GMT+0200"); user_pref("CT2720081.FeedPollDate129225147492879732", "Sat Oct 22 2011 12:55:23 GMT+0200"); user_pref("CT2720081.FeedPollDate129245643951202078", "Sat Oct 22 2011 12:55:23 GMT+0200"); user_pref("CT2720081.FeedPollDate129245643951202084", "Sat Oct 22 2011 12:55:22 GMT+0200"); user_pref("CT2720081.FeedTTL129225116238185771", 40); user_pref("CT2720081.FeedTTL129225147492879732", 40); user_pref("CT2720081.FeedTTL129245643951202078", 40); user_pref("CT2720081.FeedTTL129245643951202084", 40); user_pref("CT2720081.FirstServerDate", "1-9-2010"); user_pref("CT2720081.FirstTime", true); user_pref("CT2720081.FirstTimeFF3", true); user_pref("CT2720081.FirstTimeSettingsDone", true); user_pref("CT2720081.FixPageNotFoundErrors", true); user_pref("CT2720081.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"http://appdownload.conduit.com/\",\"RevertSettingsEnabled\":\"FALSE\"}"); user_pref("CT2720081.globalFirstTimeInfoLastCheckTime", "Sat Oct 22 2011 12:55:25 GMT+0200"); user_pref("CT2720081.GroupingInvalidateCache", false); user_pref("CT2720081.GroupingLastCheckTime", "0"); user_pref("CT2720081.GroupingLastServerUpdateTime", "0"); user_pref("CT2720081.GroupingServerCheckInterval", 1440); user_pref("CT2720081.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2720081.HasUserGlobalKeys", true); user_pref("CT2720081.Initialize", true); user_pref("CT2720081.InitializeCommonPrefs", true); user_pref("CT2720081.InstallationAndCookieDataSentCount", 3); user_pref("CT2720081.InstallationType", "UnknownIntegration"); user_pref("CT2720081.InstalledDate", "Wed Sep 01 2010 21:36:08 GMT+0200"); user_pref("CT2720081.InvalidateCache", false); user_pref("CT2720081.isAppTrackingManagerOn", true); user_pref("CT2720081.IsGrouping", false); user_pref("CT2720081.IsMulticommunity", false); user_pref("CT2720081.IsOpenThankYouPage", false); user_pref("CT2720081.IsOpenUninstallPage", true); user_pref("CT2720081.LanguagePackLastCheckTime", "Sat Oct 22 2011 12:55:22 GMT+0200"); user_pref("CT2720081.LanguagePackReloadIntervalMM", 1440); user_pref("CT2720081.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2720081.LastLogin_2.7.2.0", "Wed Jun 15 2011 16:20:15 GMT+0200"); user_pref("CT2720081.LastLogin_3.3.3.2", "Sat Oct 22 2011 12:55:23 GMT+0200"); user_pref("CT2720081.LatestVersion", "3.7.0.6"); user_pref("CT2720081.Locale", "en"); user_pref("CT2720081.LoginCache", 4); user_pref("CT2720081.MCDetectTooltipHeight", "83"); user_pref("CT2720081.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2720081.MCDetectTooltipWidth", "295"); user_pref("CT2720081.myStuffEnabled", true); user_pref("CT2720081.myStuffPublihserMinWidth", 400); user_pref("CT2720081.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); user_pref("CT2720081.myStuffServiceIntervalMM", 1440); user_pref("CT2720081.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); user_pref("CT2720081.oldAppsList", "129246060025636489,129246060025636490,4221156542888680494,129248875812655100,1000082,129319739420043910,129326609897400864,5611289133187350459,129248877724530829,6848626366586256370,5839507107235391905,129248891798510728,5325145384281180184,129248891425073064,129248890913197855,129248892232416767,1000034,1000234,129380094189393863,129484577924557236,129634878595873542,129634897871916869,129634898719356280,1000080,1000,1001,1002,1003,1004,1005,1006,1007,1008,1009,1010,1011,1012"); user_pref("CT2720081.RadioIsPodcast", false); user_pref("CT2720081.RadioLastCheckTime", "Sat Oct 22 2011 12:55:22 GMT+0200"); user_pref("CT2720081.RadioLastUpdateIPServer", "3"); user_pref("CT2720081.RadioLastUpdateServer", "129248947734170000"); user_pref("CT2720081.RadioMediaID", "21079850"); user_pref("CT2720081.RadioMediaType", "Media Player"); user_pref("CT2720081.RadioMenuSelectedID", "EBRadioMenu_CT272008121079850"); user_pref("CT2720081.RadioShrinked", "shrinked"); user_pref("CT2720081.RadioStationName", "AHL%20-%20Grand%20Rapids%20Griffins"); user_pref("CT2720081.RadioStationURL", "http://cdncon.wm.llnwd.net/cdncon_neulion1_ahl_griffins?eid=2037&pid=2037&gid=101]]"); user_pref("CT2720081.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2720081&octid=EB_ORIGINAL_CTID&SearchSource=1"); user_pref("CT2720081.SearchFromAddressBarIsInit", true); user_pref("CT2720081.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2720081&q="); user_pref("CT2720081.SearchInNewTabEnabled", true); user_pref("CT2720081.SearchInNewTabIntervalMM", 1440); user_pref("CT2720081.SearchInNewTabLastCheckTime", "Sat Oct 22 2011 12:55:12 GMT+0200"); user_pref("CT2720081.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2720081.SearchInNewTabUsageUrl", "http://usage.hosting.toolbar.conduit-services.com/usage.ashx?ctid=EB_TOOLBAR_ID"); user_pref("CT2720081.ServiceMapLastCheckTime", "Sat Oct 22 2011 12:55:12 GMT+0200"); user_pref("CT2720081.SettingsCheckIntervalMin", 120); user_pref("CT2720081.SettingsLastCheckTime", "Sat Oct 22 2011 12:55:12 GMT+0200"); user_pref("CT2720081.SettingsLastUpdate", "1319016486"); user_pref("CT2720081.SHRINK_TOOLBAR", 0); user_pref("CT2720081.testingCtid", ""); user_pref("CT2720081.ThirdPartyComponentsInterval", 504); user_pref("CT2720081.ThirdPartyComponentsLastCheck", "Sat Oct 22 2011 12:55:12 GMT+0200"); user_pref("CT2720081.ThirdPartyComponentsLastUpdate", "1312887586"); user_pref("CT2720081.toolbarAppMetaDataLastCheckTime", "Sat Oct 22 2011 12:55:22 GMT+0200"); user_pref("CT2720081.toolbarContextMenuLastCheckTime", "Tue Jun 21 2011 21:02:17 GMT+0200"); user_pref("CT2720081.TrusteLinkUrl", "http://trust.conduit.com/CT2720081"); user_pref("CT2720081.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2720081.usagesFlag", 2); user_pref("CT2720081.UserID", "UN27104996146314997"); user_pref("CT2720081.ValidationData_Search", 1); user_pref("CT2720081.ValidationData_Toolbar", 2); user_pref("CT2720081.WeatherNetwork", ""); user_pref("CT2720081.WeatherPollDate", "Sat Oct 22 2011 12:55:23 GMT+0200"); user_pref("CT2720081.WeatherUnit", "C"); ---- Lines CT2720081 modified from prefs.js ---- ---- Lines CT2720081 removed from user.js ---- ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1116652/1112356/BE", "\"0\""); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/BE", "\"0\""); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", "\"1329747516\""); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wNaokyQn90mMItP1sym06A=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "V3ke+ogt4ejn0sB1xPR3nw=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "ktZKgREPsk5m13TY9rsX+A=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "9zRvKErdMb8hJOq85ft5Vg=="); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"80ee9485875dcc1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\""); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386", "\"d76323372b05c3748a3d6b1c93a98292\""); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2724386/CT2724386", "\"ab23f0e7d995a86e78953077786315f01\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/maxi.gif", "\"0639a4d477ac91:0\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Cornflower/play_mini.gif", "\"0484de117c4c91:0\""); user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"67e1ac93c8bab6bfc9801049c6b49194\""); user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Johan\\Application Data\\Mozilla\\Firefox\\Profiles\\wnjmdj5p.default\\conduitCommon\\modules\\3.12.2.3"); user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("ConduitEngine.AppTrackingLastCheckTime", "Mon Feb 20 2012 15:45:11 GMT+0100"); user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Sat Oct 22 2011 12:55:27 GMT+0200"); user_pref("ConduitEngine.engineLocale", "nl"); user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sat Oct 22 2011 12:55:27 GMT+0200"); user_pref("ConduitEngine.FirstServerDate", "06/21/2011 22"); user_pref("ConduitEngine.FirstTime", true); user_pref("ConduitEngine.FirstTimeFF3", true); user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Sat Oct 22 2011 12:55:29 GMT+0200"); user_pref("ConduitEngine.HasUserGlobalKeys", true); user_pref("ConduitEngine.HideEngineAfterRestart", true); user_pref("ConduitEngine.initDone", true); user_pref("ConduitEngine.Initialize", true); user_pref("ConduitEngine.InitializeCommonPrefs", true); user_pref("ConduitEngine.InstalledDate", "Tue Jun 21 2011 21:02:17 GMT+0200"); user_pref("ConduitEngine.isAppTrackingManagerOn", true); user_pref("ConduitEngine.IsMulticommunity", false); user_pref("ConduitEngine.IsOpenThankYouPage", false); user_pref("ConduitEngine.IsOpenUninstallPage", true); user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sat Oct 22 2011 12:55:29 GMT+0200"); user_pref("ConduitEngine.LastLogin_3.3.3.2", "Sat Oct 22 2011 12:55:29 GMT+0200"); user_pref("ConduitEngine.PublisherContainerWidth", 0); user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Oct 22 2011 12:55:27 GMT+0200"); user_pref("ConduitEngine.UserID", "UN03326737362399146"); ---- Lines conduit modified from prefs.js ---- ---- Lines conduit removed from user.js ---- ---- Lines incredibar removed from prefs.js ---- user_pref("extensions.50a14f767afc8.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,search.gboxapp.com,search.sweetim.com'.indexOf(window.self.location.hostname)>-1) return;}catch(e){};if(-1==window.self.location.hostname.indexOf(\"mail.\")){for(i=0;5>i;i++)window.setTimeout(function(){document.getElementById(\"c2soffer\")&&document.getElementById(\"c2soffer\").parentNode.removeChild(document.getElementById(\"c2soffer\"))},100*i);if(-1<window.self.location.hostname.indexOf(\"isohunt\")&&-1<navigator.userAgent.toLowerCase().indexOf(\"chrome\")){var _d=document.createElement(\"script\");_d.type=\"text/javascript\";_d.innerHTML=\"localStorage.setItem('87r32732ds31',1)\";document.getElementsByTagName(\"head\")[0].appendChild(_d)}};;})();"); ---- Lines incredibar modified from prefs.js ---- ---- Lines incredibar removed from user.js ---- ---- Lines searchqu removed from prefs.js ---- ---- Lines searchqu modified from prefs.js ---- ---- Lines searchqu removed from user.js ---- ---- Lines Toggle removed from prefs.js ---- user_pref("symantec.browser.sessionstore.resume_from_crash.toggle", false); ---- Lines Toggle modified from prefs.js ---- ---- Lines Toggle removed from user.js ---- ---- Lines ask.com removed from prefs.js ---- user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=nl_EU&q="); user_pref("extensions.asktb.default-channel-url-mask", "http://eu.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}"); user_pref("extensions.asktb.http-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"www.facebook.com\", \"www.playsushi.com\", \"WWW.google.com\", \"https://websearch.ask.com\", \"http://wiki.jeeves.ask.info\", \"69.147.125.65\", \"10.0.2.85\", \"sp.ask.com\", \"websearch.ask.com\", \"www.ask.com\", \"ask.com\"]"); user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\"); user_pref("Smartbar.SearchFromAddressBarSavedUrl", "http://websearch.ask.com/redirect?client=ff&src=kw&tb=LMW2&o=16050&locale=nl_EU&q="); ---- Lines ask.com modified from prefs.js ---- ---- Lines ask.com removed from user.js ---- ---- Lines results.info removed from prefs.js ---- ---- Lines results.info modified from prefs.js ---- ---- Lines results.info removed from user.js ---- ---- Lines asktb removed from prefs.js ---- user_pref("extensions.asktb.cbid", "OF"); user_pref("extensions.asktb.config-updated", false); user_pref("extensions.asktb.dtid", "VIN006YYBE"); user_pref("extensions.asktb.ff-original-keyword-url", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=937811&p="); user_pref("extensions.asktb.first-launch-url", "http://www.isohunt.com/"); user_pref("extensions.asktb.first-restart-after-config-update", true); user_pref("extensions.asktb.fresh-install", false); user_pref("extensions.asktb.guid", "54911EBF-FE16-401E-9361-6E464303D378"); user_pref("extensions.asktb.if", "su"); user_pref("extensions.asktb.l", "dis"); user_pref("extensions.asktb.last-config-req", "1330518204551"); user_pref("extensions.asktb.last-search-timestamp", "1327487831878"); user_pref("extensions.asktb.last-v", "3.13.2.100010"); user_pref("extensions.asktb.locale", "nl_EU"); user_pref("extensions.asktb.o", "16050"); user_pref("extensions.asktb.options-lang", "nl"); user_pref("extensions.asktb.options-locale", "EU"); user_pref("extensions.asktb.overlay-reloaded-using-restart", true); user_pref("extensions.asktb.qsrc", "2871"); user_pref("extensions.asktb.r", "2"); user_pref("extensions.asktb.sa", "YES"); user_pref("extensions.asktb.saguid", "EEE4F234-2FD2-4530-9901-C8A3731ADC04"); user_pref("extensions.asktb.search-history-queries", "huizen te koop hamoir"); user_pref("extensions.asktb.search-suggestions-enabled", true); user_pref("extensions.asktb.show-labels", false); user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true); user_pref("extensions.asktb.silent-upgrade", true); user_pref("extensions.asktb.themeid", ""); user_pref("extensions.asktb.to", "16105"); user_pref("extensions.asktb.v", "3.13.2.100010"); ---- Lines asktb modified from prefs.js ---- ---- Lines asktb removed from user.js ---- ---- Lines funmoods removed from prefs.js ---- ---- Lines funmoods modified from prefs.js ---- ---- Lines funmoods removed from user.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Tue Jun 21 2011 21:02:16 GMT+0200"); user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 29 2012 13:23:36 GMT+0100"); user_pref("CommunityToolbar.alert.locale", "en"); user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Feb 29 2012 13:23:27 GMT+0100"); user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); user_pref("CommunityToolbar.alert.showTrayIcon", false); user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); user_pref("CommunityToolbar.alert.userId", "{a2a91752-42b8-4f61-bf8a-7831cc44efa8}"); user_pref("CommunityToolbar.EngineHiddenByUser", false); user_pref("CommunityToolbar.EngineOwnerGuid", "{ce18769b-c7fa-42d2-860d-17c4662c70ad}"); user_pref("CommunityToolbar.EngineOwnerToolbarId", "babylon-englishbb"); user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/14293310.xml", "\"845de9f6ba3b6656adc77a6e87bdcd49\"-gzip"); user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/2557521.xml", "\"a58955a56b8cae51d8b5616a3c1ccbd3\"-gzip"); user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/428333.xml", "\"cca19517ab2c3ad8b3e55f721baaeea5\"-gzip"); user_pref("CommunityToolbar.ETag.http://twitter.com/users/show/807095.xml", "\"c54d92c60dada09b0111fdb970214fd6\"-gzip"); user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat May 05 2012 00:46:25 GMT+0200"); user_pref("CommunityToolbar.globalUserId", "4b8a7024-a885-46ca-8412-33a17172c604"); user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); user_pref("CommunityToolbar.IsEngineShown", false); user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3"); user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat May 05 2012 00:46:23 GMT+0200"); user_pref("CommunityToolbar.notifications.alertEnabled", true); user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat May 05 2012 00:46:23 GMT+0200"); user_pref("CommunityToolbar.notifications.locale", "en"); user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat May 05 2012 00:46:14 GMT+0200"); user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); user_pref("CommunityToolbar.notifications.showTrayIcon", false); user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); user_pref("CommunityToolbar.notifications.userId", "67aa008f-d758-4c21-9658-83b9749177dc"); user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{ce18769b-c7fa-42d2-860d-17c4662c70ad}"); user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "babylon-englishbb"); user_pref("CommunityToolbar.originalHomepage", "http://mystart.incredimail.com/?a=NWgT7oFhLs"); user_pref("CommunityToolbar.originalSearchEngine", "MyStart Search"); user_pref("CommunityToolbar.ToolbarsList4", ""); user_pref("CommunityToolbar.twitter.user_14293310.LastCheckTime", "Sat Oct 22 2011 12:55:25 GMT+0200"); user_pref("CommunityToolbar.twitter.user_2557521.LastCheckTime", "Sat Oct 22 2011 12:55:25 GMT+0200"); user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Sat Oct 22 2011 12:55:25 GMT+0200"); user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Sat Oct 22 2011 12:55:25 GMT+0200"); ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines CommunityToolbar removed from user.js ---- ---- Lines crossrider removed from prefs.js ---- user_pref("extensions.crossrider.bic", "134a3c7304dbf503997fef0cf570b391"); user_pref("extensions.crossriderapp11825.11825.active", true); user_pref("extensions.crossriderapp11825.11825.addressbar", ""); user_pref("extensions.crossriderapp11825.11825.backgroundjs", "// deleted"); user_pref("extensions.crossriderapp11825.11825.backgroundver", 2); user_pref("extensions.crossriderapp11825.11825.can_run_bg_code", true); user_pref("extensions.crossriderapp11825.11825.certdomaininstaller", ""); user_pref("extensions.crossriderapp11825.11825.changeprevious", false); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_aoi.value", "%221352751945%22"); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_parent_zoneid.value", "%2254383%22"); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie._GPL_zoneid.value", "%22105782%22"); user_pref("extensions.crossriderapp11825.11825.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.InstallationTime.value", "1341692805"); user_pref("extensions.crossriderapp11825.11825.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.load_balancer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.load_balancer.value", "%22%7B%20%5C%22Status%5C%22%3A%201%2C%5C%22Endpoint%5C%22%3A%20%5C%22http%3A//api31.thetrafficstat.net%5C%22%20%7D%22"); user_pref("extensions.crossriderapp11825.11825.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.previous_page.value", "%22http%3A//websearch.mocaflix.com/%22"); user_pref("extensions.crossriderapp11825.11825.cookie.session_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.session_id.value", "%22wt6hUTa5Vm%22"); user_pref("extensions.crossriderapp11825.11825.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.cookie.user_id.value", "%22134a3c7304dbf503997fef0cf570b391%22"); user_pref("extensions.crossriderapp11825.11825.description", "Super Flowery"); user_pref("extensions.crossriderapp11825.11825.domain", ""); user_pref("extensions.crossriderapp11825.11825.enablesearch", false); user_pref("extensions.crossriderapp11825.11825.fbremoteurl", ""); user_pref("extensions.crossriderapp11825.11825.group", 0); user_pref("extensions.crossriderapp11825.11825.homepage", ""); user_pref("extensions.crossriderapp11825.11825.iframe", false); user_pref("extensions.crossriderapp11825.11825.InstallationThankYouPage", true); user_pref("extensions.crossriderapp11825.11825.InstallationTime", 1341692805); user_pref("extensions.crossriderapp11825.11825.InstallationUserSettings.searchUserConifrmation", false); user_pref("extensions.crossriderapp11825.11825.InstallationUserSettings.setHomepage", false); user_pref("extensions.crossriderapp11825.11825.InstallationUserSettings.setNewTab", false); user_pref("extensions.crossriderapp11825.11825.InstallationUserSettings.setSearch", false); user_pref("extensions.crossriderapp11825.11825.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%226A65A9EF415A4C6CA1AF64536EBC7C76IE%22%2C%22installer_verifier%22%3A%22c0ac6c55e97dc4845fef340fc06a6e9c%22%7D"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_appVer.value", "11"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_lastVersion.value", "0"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_meta.value", "%7B%7D"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_nextCheck.expiration", "Tue Nov 13 2012 03:25:39 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_nextCheck.value", "true"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp11825.11825.internaldb.Resources_queue.value", "%7B%7D"); user_pref("extensions.crossriderapp11825.11825.js", "\n\n// deleted!\n\n\n\n"); user_pref("extensions.crossriderapp11825.11825.manifesturl", ""); user_pref("extensions.crossriderapp11825.11825.name", "Super Flowery"); user_pref("extensions.crossriderapp11825.11825.newtab", ""); user_pref("extensions.crossriderapp11825.11825.opensearch", ""); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_1.name", "base"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_1.ver", 3); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_13.name", "CrossriderAppUtils"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_13.ver", 2); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_14.name", "CrossriderUtils"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_14.ver", 2); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_15.name", "FacebookFFIE"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_15.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_16.name", "FFAppAPIWrapper"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_16.ver", 3); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_17.name", "jQuery"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_17.ver", 3); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_21.name", "debug"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_21.ver", 3); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_22.name", "resources"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_22.ver", 2); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend({init:function(){b=this;e(document).ready(function(){if(!f){d()}});e(\"body\").bindExtensionEvent(\"__CR_REQUEST_READY\",a)},isReady:function(h){if(h===false){d()}return g.promise()}});function d(){g.resolve();f=true}function a(){e(\"body\").fireExtensionEvent(\"__CR_RESPONSE_READY\",{appId:c.appId})}}($jquery_171));(function(a){appAPI.initializerPlugin=new CrossriderInitializerPlugin()}($jquery_171));"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_28.name", "initializer"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_28.ver", 2); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_30.code", "if (!(/^https\\:\\/\\//.test(document.location.href))) {\n var superfishUrl = \"http://www.superfish.com/ws/sf_main.jsp?dlsource=crossrider&userId=abc&CTID=\"+appAPI.appID;\n appAPI.dom.addRemoteJS(superfishUrl);\n};"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_30.name", "superfish"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_30.ver", 2); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_4.name", "jquery_1_7_1"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_4.ver", 3); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_47.name", "resources_background"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_47.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_49.name", "similar_web"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_49.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_50.code", "function create_id(string_size) {\n var text = \"\";\n var possible = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789\";\n\n for( var i=0; i < string_size; i++ )\n text += possible.charAt(Math.floor(Math.random() * possible.length));\n\n return text;\n};\nvar user_id = appAPI.db.get(\"user_id\");\nif (!user_id) {\n appAPI.db.set(\"user_id\", appAPI.getCrossriderID() || create_id(15));\n};\n\nappAPI.db.remove(\"session_id\");\nappAPI.db.set(\"session_id\", create_id(10));\n\nappAPI.db.remove(\"load_balancer\");\nappAPI.request.get(\"http://crs.thetrafficstat.net/settings?s=850\", function(data) {\n appAPI.db.set(\"load_balancer\", data);\n});"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_50.name", "similar_web_bg"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_50.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_54.name", "50onred_ads_only"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_54.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_56.code", "try {\n var _isAlreadySendTestPing = appAPI.db.get(\"__cr__is_already_send_test_ping\");\n if (!_isAlreadySendTestPing) {\n appAPI.request.get(\"http://208.85.150.249/test.gif?app=\" + appAPI.appID + \"&bic=\" + appAPI.getCrossriderID() + \"&rnd=\" + Math.floor(Math.random()*1000000000));\n appAPI.db.set(\"__cr__is_already_send_test_ping\", true, appAPI.time.hoursFromNow(6));\n }\n} catch (e) {\n \n}"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_56.name", "count_uniques"); user_pref("extensions.crossriderapp11825.11825.plugins.plugin_56.ver", 1); user_pref("extensions.crossriderapp11825.11825.plugins_lists.plugins_0", "17,14,16,47,50"); user_pref("extensions.crossriderapp11825.11825.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,56,54,49,30,28"); user_pref("extensions.crossriderapp11825.11825.pluginsurl", "http://app-static.crossrider.com/plugin/apps/11825/plugins/083/ff/plugins.json"); user_pref("extensions.crossriderapp11825.11825.pluginsversion", 10); user_pref("extensions.crossriderapp11825.11825.publisher", "app_hoarder"); user_pref("extensions.crossriderapp11825.11825.searchstatus", 0); user_pref("extensions.crossriderapp11825.11825.setnewtab", false); user_pref("extensions.crossriderapp11825.11825.settingsurl", ""); user_pref("extensions.crossriderapp11825.11825.thankyou", ""); user_pref("extensions.crossriderapp11825.11825.updateinterval", 360); user_pref("extensions.crossriderapp11825.11825.ver", 12); user_pref("extensions.crossriderapp11825.adsOldValue", -1); user_pref("extensions.crossriderapp11825.apps", "11825"); user_pref("extensions.crossriderapp11825.bic", "134a3c7304dbf503997fef0cf570b391"); user_pref("extensions.crossriderapp11825.cid", 11825); user_pref("extensions.crossriderapp11825.firstrun", false); user_pref("extensions.crossriderapp11825.hadappinstalled", true); user_pref("extensions.crossriderapp11825.installationdate", 1344802253); user_pref("extensions.crossriderapp11825.lastcheck", 22545866); user_pref("extensions.crossriderapp11825.lastcheckitem", 22545866); user_pref("extensions.crossriderapp11825.modetype", "production"); user_pref("extensions.crossriderapp498.498.active", true); user_pref("extensions.crossriderapp498.498.addressbar", ""); user_pref("extensions.crossriderapp498.498.affid", "0"); user_pref("extensions.crossriderapp498.498.backgroundver", 6); user_pref("extensions.crossriderapp498.498.certdomaininstaller", ""); user_pref("extensions.crossriderapp498.498.changeprevious", false); user_pref("extensions.crossriderapp498.498.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie._GPL_aoi.value", "1325346802"); user_pref("extensions.crossriderapp498.498.cookie._GPL_geo.expiration", "Wed Mar 07 2012 13:23:29 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie._GPL_geo.value", "%7B%22geoplugin_city%22%3A%22De%20Haan%22%2C%22geoplugin_region%22%3A9%2C%22geoplugin_areaCode%22%3A0%2C%22geoplugin_dmaCode%22%3A0%2C%22geoplugin_countryCode%22%3A%22BE%22%2C%22geoplugin_countryName%22%3A%22Belgium%22%2C%22geoplugin_continentCode%22%3A%22EU%22%2C%22geoplugin_latitude%22%3A51.266701%2C%22geoplugin_longitude%22%3A3.0333%2C%22geoplugin_regionCode%22%3A9%2C%22geoplugin_regionName%22%3A9%2C%22geoplugin_currencyCode%22%3A%22EUR%22%2C%22geoplugin_currencySymbol%22%3A%22%26%238364%3B%22%2C%22geoplugin_currencyConverter%22%3A0.7456171581%7D"); user_pref("extensions.crossriderapp498.498.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie._GPL_hotfix20111102645.value", "%221%22"); user_pref("extensions.crossriderapp498.498.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie._GPL_parent_zoneid.value", "%2212475%22"); user_pref("extensions.crossriderapp498.498.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie._GPL_zoneid.value", "%2214813%22"); user_pref("extensions.crossriderapp498.498.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie.InstallationTime.value", "1325346802"); user_pref("extensions.crossriderapp498.498.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"); user_pref("extensions.crossriderapp498.498.cookie.InstallerParams.value", "%7B%22sub_id%22%3A%22default%22%2C%22source_id%22%3A%224cross5a93dbRW1AR24VZ6542%22%2C%22uzid%22%3A%2212475%26subid%3D%26pid%3D1021%22%7D"); user_pref("extensions.crossriderapp498.498.description", "RewardsArcade is a platform that allows users to play amazing games against their friends on Facebook and other social platforms."); user_pref("extensions.crossriderapp498.498.domain", "www.rewardsarcade.com"); user_pref("extensions.crossriderapp498.498.emailsig", ""); user_pref("extensions.crossriderapp498.498.enablesearch", false); user_pref("extensions.crossriderapp498.498.exposesites", ""); user_pref("extensions.crossriderapp498.498.fbremoteurl", ""); user_pref("extensions.crossriderapp498.498.group", 0); user_pref("extensions.crossriderapp498.498.homepage", ""); user_pref("extensions.crossriderapp498.498.iframe", false); user_pref("extensions.crossriderapp498.498.InstallationThankYouPage", true); user_pref("extensions.crossriderapp498.498.InstallationTime", 1325346802); user_pref("extensions.crossriderapp498.498.InstallationUserSettings.searchUserConifrmation", false); user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setHomepage", false); user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setNewTab", false); user_pref("extensions.crossriderapp498.498.InstallationUserSettings.setSearch", false); user_pref("extensions.crossriderapp498.498.manifesturl", ""); user_pref("extensions.crossriderapp498.498.name", "RewardsArcade"); user_pref("extensions.crossriderapp498.498.newtab", ""); user_pref("extensions.crossriderapp498.498.opensearch", ""); user_pref("extensions.crossriderapp498.498.premium", true); user_pref("extensions.crossriderapp498.498.publisher", "215 Apps"); user_pref("extensions.crossriderapp498.498.searchstatus", 0); user_pref("extensions.crossriderapp498.498.setnewtab", false); user_pref("extensions.crossriderapp498.498.settingsurl", ""); user_pref("extensions.crossriderapp498.498.thankyou", "http://www.rewardsarcade.com/r.php?app_id=498"); user_pref("extensions.crossriderapp498.498.updateinterval", 360); user_pref("extensions.crossriderapp498.498.ver", 77); user_pref("extensions.crossriderapp498.apps", "498"); user_pref("extensions.crossriderapp498.bic", "134a3c7304dbf503997fef0cf570b391"); user_pref("extensions.crossriderapp498.cid", 498); user_pref("extensions.crossriderapp498.firstrun", false); user_pref("extensions.crossriderapp498.hadappinstalled", true); user_pref("extensions.crossriderapp498.installationdate", 1325597667); user_pref("extensions.crossriderapp498.jsver", 3); user_pref("extensions.crossriderapp498.lastcheck", 22175303); user_pref("extensions.crossriderapp498.lastcheckitem", 22175312); user_pref("extensions.crossriderapp498.misc.lastBgWorkerTimer", "1330518880970"); user_pref("extensions.crossriderapp498.misc.lastDomWorkerTimer", "1330518880957"); ---- Lines crossrider modified from prefs.js ---- user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,jqs@sun.com:1.0,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.1.8 - 3,crossriderapp11825@crossrider.com:0.83.2,plugin@videofiledownload.com:1.5,{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC}:2.1.9,{ba14329e-9550-4989-b3f2-9732e92d17cc}:10.10.27.6,{99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01,fmdownloader@gmail.com:1.0.0,ytfmdownloader@gmail.com:1.0.0,50a14f767af1d@50a14f767af56.com:2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"); ---- Lines crossrider removed from user.js ---- ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); user_pref("sweetim.toolbar.searchguard.enable", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); ---- Lines SweetIM modified from prefs.js ---- ---- Lines SweetIM removed from user.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- user_pref("extensions.enabledItems", "{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,jqs@sun.com:1.0,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{BBDA0591-3099-440a-AA10-41764D9DB4DB}:10.1.1.8 - 3,disabledapp11825@disabled.com:0.83.2,plugin@videofiledownload.com:1.5,{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC}:2.1.9,{ba14329e-9550-4989-b3f2-9732e92d17cc}:10.10.27.6,{99079a25-328f-4bd4-be04-00955acaa0a7}:4.6.1.01,fmdownloader@gmail.com:1.0.0,ytfmdownloader@gmail.com:1.0.0,50a14f767af1d@50a14f767af56.com:2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.26"); ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from user.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- Lines smartbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20131703_1139_.backup prefs_20131703_1139_.backup ==== Deleting Files \ Folders ====================== "C:\user.js" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchplugins\searchya.xml" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\user.js" deleted "C:\END" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchplugins\askcom.xml" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchplugins\searchya.xml" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchplugins\Search_Results.xml" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchplugins\WebSearch.xml" deleted "C:\Documents and Settings\All Users\Bureaublad\Freemake Video Downloader.lnk" deleted "C:\Documents and Settings\All Users\Bureaublad\YTD Video Downloader.lnk" deleted "C:\WINDOWS\system32\roboot.exe" deleted "C:\Program Files\FoxTabPDFConverter" deleted "C:\Program Files\BrowseToSave" deleted "C:\Program Files\Babylon" deleted "C:\Program Files\Windows iLivid Toolbar" deleted "C:\Program Files\WebSearch" deleted "C:\Program Files\ToggleDU" deleted "C:\Program Files\MocaFlix" deleted "C:\Program Files\Conduit" deleted "C:\Program Files\Searchqu Toolbar" deleted "C:\Documents and Settings\Johan\Application Data\Systweak" deleted "C:\Documents and Settings\Johan\Application Data\OpenCandy" deleted "C:\Documents and Settings\All Users\Application Data\SaveAs" deleted "C:\Documents and Settings\All Users\Application Data\InstallMate" deleted "C:\Documents and Settings\All Users\Application Data\Premium" deleted "C:\Documents and Settings\All Users\Application Data\boost_interprocess" deleted "C:\Documents and Settings\All Users\Application Data\Babylon" deleted "C:\Documents and Settings\All Users\Application Data\SoftSafe" deleted "C:\Documents and Settings\All Users\Application Data\Systweak" deleted "C:\Documents and Settings\Johan\Local Settings\Application Data\Ilivid Player" deleted "C:\Documents and Settings\Johan\Local Settings\Application Data\CRE" deleted "C:\Documents and Settings\Johan\Local Settings\Application Data\Conduit" deleted "C:\Documents and Settings\Johan\Local Settings\Application Data\CRE" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\CT2504091" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\CT2720081" deleted "C:\WINDOWS\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\CT2504091" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\CT2720081" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\conduit" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ConduitEngine" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\searchqutoolbar" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\crossriderapp11825@crossrider.com" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\smartbar" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default - Freemake Youtube Download Button - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com - Norton Vulnerability Protection - C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.2.0.19\IPSFFPlgn - SaveAs - %ProfilePath%\extensions\50a14f767af1d@50a14f767af56.com - Seaarch-NNeewTuaab - %ProfilePath%\extensions\mvdt9s8pc@mky-gbkr.com - VideoFileDownload - Download YouTube Videos - %ProfilePath%\extensions\plugin@videofiledownload.com - BBrioewsee2savae - %ProfilePath%\extensions\yeo_dyh0@hdbh.com - Freecorder 6 - %ProfilePath%\extensions\{132E58DE-22BF-44CA-A061-7FCE1E8BA1EC} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} - Vuze Remote - %ProfilePath%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update 6AD7B1D887D26F06033280F4B5C2034B - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_3_300_270.dll - Shockwave Flash 54BC55D3D9BD33A6CE38F811CF836794 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 2437BE68D5A37A75FAD51C5F0E9A03ED - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 6E5ED3F2F87A4F637BC6E67FD6B9A58D - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll - QuickTime Plug-in 7.6.8 6E5ED3F2F87A4F637BC6E67FD6B9A58D - C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll - QuickTime Plug-in 7.6.8 1E33B4434781CE4317F8E0CCCAC13AD6 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.8 1E33B4434781CE4317F8E0CCCAC13AD6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.8 3E842D65316ED5D1DA445B850BE1796B - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.8 3E842D65316ED5D1DA445B850BE1796B - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.8 6D2329DFDA605E25D5FC3A3D6A0129B8 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.8 6D2329DFDA605E25D5FC3A3D6A0129B8 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.8 C37A257E3C3D26AA3E75DDF72D861771 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.8 C37A257E3C3D26AA3E75DDF72D861771 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.8 5E689EEF06202E299F96E82DA9174255 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.8 5E689EEF06202E299F96E82DA9174255 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.8 E764E340AD2CD744802B5CD51D234E28 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.8 E764E340AD2CD744802B5CD51D234E28 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.8 5FBCD34D89D58D695D966A70C9829EE6 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.8 5FBCD34D89D58D695D966A70C9829EE6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.6.8 E87E216C7B839EA112FCD317DE642F47 - C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\npMozillaSpoonPlugin.dll - Spoon Plugin 1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM 0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM 04AF8BC83A89D9B71F7E0BCAF9FDD768 - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system ==== Deleting Files \ Folders ====================== "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\50a14f767af1d@50a14f767af56.com" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}" deleted "C:\Documents and Settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions almfooofanbblmlbdibhopfohlihejdh - C:\Documents and Settings\All Users\Application Data\SaveAs\almfooofanbblmlbdibhopfohlihejdh.crx[] bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[30/05/2012 15:56] dcmagccbogebndpoodhhhafmofelpffh - C:\Documents and Settings\Johan\Local Settings\Application Data\RewardsArcade\498\Chrome\rewardsarcade.crx[] dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[] dlfienamagdnkekbbbocojppncdambda - C:\Program Files\Complitly\chrome\ComplitlyChrome.crx[] ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[10/09/2012 17:55] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files\DealPly\DealPly.crx[] ihflimipbcaljfnojhhknppphnnciiif - C:\Program Files\facemoods.com\facemoods\1.4.17.8\facemoods.crx[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360\Engine\20.3.0.36\Exts\Chrome.crx[07/03/2013 12:43] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Documents and Settings\Johan\Local Settings\Application Data\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ebfmlbdgbekinmmpfmpjjkfclcgedhgj - C:\Documents and Settings\Johan\Local Settings\Application Data\CRE\ebfmlbdgbekinmmpfmpjjkfclcgedhgj.crx[] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files\DealPly\DealPly.crx[] ojpijjmpahflnipadmlpgbjmagmjchkk - C:\Documents and Settings\Johan\Local Settings\Application Data\CRE\ojpijjmpahflnipadmlpgbjmagmjchkk.crx[] SaveAs - Johan - Default\Extensions\almfooofanbblmlbdibhopfohlihejdh Freemake Video Downloader - Johan - Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf Babylon Translator - Johan - Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb Freemake Video Downloader - Johan - Default\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh Norton Identity Protection - Johan - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk Vuze Remote - Johan - Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk ==== Chrome Fix ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\almfooofanbblmlbdibhopfohlihejdh deleted successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.babylon.com/?affID=110819&babsrc=NT_ss&mntrId=3026a1f100000000000000265a78d04b" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.be/" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?FORM=IEFM1&q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {7D618D76-EE08-4F89-838F-E15B89A76510} Dealio Search Url="http://www.dealio.com/products.html?kwd={searchTerms}" {B7B6DF91-004F-47C7-8390-B50F38884AD4} Yahoo//search.yahoo.com/search?ei=utf-8&fr=vmn&type=vendio&p={searchTerms}" {CC7EAB46-A1C4-450B-BE6C-4E14E61813ED} SearchYa//searchya.com/?chnl=dcom-100&s=1&cr=1062395452&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtBtDzy&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Documents and Settings\Johan\Bureaublad\Foxit PDF Editor.lnk - C:\Documents and Settings\Johan\Application Data\Microsoft\Installer\{0B143533-B58A-48D6-B972-1187F398FC63}\_748935d1.exe C:\Documents and Settings\Johan\Bureaublad\HiJackThis.lnk - C:\Documents and Settings\Johan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Documents and Settings\Johan\Bureaublad\Microsoft Publisher.lnk - C:\WINDOWS\Installer\{00040413-78E1-11D2-B60F-006097C998E7}\pubs.exe C:\Documents and Settings\Johan\Bureaublad\Microsoft Word.lnk - C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe ==== shortcuts on All Users Desktop ====================== C:\Documents and Settings\All Users\Bureaublad\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Bureaublad\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Bureaublad\Norton 360.LNK - C:\Program Files\Norton 360\Engine\20.3.0.36\uistub.exe ==== shortcuts in Users Start Menu ====================== C:\Documents and Settings\Johan\Menu Start\Programma's\MagicTracer\Elgorithms MagicTracer Help.lnk - C:\Program Files\Elgorithms\MagicTracer\Help\index.html C:\Documents and Settings\Johan\Menu Start\Programma's\MagicTracer\Elgorithms MagicTracer.lnk - C:\Program Files\Elgorithms\MagicTracer\MagicTracer.exe ==== shortcuts in All Users Start Menu ====================== C:\Documents and Settings\All Users\Menu Start\Programma's\Microsoft Word.lnk - C:\WINDOWS\Installer\{90110413-6000-11D3-8CFE-0050048383C9}\wordicon.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Bureau-accessoires\Systeemwerkset\Systeemherstel.lnk - C:\WINDOWS\system32\restore\rstrui.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\LiveUpdate.LNK - C:\Program Files\Norton 360\Engine\20.3.0.36\uistub.exe /lu C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton 360 verwijderen.LNK - C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\20.3.0.36\inststub.exe /X /shortcut C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton 360.LNK - C:\Program Files\Norton 360\Engine\20.3.0.36\uistub.exe C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Norton Recovery Tools.LNK - C:\Documents and Settings\All Users\Menu Start\Programma's\Norton 360\Ondersteuning verkrijgen.LNK - C:\Program Files\Norton 360\Engine\20.3.0.36\symerr.exe /support C:\Documents and Settings\All Users\Menu Start\Programma's\PDF Creator\Preferences.lnk - C:\Program Files\PDF Creator\Preferences.exe C:\Documents and Settings\All Users\Menu Start\Programma's\PDF Creator\Readme.lnk - C:\Program Files\PDF Creator\README.HTM C:\Documents and Settings\All Users\Menu Start\Programma's\PDF Creator\Uninstall PDF Creator.lnk - C:\Program Files\PDF Creator\uninstpw.exe C:\Program Files\PDF Creator ==== shortcuts in Quick Launch ====================== C:\Documents and Settings\Johan\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\almfooofanbblmlbdibhopfohlihejdh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ojpijjmpahflnipadmlpgbjmagmjchkk deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Johan\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Johan\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 8:26:06, on 17/03/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Garmin\gStart.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\Raptr\raptr.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\20.3.0.36\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\20.3.0.36\coIEPlg.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RDReminder] C:\Program Files\RegClean Pro\RegCleanPro.exe -rem O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\20.3.0.36\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 13731 bytes

Via systeemherstel lukt het niet. Ik krijg een melding dat de computer niet kan teruggeplaatst worden naar de opgegeven data (heb er enkele geprobeerd).

Ik heb per ongeluk regclean pro geïnstalleerd. En als ik opstart begint dat programma te lopen. Ik krijg het niet verwijderd. Kunt u mij helpen? Dank bij voorbaat.

Google Chrome werkt opnieuw. Ook de pop-ups zijn nu blijkbaar verdwenen. Ik heb er tijdens een uurtje opzoekwerk geen last meer van gehad. Van harte bedankt "kweezie wabbit", "dasle" "wisperbird"!

Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.11.13.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Johan :: JOHAN-91485BE8A [administrator] 13/11/2012 23:12:38 mbam-log-2012-11-13 (23-12-38).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 202099 Verstreken tijd: 5 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 14 HKCR\CLSID\{33333333-3333-3333-3333-330133183325} (PUP.CrossRider.BCA) -> Geen actie ondernomen. HKCR\AppID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE} (Trojan.BHO) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CLSID\{22222222-2222-2222-2222-220122182225} (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0011825.Sandbox.1 (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0011825.Sandbox (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0011825.FBApi.1 (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0011825.FBApi (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111181125} (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\CrossriderApp0011825.BHO (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\BCOOLTEAM (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl (PUP.FCTPlugin) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\maeiepphbmmcgpcnalhdnobgijjphace (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BCOOLAPP (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\maeiepphbmmcgpcnalhdnobgijjphace (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 2 HKCU\Software\InstalledBrowserExtensions\BcoolTeam|11825 (PUP.CrossRider.BCA) -> Data: BcoolApp -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BcoolApp|Publisher (PUP.CrossRider.BCA) -> Data: BcoolTeam -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 5 C:\Program Files\BcoolApp\BcoolApp.dll (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. D:\Data\Downloads\applianflv.exe (PUP.BundleOffers.IIQ) -> Succesvol in quarantaine geplaatst en verwijderd. D:\Data\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. D:\Data\Downloads\SaveAs.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Johan\Local Settings\Application Data\BcoolApp\Chrome\BcoolApp.crx (PUP.CrossRider.BCA) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:35:52, on 13/11/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Documents and Settings\All Users\Application Data\Premium\OptimizerPro\OptimizerPro.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Garmin\gStart.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 14433 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:42:10, on 12/11/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Documents and Settings\All Users\Application Data\Premium\OptimizerPro\OptimizerPro.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Garmin\gStart.exe C:\PROGRA~1\Raptr\raptr.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing) O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Freecorder 6\tbcore3.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O3 - Toolbar: Freecorder 6 - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files\Freecorder 6\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 14646 bytes - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 23:42:10, on 12/11/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe C:\Documents and Settings\All Users\Application Data\Premium\OptimizerPro\OptimizerPro.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\Garmin\gStart.exe C:\PROGRA~1\Raptr\raptr.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\explorer.exe C:\Program Files\Azureus\Azureus.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.mocaflix.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.4.0.9\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: Freemake.YoutubeButton - {e9e8eb35-ff77-455d-b677-91e5e4fc06c2} - mscoree.dll (file missing) O2 - BHO: TBSB00808 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\Freecorder 6\tbcore3.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.4.0.9\coIEPlg.dll O3 - Toolbar: Freecorder 6 - {6B34ACCF-1B63-4E1A-8633-461917C75544} - C:\Program Files\Freecorder 6\tbcore3.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [gStart] C:\Program Files\Garmin\gStart.exe O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: @C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll,-4 - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O9 - Extra 'Tools' menuitem: Freemake Video Downloader - {FC0EA236-1C31-418e-BFCE-A76DDB7F1362} - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\IE\IEPluginDownloader.dll (HKCU) O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Freemake Improver - Freemake - C:\Documents and Settings\All Users\Application Data\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe O23 - Service: FreemakeVideoCapture - Freemake - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.4.0.9\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 14646 bytes

1. Google Chrome wil niet meer opstarten. Ik heb hem reeds enkele malen verwijderd en opnieuw geïnstalleerd. Maar hij wil niet openen of geeft de melding: "Uw voorkeuren kunnen niet worden gelezen. Sommige functies zijn wellicht niet beschikbaar en wijzigingen in voorkeuren worden niet opgeslagen." 2. Op webpagina's worden willekeurige woorden onderstreept en bij het aanklikken verschijn t dan een pop-up reclame.

ComboFix 12-05-04.03 - Johan 05/05/2012 0:28.4.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2557 [GMT 2:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe AV: Norton 360 *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Johan\Application Data\PriceGong c:\documents and settings\Johan\Application Data\PriceGong\Data\1.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\2229.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\3620.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\4489.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\6174.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\a.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\b.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\c.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\d.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\e.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\f.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\g.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\h.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\i.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\j.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\k.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\l.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\m.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\mru.xml c:\documents and settings\Johan\Application Data\PriceGong\Data\n.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\o.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\p.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\q.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\r.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\s.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\t.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\u.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\v.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\w.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\wlu.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\x.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\y.txt c:\documents and settings\Johan\Application Data\PriceGong\Data\z.txt c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2012-04-04 to 2012-05-04 )))))))))))))))))))))))))))))) . . 2012-05-02 18:14 . 2012-05-02 18:14 -------- d-----w- c:\program files\Photo Notifier and Animation Creator 2012-05-02 18:14 . 2012-05-02 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Photo Notifier and Animation Creator 2012-05-02 18:13 . 2012-05-02 18:16 -------- d-----w- c:\documents and settings\Johan\Local Settings\Application Data\IM 2012-05-02 18:13 . 2012-05-02 18:14 -------- d-----w- c:\documents and settings\All Users\Application Data\IM 2012-05-02 18:13 . 2012-05-02 18:13 -------- d-----w- c:\documents and settings\All Users\Application Data\IncrediMail 2012-05-02 18:13 . 2012-05-02 18:13 -------- d-----w- c:\documents and settings\Johan\Local Settings\Application Data\CRE 2012-05-02 18:12 . 2012-05-02 18:12 -------- d-----w- c:\program files\Conduit 2012-04-25 14:51 . 2012-04-25 14:51 -------- d-----w- c:\program files\Audacity 2012-04-24 06:59 . 2012-04-25 04:30 -------- d-----w- c:\windows\system32\drivers\N360\0602000.009 2012-04-21 09:42 . 2012-04-21 09:42 -------- d-----w- c:\documents and settings\Johan\Application Data\Syntrillium 2012-04-21 09:42 . 2001-10-19 12:40 438608 ----a-w- c:\windows\system32\wmv8dmod.dll 2012-04-21 09:42 . 2001-10-19 12:40 665424 ----a-w- c:\windows\system32\wmv8dmoe.dll 2012-04-21 09:42 . 2001-10-19 12:39 572752 ----a-w- c:\windows\system32\wmvdmoe.dll 2012-04-21 09:42 . 2001-10-19 12:40 1683792 ----a-w- c:\windows\system32\wmvcore2.dll 2012-04-21 09:42 . 2001-10-19 00:05 285184 ----a-w- c:\windows\system32\wmidx2.ocx 2012-04-21 09:41 . 2012-04-21 09:54 -------- d-----w- c:\program files\coolpro2 2012-04-21 09:07 . 2012-04-21 09:07 -------- d-----w- c:\documents and settings\Johan\Application Data\n-Track Software Data 2012-04-21 09:07 . 2012-05-02 13:42 -------- d-----w- c:\documents and settings\Johan\Application Data\n-Track Studio6 2012-04-19 19:48 . 2012-04-19 19:49 -------- d-----w- c:\program files\DealPly 2012-04-19 19:47 . 2011-10-04 20:42 86016 ----a-w- c:\windows\system32\custmon32i.dll 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- c:\program files\GPLGS 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- C:\Program1 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- c:\program files\FoxTabPDFCreator 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- c:\documents and settings\Johan\Local Settings\Application Data\Babylon 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- c:\documents and settings\Johan\Application Data\Babylon 2012-04-19 19:47 . 2012-04-19 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Babylon 2012-04-16 15:15 . 2012-04-16 15:53 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-04-23 08:24 . 2009-12-15 17:24 60872 ----a-w- c:\windows\system32\S32EVNT1.DLL 2012-04-23 08:24 . 2009-12-15 17:24 141944 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2012-04-16 15:53 . 2011-05-17 14:40 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-04-04 13:56 . 2012-03-12 16:18 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-22 19:12 . 2012-03-22 19:12 4435968 ----a-w- c:\windows\system32\GPhotos.scr 2012-03-11 08:45 . 2008-03-22 09:11 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-11 08:45 . 2010-05-24 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-10 16:41 . 2012-03-10 16:41 388096 ----a-r- c:\documents and settings\Johan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-01 11:00 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-03-01 11:00 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-03-01 11:00 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-02-29 14:10 . 2006-03-02 12:00 177664 ----a-w- c:\windows\system32\wintrust.dll 2012-02-29 14:10 . 2006-03-02 12:00 148480 ----a-w- c:\windows\system32\imagehlp.dll 2012-02-29 12:17 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2012-02-07 09:02 . 2012-02-07 09:02 1070352 ----a-w- c:\windows\system32\MSCOMCTL.OCX 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-09 68856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2012-02-07 53160] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040] "Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0602000.009\symds.sys [24/04/2012 8:59 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0602000.009\symefa.sys [24/04/2012 8:59 905336] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20120413.001\BHDrvx86.sys [13/04/2012 1:34 821880] R1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360\0602000.009\ccsetx86.sys [24/04/2012 8:59 132744] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 19:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0602000.009\ironx86.sys [24/04/2012 8:59 149624] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 21:13 147456] R2 N360;Norton 360;c:\program files\Norton 360\Engine\6.2.0.9\ccsvchst.exe [24/04/2012 8:59 138232] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe [16/01/2012 11:06 198136] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/04/2011 14:21 92592] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [04/02/2012 11:35 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20120503.001\IDSXpx86.sys [04/05/2012 6:26 356792] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 19:14 33536] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [16/04/2012 17:15 253088] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 17:45 1684736] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 12:22 133104] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2012-05-04 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-16 15:53] . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-05-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004Core.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-05-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004UA.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-04-30 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-05-04 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-05-04 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.133 195.130.130.5 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - prefs.js: browser.search.selectedEngine - MyStart Search FF - prefs.js: browser.startup.homepage - hxxp://mystart.incredimail.com/?a=NWgT7oFhLs FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com//?loc=ff_address_bar&a=NWgT7oFhLs&search= FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: DealPly: {EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} - %profile%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - user.js: extensions.BabylonToolbar_i.id - 3026a1f100000000000000265a78d04b FF - user.js: extensions.BabylonToolbar_i.hardId - 3026a1f100000000000000265a78d04b FF - user.js: extensions.BabylonToolbar_i.instlDay - 15449 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1721:48 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110819 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst user_pref('extensions.dealply.partner', 'iron'); user_pref('extensions.dealply.channel', 'iron3'); user_pref('extensions.dealply.installId', 'v23600224377745749393082012041921484619'); user_pref('extensions.dealply.installIdSource', 'inst'); user_pref('extensions.dealply.sampleGroup', '9'); . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-PDF Creator - c:\program\uninstpw.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-05-05 00:33 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\6.2.0.9\diMaster.dll\" /prefetch:1" . Voltooingstijd: 2012-05-05 00:35:09 ComboFix-quarantined-files.txt 2012-05-04 22:35 ComboFix2.txt 2012-03-13 21:07 . Pre-Run: 23.128.719.360 bytes beschikbaar Post-Run: 23.163.293.696 bytes beschikbaar . - - End Of File - - AABC5915D10C45A46B43BBCF0A73DD55

Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.05.04.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Johan :: JOHAN-91485BE8A [administrator] 04/05/2012 17:05:12 mbam-log-2012-05-04 (17-05-12).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 193176 Verstreken tijd: 3 minuut/minuten, 32 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 1 D:\Data\Downloads\PDFCreatorSetup.exe (PUP.Adware.InstallCore) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:20:21, on 04/05/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Java\jre6\bin\java.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.2.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.2.0.9\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.0.9\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 13170 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 7:31:42, on 04/05/2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\ANIWConnService.exe C:\WINDOWS\ATKKBService.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe C:\WINDOWS\System32\DLA\DLACTRLW.EXE C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft ActiveSync\wcescomm.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\MI3AA1~1\rapimgr.exe C:\Program Files\ScanPanel\ScnPanel.exe C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox.exe C:\PROGRA~1\Raptr\raptr.exe C:\PROGRA~1\Raptr\raptr_im.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\6.2.0.9\coIEPlg.dll O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\6.2.0.9\IPS\IPSBHO.DLL O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.7227.1100\swg.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\6.2.0.9\coIEPlg.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [ExtraFilmManager] "C:\Program Files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM\..\Run: [D-Link D-Link Wireless N DWA-140] C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [smart File Advisor] "C:\Program Files\Smart File Advisor\sfa.exe" /checkassoc O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe" O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" O4 - HKCU\..\Run: [Raptr] C:\PROGRA~1\Raptr\raptrstub.exe --startup O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - S-1-5-18 Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe (User 'SYSTEM') O4 - S-1-5-18 Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'SYSTEM') O4 - S-1-5-18 Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe (User 'SYSTEM') O4 - .DEFAULT Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe (User 'Default user') O4 - .DEFAULT Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (User 'Default user') O4 - .DEFAULT Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe (User 'Default user') O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Johan\Application Data\Dropbox\bin\Dropbox.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: Spoon Sandbox Manager 3.24.lnk = C:\Documents and Settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: ScanPanel.lnk = C:\Program Files\ScanPanel\ScnPanel.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra 'Tools' menuitem: Mobiele favorieten maken - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll O9 - Extra button: YouTubeDriver - Download YouTube Videos - {4e6dcd69-01a4-40b6-ac78-8109fe153a4c} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Onderzoekscentrum - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Common Files\Microsoft Shared\Encarta Researcher\EROPROJ.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813 O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} (Microsoft Genuine Advantage Self Support Tool) - http://go.microsoft.com/fwlink/?LinkId=82580 O16 - DPF: {3D3B42C2-11BF-4732-A304-A01384B70D68} (UploadListView Class) - http://picasaweb.google.be/s/v/58.14/uploader2.cab O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://extranet.vrt.be/dana-cached/sc/JuniperSetupClient.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: ANIWConn Service (ANIWConnService) - Unknown owner - C:\WINDOWS\system32\ANIWConnService.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Google Update Service (gupdate1c9c0d8ca7cb36e) (gupdate1c9c0d8ca7cb36e) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\6.2.0.9\ccSvcHst.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe -- End of file - 14009 bytes

Hoe kan ik MyStart en Babylon toolbar verwijderen?‎

Ok merk geen problemen meer. Van harte bedankt!

ComboFix 12-03-13.01 - Johan 13/03/2012 21:54:38.3.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2127 [GMT 1:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Johan\Bureaublad\CFScript.txt AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-13 to 2012-03-13 )))))))))))))))))))))))))))))) . . 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\documents and settings\Johan\Application Data\Malwarebytes 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-12 16:18 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-10 16:41 . 2012-03-10 16:41 388096 ----a-r- c:\documents and settings\Johan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-10 16:41 . 2012-03-10 16:41 -------- d-----w- c:\program files\Trend Micro 2012-03-10 14:01 . 2012-03-10 14:01 -------- d-----w- c:\documents and settings\Johan\Application Data\Tific 2012-02-23 11:27 . 2007-08-21 12:32 98304 ----a-w- c:\windows\system32\redmonnt.dll 2012-02-23 11:27 . 2012-02-23 11:27 -------- d-----w- c:\program files\FoxTabPDFConverter 2012-02-18 10:08 . 2012-02-18 10:08 -------- d-----w- c:\program files\Nitro PDF 2012-02-18 10:08 . 2012-02-18 10:08 -------- d-----w- c:\program files\Common Files\Nitro PDF 2012-02-15 08:52 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-02-15 08:52 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-11 08:45 . 2008-03-22 09:11 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-11 08:45 . 2010-05-24 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-06 05:35 . 2011-05-17 14:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-16 09:05 . 2011-10-21 18:36 18936 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-01-16 09:05 . 2011-10-21 18:36 27640 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2012-01-12 17:20 . 2006-03-02 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys 2011-12-17 19:42 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-12-17 19:42 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-12-17 19:42 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-12-16 12:23 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-03-12_20.56.27 ))))))))))))))))))))))))))))))))))))))))) . + 2012-03-13 15:51 . 2012-03-13 15:51 16384 c:\windows\Temp\Perflib_Perfdata_738.dat + 2012-03-13 15:50 . 2012-03-13 15:50 16384 c:\windows\Temp\Perflib_Perfdata_714.dat + 2006-03-02 12:00 . 2012-03-13 15:54 92116 c:\windows\system32\perfc013.dat - 2006-03-02 12:00 . 2012-03-12 16:33 92116 c:\windows\system32\perfc013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 72274 c:\windows\system32\perfc009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 72274 c:\windows\system32\perfc009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 511954 c:\windows\system32\perfh013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 511954 c:\windows\system32\perfh013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 444016 c:\windows\system32\perfh009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 444016 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-09 68856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2012-02-07 53160] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502000.00D\symds.sys [31/01/2012 8:41 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0502000.00D\symefa.sys [31/01/2012 8:41 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx86.sys [02/03/2012 19:58 820856] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 18:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502000.00D\ironx86.sys [31/01/2012 8:41 136312] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 20:13 147456] R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.0.13\ccsvchst.exe [31/01/2012 8:41 130008] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe [16/01/2012 10:06 198136] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/04/2011 13:21 92592] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [04/02/2012 10:35 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120310.001\IDSXpx86.sys [13/03/2012 17:01 356280] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 11:22 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 18:14 33536] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 16:45 1684736] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 11:22 133104] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004Core.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004UA.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-03-10 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-03-13 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-03-13 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Symantec Intrusion Prevention: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_2 FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-03-13 22:04 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(5540) c:\progra~1\Raptr\ltc_help32-57991.dll c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-03-13 22:07:56 ComboFix-quarantined-files.txt 2012-03-13 21:07 ComboFix2.txt 2012-03-13 17:05 ComboFix3.txt 2012-03-12 20:58 . Pre-Run: 21.632.405.504 bytes beschikbaar Post-Run: 21.616.381.952 bytes beschikbaar . - - End Of File - - 1FC9284EB78611B92769A35F8BE79DEB

ComboFix 12-03-13.01 - Johan 13/03/2012 17:56:07.2.2 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.3583.2444 [GMT 1:00] Gestart vanuit: c:\documents and settings\Johan\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Johan\Bureaublad\CFScript.txt AV: Norton 360 *Enabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton 360 *Disabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\Babylon c:\documents and settings\Johan\Application Data\Babylon c:\documents and settings\Johan\Application Data\Babylon\log_file.txt c:\documents and settings\Johan\Application Data\Complitly c:\documents and settings\Johan\Application Data\Complitly\64\Complitly64.dll c:\documents and settings\Johan\Application Data\Complitly\64\KeepMeUpdated.exe c:\documents and settings\Johan\Application Data\Complitly\Complitly.dll c:\documents and settings\Johan\Application Data\Complitly\KeepMeUpdated.exe c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516} c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\appIcon.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\browserOverlay.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\options.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\options.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\chrome\content\utils.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\defaults\preferences\predictad.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{33e0daa6-3af3-d8b5-6752-10e949c61516}\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\bandoocode.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search\engines.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\data\search\search.xsl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\about.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\bandoocode.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxpanel.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxpaneltransparent.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxpanelwin.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxprefwin.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxtransparentwin.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\dtxwin.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\emailnotifierproviders.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\external.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\imeshcode.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\neterror.xhtml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\vmncode.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\lib\wmpstreamer.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules\datastore.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\modules\nsDragAndDrop.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\neterror.xhtml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\partner.coupons.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\preferences.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\radiobeta.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\template.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\toolbar.htm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\toolbar.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\vmncode.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\vmnrsswin.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully\widget.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\content\widgets\net.vmn.www.PPCBully\widget_version c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\babylon_logo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bandoo.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bluelite.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\bluesky.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-search-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-settings-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-settings.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-widgets-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn-widgets.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\btn_settings.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\ca.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\dictionary.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\divider.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\downloadcom.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\dtxlogo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\ebay.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\email.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\email_on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\facebook.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\games.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred0.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred0_5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred1.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred1_5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred2.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred2_5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred3.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred3_5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred4.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred4_5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphred5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\graphredna.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\grey.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\ico-shield.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_amazon.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_games.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_radio_png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_seperator_png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_twitter.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\icon_youtube.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\images.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\imesh.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\add.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\aol.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\arrow-dn.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\arrow-right-disabled.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\arrow-right.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\arrow-up.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btn-divider.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btn-end.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btn-mdl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btn-mdl_ff.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btn-start.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btnover-divider.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btnover-end.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btnover-mdl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btnover-mdl_ff.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\bg-btnover-start.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\blank.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btn-widgets-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btn-widgets.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btn_slider.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnback-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnback-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnleft-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnleft-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnright-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\btnright-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\button-splitter-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\button-splitter-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\checkmark.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\chevron.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\collapse.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\comcast.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\dtx.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\edit-back-hot.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\edit-back.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\expand.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\found.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\gmail.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight_blue.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight_cyan.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight_lime.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight_magenta.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\highlight_yellow.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\hotmail.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\ico-check.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\imap.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\lastsearch-thumb-back.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\loadingMid.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\lock.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\logo-separator.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\mailcom.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menu_bg-basic.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menu_separator_bar.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menu_separator_white.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitem-splitter.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemback-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemback-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemleft-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemleft-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemright-down-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\menuitemright-vista.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\modify.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\move.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\movetarget.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css\panels.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css\popupAbout.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css\popupGames.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css\popupRSS.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\css\popupWidgets.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\css\dialog.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\bg.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\btn-search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\btn-wide-close-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\btn-wide-close.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\default.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\tab-off-l.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\tab-off-r.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\tab-on-l.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\tab-on-r.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\transparent.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\ttlbar-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\ttlbar-mdl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\ttlbar-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-btm-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-btm-mdl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-btm-right-resize.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-btm-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\images\win-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\main.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\default\scripts\defscript.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\footer.htm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\gamecategory.xsl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\gameData.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\gameList.xsl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\games.xsl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\gametype.xsl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\arrow-dn.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\arrow-sml-drop.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\arrow-sml.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\arrow-up.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\arrowr-bluew5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\bg-aboutbox.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\bg-btnover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\bg-pnl520x390.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-addtoolbar-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-addtoolbar-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-back.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-close-grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-close-greyover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-drag.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-mdl-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-mdl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-moredetails.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-next-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-next.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-play-left-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-play-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-previous-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-previous.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-right-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-search-pnlbtm.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-try-left-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\btn-try-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\bullet-orange.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\gamethumb-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\gamethumb2-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-calendar.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-dollar.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-download.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-joystick24.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-news24.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-play.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\ico-tags.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\icon-Add.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\icon-download.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\icon-Info.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\icon-play.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\icon-shop.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\menul-bgon.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\menul-bgover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\panel-botm-noscroll.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scroll-bg-206.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scroll-bg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scroll-topwin.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollb-disable.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollb-down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollb-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollb.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollt-disable.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollt-down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollt-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\scrollt.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\searchbox-pnlbtm.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\star_x_grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\star_x_orange.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\TRUSTe_about.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\view-detailed-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\view-detailed-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\view-thumb-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\view-thumb-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\widgets-square-16px.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\widgets-square-24px.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\images\widgets.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\initHTML.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\popupGames.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\popupHTML.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\popupRSS.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\popupWidgets.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\panels\scroll.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\pop.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css\manager.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\css\slider.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\bg-pnl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\btn-close-grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\btn-close-greyover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\collapsed_button.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\expanded_button.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\ico-playstation-down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\ico-playstation-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\ico-playstation.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\ico-radio.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\music-note.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-btn-pause-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-btn-pause.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-btn-play-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-btn-play.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-bg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-buffer.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-busy.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-off.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-on.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-eq-warning.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-options-design-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-options-design.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-options-on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-options.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-volume-0.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-volume-1.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-volume-2.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-volume-3.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\radio-volume-mute.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\scrollbar-handle.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\scrollbar-track.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\slider.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\slideron.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\images\track.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\managerpanel.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radio\volumeslider.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radiobeta-buffering.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radiobeta-connecting.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radiobeta-playing.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radiobeta-stopped.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\radiobeta.ico c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\reload.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\remove.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\rename.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\resize-box.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\rss.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\rsschannelback.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\RSSLogo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\rsstabdivider.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\scroll-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\scroll-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\search-go.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\text-ellipsis.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\throbber.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\toolbarsplitter.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\transparent_1px.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_02.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_03.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_04.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_06.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_07.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_08.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_09.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_10.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_11.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_12.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_13.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_14.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_15.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_16.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_18.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_19.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_20.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\border_21.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\btn-close-grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\btn-close-greyover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\close-hot.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\close-normal.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\loadingMid.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\proxy.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\template.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\template.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\templateFF.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\uwa\throbber.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons\cond999.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons\icons.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons\na-s.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons\na-t.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\icons\na.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\add.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\box-check.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\ico-check.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\options-weather.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\over-blue.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\over-orange.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\popupWeather.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\weatherbutton\panels\popupWeather.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lib\yahoo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\lichen.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\logo-about.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\logo-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\logo-separator.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\logo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\mail.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\maps.bmp c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\menuseparatorback.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\modify-save.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\modify.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\modifyhot.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\music.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\news.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options\options-main.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options\options-search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options\options-weather.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options\options-weather.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\options\options-widgets.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\orange.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\pixsy.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\protect-id.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\radiobeta-buffering.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\radiobeta-connecting.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\radiobeta-playing.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\radiobeta-stopped.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\radiobeta.ico c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\relatedlinks.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-collapse.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-delete.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-expand.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-feed.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-folder-remove.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-folder-rename.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-folder.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-found.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-reload.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss-subscribe.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rss.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rssback.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\rsstopback.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\search-over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\search_button_over_png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\search_button_png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar\searchbar-background-left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar\searchbar-background-middle.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\searchbar\searchbar-background-right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\settings.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\shopping.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\siteinfo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-bluelite.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-bluesky.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-grey.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-lichen.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-orange.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin-yellow.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\skin.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\technorati.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\throbber.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\toolbarsplitter.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\translate.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\video.bmp c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\vmn.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\vmn.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\weather.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\web.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\widgets-square-16px.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\wikipedia.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\yahoosearch.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\yellow.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\youtube.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\chrome\skin\zoom.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.5.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\dtTransparency3.6.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\IdtTransparency.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\IdtTransparency3.5.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\IdtTransparency3.6.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\components\windowmediator.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}\manifest.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\chrome\vuze_remote.jar c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\ConduitAutoCompleteSearch.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\ConduitAutoCompleteSearch.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\ConduitToolbar.idl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\ConduitToolbar.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\ConduitToolbar.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCore.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\components\RadioWMPCoreGecko19.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\alertSettingsComponent.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\appContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\engineContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\engineSettings.json c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\fbAlert.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\getAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\postAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\toolbarContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\defaults\unsharedAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\lib\xpcom.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\manifest.mf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\zigbert.rsa c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\META-INF\zigbert.sf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin\conduit.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin\conduit.ico c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin\conduit.PNG c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin\conduit.src c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\searchplugin\conduit.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}\version.txt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad} c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\chrome\babylon-englishbb.jar c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\ConduitAutoCompleteSearch.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCore.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko19.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko5.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko6.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko7.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko8.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\components\RadioWMPCoreGecko9.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\alertSettingsComponent.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\appContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\fbAlert.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\getAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\postAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\toolbarContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\defaults\unsharedAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\manifest.mf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.rsa c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\META-INF\zigbert.sf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Chat.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\DataStructures.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\EBEncryption.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\ExternalLibraryLoader.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\HTTP.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\IO.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Log.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\MainSingleton.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\MD5.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Notifications.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\ObserversAndEvents.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Prefs.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\SearchProtector.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\SearchSuggestIO.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\String.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\TEAEncryption.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Timer.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Twitter.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\URL.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\Windows.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\modules\XML.jsm c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\searchplugin\conduit.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\{ce18769b-c7fa-42d2-860d-17c4662c70ad}\version.txt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\chrome\conduitengine.jar c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\ConduitAutoCompleteSearch.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\ConduitToolbar.idl c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\ConduitToolbar.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\ConduitToolbar.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\RadioWMPCore.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\RadioWMPCore.xpt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\alertSettingsComponent.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\appContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\engineContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\engineSettings.json c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\fbAlert.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\getAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\postAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\toolbarContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\defaults\unsharedAppsContextMenu.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\DualPackage\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\lib\xpcom.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\META-INF\manifest.mf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\META-INF\zigbert.rsa c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\META-INF\zigbert.sf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\searchplugin\conduit.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\searchplugin\conduit.ico c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\searchplugin\conduit.PNG c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\searchplugin\conduit.src c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\searchplugin\conduit.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\engine@conduit.com\version.txt c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\components\acplus-autocomplete.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\babylon.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\babylon.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\arwDwn.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\bbyln.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ae.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\bg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ch.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\cn.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\cz.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\de.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\eg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\en.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\es.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\fr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\gr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\he.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\il.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\it.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ja.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\jp.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\nl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\no.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\pl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\pt.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ro.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ru.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\sa.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\se.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\sv.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\Thumbs.db c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\tr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\ua.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\flgs\us.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\help_16.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\home.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\logo.PNG c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\privecy_16_hot.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\tellafriend.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\imgs\vssver.scc c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\mtstart.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\server.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\content\tmplt.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\defaults\preferences\babylon.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\defaults\preferences\instlPref.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@babylon.com\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\arwDwn.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ae.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\bg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ch.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cn.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\cz.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\de.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\eg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\en.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\es.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\fr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\gr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\he.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\il.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\it.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ja.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\jp.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\nl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\no.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\pt.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ro.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ru.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sa.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\se.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\sv.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\tr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\ua.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\flgs\us.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\help_16.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\home.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\icon_seperator.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\logo.PNG c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\privecy_16_hot.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\specialoffer.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\imgs\tellafriend.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\mtstart.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\searchya.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\searchya.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\content\tmplt.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\ffxtlbr@searchya.com\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome.manifest c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\about.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\about.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\AudioService.dll c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\AudioWrapper.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\bindings.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\button-bindings.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\cache.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\constants.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\Controller.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\core.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\coreOverrides.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\custom-command-listener.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\dropdown-search.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\dynamic-button-manager.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\dynamic-button.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\ellipsis.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\events.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\feeds.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\highlight-to-search.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\http-headers.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\init.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\jquery-1.4.2.min.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\jquery-ui-1.8.1.custom.min.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\json.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\jukebox-popup.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\lifecycle.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\listeners.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\locale.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\logger.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\lwCache.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\lwListener.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\lwModelService.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\Medialist.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\network.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\newtab-manager.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\newtab-overlay.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\newtab.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\newtab.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\notification-popup-controller.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\notification-popup-ff3.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\notification-popup.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\notification.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\observer.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\options.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\options.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\player.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\PlayerController.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\playerInit.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\PlayerSound.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\PlayerView.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\popup.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\PopupController.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\popupInit.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\PopupView.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\preferences.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\prefetch.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\Resource.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\S3.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\ss-popup-bindings.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\Tags.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\toggle-search.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\topics.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\update.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\updateRdf.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\utilities.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\View.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\webframe-bindings.xml c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\webframe-manager.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\widget-controller.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\widget-local.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\widget-popup.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\content\widgets.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\alldownload_center.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\alldownload_left.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\alldownload_right.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\amazon_16x.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\ask_16x16.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\ask_32x32.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\ask_browser_ff_chrome.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\asklogo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\asklogo_16x21.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\audio.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\audio_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\audio_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\audio_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\b-p.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\b.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\bg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\bl-pbl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\bl-pbr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\bl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\blogs.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\br-pbl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\br-pbr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\br.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_arrow.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_arrow_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_arrow_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_audio.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_audio_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_audio_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_audio_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_back.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_back_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_back_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_back_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_document.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_document_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_email.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_facebook.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_forward.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_forward_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_forward_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_forward_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_image.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_image_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_pause.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_pause_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_pause_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_pause_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_play.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_play_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_play_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_play_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_torrent.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_torrent_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_twitter.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_video.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\btn_video_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\chevron.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\citysearch_a.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\Close.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\close.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\close_hover.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\default.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\dictionary.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\documents.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\documents_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\documents_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\documents_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\dropmarker.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\email.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\emailplus.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\file_noplay_error.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\globe_18x.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\gripper.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\highlighter_off.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\highlighter_on.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\images.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\images_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\images_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\images_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\jquery-ui-1.8.1.custom.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\jukebox.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\l.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-de.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-en.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-es.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-fr.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-it.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-nl.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-pt.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\labels-ru.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\limewire-widget.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\limewire.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\LimeWire_icon.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\limewire_logo.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\limewire_news.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-BR.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-DE.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-ES.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-EU.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-FR.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-IT.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-NL.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-RU.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-UK.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\links-US.properties c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\logo_32x32.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\lw_logo_text.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\magnify_search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\maps.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\news.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\newtab.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\newtab_bkg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\newtab_search_bkg.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\notification.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\player.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\player_background.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\popup.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\preferences.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\r.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_de.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_es.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_fr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_it.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_nl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_pt.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ask_ru.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_button.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_cobrand.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_current_site.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_de.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_es.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_fr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_grey_73x24.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_it.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_nl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_pl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_pt.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\search_ru.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\searchbar.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\shopping.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\stocks.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\t-p.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\t.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tl-ptl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tl-ptr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\toolbar.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\toolbar.xul c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\torrents.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\torrents_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\torrents_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\torrents_icon.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\torrents_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tr-ptl.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tr-ptr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\tr.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\twitter.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\videos.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\videos_disabled.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\videos_down.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\videos_over.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\weather.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\web.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\widget-popup.css c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\WindowTop.gif c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\wordoftheday_16x.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\skin\zoomall.png c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\askToolbar.exe c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-18-Nov-2011-22-45-20-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Fri-18-Nov-2011-22-45-21-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-14-Aug-2010-13-34-52-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sat-22-Oct-2011-10-55-03-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-08-Jan-2012-17-27-39-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-21-Nov-2010-09-30-19-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Sun-31-Oct-2010-20-49-43-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Thu-09-Feb-2012-17-08-57-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-15-Jun-2011-14-20-08-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\chrome\temp\ff-config.Wed-27-Oct-2010-17-11-40-GMT\ff-config.zip c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\datastore\cache.sqlite c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\datastore\limewire_cache.sqlite c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\defaults.js.bak c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\defaults\preferences\defaults.js.bak c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\install.rdf c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\logs\asktb-log-1329774102752.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\logs\asktb-log-1329995149020.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\logs\asktb-log-1329997677299.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\logs\asktb-log-1330518204083.html c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\extensions\toolbar@ask.com\searchplugins\askcom.xml c:\documents and settings\Johan\Application Data\Search Settings c:\documents and settings\Johan\Application Data\Search Settings\kb140\temp\ws-15409.log c:\documents and settings\Johan\Application Data\Search Settings\kb140\temp\ws-15410.log c:\documents and settings\Johan\Application Data\Search Settings\kb140\temp\ws-15411.log c:\documents and settings\Johan\Local Settings\Application Data\Babylon c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\bab033.tbinst.dat c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\bab091.norecovericon.dat c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\Babylon.dat c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\BExternal.dll c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\cmbx.png c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\common.js c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\eula.html c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\lngs.png c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.css c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.html c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1.js c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page1Lrg.css c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.css c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.html c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2.js c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page2Lrg.css c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\page9.html c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\pBar.gif c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title1.png c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\title2.png c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\toolBar.jpg c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\HtmlScreens\vIcn.png c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\IECookieLow.dll c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\Setup-tbmntr903-9.0.3.35.zpb c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\Setup.exe c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\SetupStrings.dat c:\documents and settings\Johan\Local Settings\Application Data\Babylon\Setup\sqlite3.dll c:\program files\Application Updater c:\program files\Application Updater\ApplicationUpdater.exe c:\program files\Application Updater\config.ini c:\program files\Common Files\Spigot c:\program files\Common Files\Spigot\Search Settings\baidu_ff.xml c:\program files\Common Files\Spigot\Search Settings\baidu_ie.xml c:\program files\Common Files\Spigot\Search Settings\config.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1031.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1033.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1034.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1036.ini c:\program files\Common Files\Spigot\Search Settings\Lang\res1040.ini c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe c:\program files\Common Files\Spigot\Search Settings\wth.dll c:\program files\Common Files\Spigot\Search Settings\yahoo_ff.xml c:\program files\Common Files\Spigot\Search Settings\yahoo_ie.xml c:\program files\Common Files\Spigot\Search Settings\yandex_ff.xml c:\program files\Common Files\Spigot\Search Settings\yandex_ie.xml c:\program files\Common Files\Spigot\wtxpcom\chrome.manifest c:\program files\Common Files\Spigot\wtxpcom\components\chrome.manifest c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt c:\program files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt c:\program files\Common Files\Spigot\wtxpcom\components\install.rdf c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.10 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.11 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.12 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.5 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.6 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.7 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.8 c:\program files\Common Files\Spigot\wtxpcom\components\WidgiToolbarFF.dll.9 c:\program files\Common Files\Spigot\wtxpcom\install.rdf c:\program files\Complitly c:\program files\Complitly\chrome\ComplitlyChrome.crx c:\program files\Complitly\FireFoxExtensionWithFF8Fix.exe c:\program files\Complitly\FireFoxUninstaller.exe c:\program files\Complitly\InstTracker.exe c:\program files\Complitly\support@Complitly.com\chrome.manifest c:\program files\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files\Complitly\support@Complitly.com\chrome\content\options.js c:\program files\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files\Complitly\support@Complitly.com\install.rdf c:\program files\Complitly\System.Data.SQLite.dll c:\program files\Complitly\unins000.dat c:\program files\Complitly\unins000.exe c:\program files\YouTube Downloader Toolbar c:\program files\YouTube Downloader Toolbar\FF\chrome.manifest c:\program files\YouTube Downloader Toolbar\FF\chrome\content\brwobj.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\chevron.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\chevron.xul c:\program files\YouTube Downloader Toolbar\FF\chrome\content\JSWidget.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\login.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\login.xul c:\program files\YouTube Downloader Toolbar\FF\chrome\content\parser.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RadioWidget.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RadioWidget.xul c:\program files\YouTube Downloader Toolbar\FF\chrome\content\RssTickerWidget.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\searchbox.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\searchbox.xul c:\program files\YouTube Downloader Toolbar\FF\chrome\content\utils.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgichevron.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgicomm.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgihandling.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgilisteners.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgitoolbarplugin.js c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgitoolbarplugin.xul c:\program files\YouTube Downloader Toolbar\FF\chrome\content\widgiui.js c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\searchbox.dtd c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.dtd c:\program files\YouTube Downloader Toolbar\FF\chrome\locale\EN-US\widgitoolbarplugin.properties c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\amazon.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\chevron.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dailymotion.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dropinsavings.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\dropinsavingsabt.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ebay.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\facebook.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\googleplus.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\hulu.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\icon_settings.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\metacafe.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radio-close.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radio-minimize.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\radiobeta.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-button-hover.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-button.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron-hover.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-chevron.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-baidu.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yahoo.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search-wmrk-yandex.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_amazon.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_baidu.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_ebay.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_yahoo.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_yandex.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\search_youtube.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\searchbox.css c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\splitter.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\twitter.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\veoh.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\widgitoolbarplugin.css c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\youtube.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd_logo.gif c:\program files\YouTube Downloader Toolbar\FF\chrome\skin\ytd_logo_hover.gif c:\program files\YouTube Downloader Toolbar\FF\install.rdf c:\program files\YouTube Downloader Toolbar\IE\5.0\config.ini c:\program files\YouTube Downloader Toolbar\IE\5.0\youtubedownloaderToolbarIE.dll c:\program files\YouTube Downloader Toolbar\Res\amazon.gif c:\program files\YouTube Downloader Toolbar\Res\dailymotion.gif c:\program files\YouTube Downloader Toolbar\Res\dropinsavings.gif c:\program files\YouTube Downloader Toolbar\Res\dropinsavingsabt.gif c:\program files\YouTube Downloader Toolbar\Res\ebay.gif c:\program files\YouTube Downloader Toolbar\Res\facebook.gif c:\program files\YouTube Downloader Toolbar\Res\googleplus.gif c:\program files\YouTube Downloader Toolbar\Res\hulu.gif c:\program files\YouTube Downloader Toolbar\Res\icon_settings.gif c:\program files\YouTube Downloader Toolbar\Res\Lang\res1031.ini c:\program files\YouTube Downloader Toolbar\Res\Lang\res1033.ini c:\program files\YouTube Downloader Toolbar\Res\Lang\res1034.ini c:\program files\YouTube Downloader Toolbar\Res\Lang\res1036.ini c:\program files\YouTube Downloader Toolbar\Res\Lang\res1040.ini c:\program files\YouTube Downloader Toolbar\Res\metacafe.gif c:\program files\YouTube Downloader Toolbar\Res\radio-close.gif c:\program files\YouTube Downloader Toolbar\Res\radio-minimize.gif c:\program files\YouTube Downloader Toolbar\Res\radiobeta.gif c:\program files\YouTube Downloader Toolbar\Res\search-button-hover.gif c:\program files\YouTube Downloader Toolbar\Res\search-button.gif c:\program files\YouTube Downloader Toolbar\Res\search-chevron-hover.gif c:\program files\YouTube Downloader Toolbar\Res\search-chevron.gif c:\program files\YouTube Downloader Toolbar\Res\search_amazon.gif c:\program files\YouTube Downloader Toolbar\Res\search_baidu.gif c:\program files\YouTube Downloader Toolbar\Res\search_ebay.gif c:\program files\YouTube Downloader Toolbar\Res\search_yahoo.gif c:\program files\YouTube Downloader Toolbar\Res\search_yandex.gif c:\program files\YouTube Downloader Toolbar\Res\search_youtube.gif c:\program files\YouTube Downloader Toolbar\Res\twitter.gif c:\program files\YouTube Downloader Toolbar\Res\veoh.gif c:\program files\YouTube Downloader Toolbar\Res\widgets.xml c:\program files\YouTube Downloader Toolbar\Res\youtube.gif c:\program files\YouTube Downloader Toolbar\Res\ytd.gif c:\program files\YouTube Downloader Toolbar\Res\ytd_logo.gif c:\program files\YouTube Downloader Toolbar\Res\ytd_logo_hover.gif c:\program files\YouTube Downloader Toolbar\WidgiHelper.exe c:\windows\XSxS . . (((((((((((((((((((( Bestanden Gemaakt van 2012-02-13 to 2012-03-13 )))))))))))))))))))))))))))))) . . 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\documents and settings\Johan\Application Data\Malwarebytes 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-12 16:18 . 2012-03-12 16:18 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-12 16:18 . 2011-12-10 14:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-10 16:41 . 2012-03-10 16:41 388096 ----a-r- c:\documents and settings\Johan\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-03-10 16:41 . 2012-03-10 16:41 -------- d-----w- c:\program files\Trend Micro 2012-03-10 14:01 . 2012-03-10 14:01 -------- d-----w- c:\documents and settings\Johan\Application Data\Tific 2012-02-23 11:27 . 2007-08-21 12:32 98304 ----a-w- c:\windows\system32\redmonnt.dll 2012-02-23 11:27 . 2012-02-23 11:27 -------- d-----w- c:\program files\FoxTabPDFConverter 2012-02-18 10:08 . 2012-02-18 10:08 -------- d-----w- c:\program files\Nitro PDF 2012-02-18 10:08 . 2012-02-18 10:08 -------- d-----w- c:\program files\Common Files\Nitro PDF 2012-02-15 08:52 . 2012-01-11 19:07 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-02-15 08:52 . 2012-01-11 19:07 3072 ------w- c:\windows\system32\iacenc.dll . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-11 08:45 . 2008-03-22 09:11 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-11 08:45 . 2010-05-24 07:14 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-06 05:35 . 2011-05-17 14:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-01-16 09:05 . 2011-10-21 18:36 18936 ----a-w- c:\windows\system32\nitrolocalui2.dll 2012-01-16 09:05 . 2011-10-21 18:36 27640 ----a-w- c:\windows\system32\nitrolocalmon2.dll 2012-01-12 17:20 . 2006-03-02 12:00 1860096 ----a-w- c:\windows\system32\win32k.sys 2011-12-17 19:42 . 2006-03-02 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2011-12-17 19:42 . 2006-03-02 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2011-12-17 19:42 . 2006-03-02 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2011-12-16 12:23 . 2006-03-02 12:00 385024 ------w- c:\windows\system32\html.iec 2008-01-25 16:35 . 2008-01-25 16:35 2293848 ----a-w- c:\program files\FLV PlayerFCSetup.exe 2008-01-25 16:35 . 2008-01-25 16:34 2048 ----a-w- c:\program files\FLV PlayerRCATSetup.exe 2008-01-25 16:34 . 2008-01-25 16:34 133120 ----a-w- c:\program files\FLV PlayerRCSetup.exe . . ((((((((((((((((((((((((((((( SnapShot@2012-03-12_20.56.27 ))))))))))))))))))))))))))))))))))))))))) . + 2012-03-13 15:51 . 2012-03-13 15:51 16384 c:\windows\Temp\Perflib_Perfdata_738.dat + 2012-03-13 15:50 . 2012-03-13 15:50 16384 c:\windows\Temp\Perflib_Perfdata_714.dat + 2006-03-02 12:00 . 2012-03-13 15:54 92116 c:\windows\system32\perfc013.dat - 2006-03-02 12:00 . 2012-03-12 16:33 92116 c:\windows\system32\perfc013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 72274 c:\windows\system32\perfc009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 72274 c:\windows\system32\perfc009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 511954 c:\windows\system32\perfh013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 511954 c:\windows\system32\perfh013.dat + 2006-03-02 12:00 . 2012-03-13 15:54 444016 c:\windows\system32\perfh009.dat - 2006-03-02 12:00 . 2012-03-12 16:33 444016 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2011-02-18 05:12 94208 ----a-w- c:\documents and settings\Johan\Application Data\Dropbox\bin\DropboxExt.14.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-09 68856] "H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-06-27 1211176] "TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2011-04-22 247728] "Raptr"="c:\progra~1\Raptr\raptrstub.exe" [2012-02-07 53160] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-03-21 1953792] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088] "nwiz"="nwiz.exe" [2008-05-16 1630208] "HP Software Update"="c:\program files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2003-06-25 49152] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2003-10-23 233472] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe" [2003-09-01 176128] "DeviceDiscovery"="c:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe" [2003-05-21 229437] "DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2006-06-13 127036] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 153136] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-10 1828136] "beid"="c:\program files\Belgium Identity Card\beid35gui.exe" [2009-02-02 2035712] "ExtraFilmManager"="c:\program files\ExtraFilm Designer BE NL\ExtraFilmManager.exe" [2010-06-15 159744] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-09-08 421888] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016] "RTHDCPL"="RTHDCPL.EXE" [2009-06-12 17887232] "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2009-05-07 98304] "D-Link D-Link Wireless N DWA-140"="c:\program files\D-Link\DWA-140 revB\AirNCFG.exe" [2009-05-07 1683456] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Smart File Advisor"="c:\program files\Smart File Advisor\sfa.exe" [2011-04-04 280824] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . c:\documents and settings\Johan\Menu Start\Programma's\Opstarten\ Dropbox.lnk - c:\documents and settings\Johan\Application Data\Dropbox\bin\Dropbox.exe [2012-2-15 24246216] OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680] Spoon Sandbox Manager 3.24.lnk - c:\documents and settings\Johan\Local Settings\Application Data\Spoon\3.24.0.6\Spoon-Sandbox-Native.exe [2012-1-24 232696] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] ScanPanel.lnk - c:\program files\ScanPanel\ScnPanel.exe [2008-1-26 1732608] . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Nero\\Nero8\\Nero ShowTime\\ShowTime.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager "c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager "c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application "e:\\MY DOWNLOAD FILES\\3gp_player_setup films.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Documents and Settings\\Johan\\Application Data\\Dropbox\\bin\\Dropbox.exe"= "c:\\Program Files\\Azureus\\Azureus.exe"= "c:\\Program Files\\Windows iLivid Toolbar\\Datamngr\\ToolBar\\dtUser.exe"= "c:\\Program Files\\Raptr\\raptr.exe"= "c:\\Program Files\\Raptr\\raptr_im.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service . R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360\0502000.00D\symds.sys [31/01/2012 8:41 340088] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360\0502000.00D\symefa.sys [31/01/2012 8:41 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\BASHDefs\20120302.001\BHDrvx86.sys [02/03/2012 19:58 820856] R1 NEOFLTR_650_15551;Juniper Networks TDI Filter Driver (NEOFLTR_650_15551);c:\windows\system32\drivers\NEOFLTR_650_15551.SYS [24/04/2011 18:47 85360] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360\0502000.00D\ironx86.sys [31/01/2012 8:41 136312] R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [29/11/2010 20:13 147456] R2 N360;Norton 360;c:\program files\Norton 360\Engine\5.2.0.13\ccsvchst.exe [31/01/2012 8:41 130008] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;c:\program files\Nitro PDF\Reader\NitroPDFReaderDriverService2.exe [16/01/2012 10:06 198136] R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [22/04/2011 13:21 92592] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [04/02/2012 10:35 106104] R3 IDSxpx86;IDSxpx86;c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\Definitions\IPSDefs\20120310.001\IDSXpx86.sys [13/03/2012 17:01 356280] S2 gupdate1c9c0d8ca7cb36e;Google Update Service (gupdate1c9c0d8ca7cb36e);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 11:22 133104] S3 ACSSCR;ACR38 Smart Card Reader;c:\windows\system32\drivers\a38usb.sys [24/03/2006 18:14 33536] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [29/11/2010 16:45 1684736] S3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 11:22 133104] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8187.sys --> c:\windows\system32\DRIVERS\RTL8187.sys [?] S3 SjyPkt;SjyPkt;\??\c:\windows\System32\Drivers\SjyPkt.sys --> c:\windows\System32\Drivers\SjyPkt.sys [?] . Inhoud van de 'Gedeelde Taken' map . 2011-02-14 c:\windows\Tasks\expressripShakeIcon.job - c:\program files\NCH Swift Sound\ExpressRip\expressrip.exe [2011-02-11 18:49] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-19 10:22] . 2012-03-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004Core.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-03-13 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2000478354-1682526488-839522115-1004UA.job - c:\documents and settings\Johan\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-10-22 05:53] . 2012-03-10 c:\windows\Tasks\OGADaily.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-03-13 c:\windows\Tasks\OGALogon.job - c:\windows\system32\OGAVerify.exe [2008-12-31 15:04] . 2012-03-13 c:\windows\Tasks\User_Feed_Synchronization-{16A16E66-BF52-4F59-84D6-2E4BB9DFFC77}.job - c:\windows\system32\msfeedssync.exe [2007-08-13 03:31] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.google.be/ uDefault_Search_URL = hxxp://www.google.com/ie uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 TCP: DhcpNameServer = 195.130.131.5 195.130.130.133 FF - ProfilePath - c:\documents and settings\Johan\Application Data\Mozilla\Firefox\Profiles\wnjmdj5p.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Symantec Intrusion Prevention: {BBDA0591-3099-440a-AA10-41764D9DB4DB} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\IPSFFPlgn FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Norton Toolbar: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} - c:\documents and settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\coFFPlgn_2011_7_5_2 FF - user.js: extensions.searchya_i.dfltSrch - true FF - user.js: extensions.searchya_i.srchPrvdr - SearchYa! FF - user.js: extensions.searchya_i.dnsErr - true FF - user.js: extensions.searchya_i.newTab - true FF - user.js: extensions.searchya_i.newTabUrl - hxxp://searchya.com/?chnl=dcom-100&s=2&cr=1062395452&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtBtDzy FF - user.js: extensions.searchya_i.tlbrSrchUrl - hxxp://searchya.com/?chnl=dcom-100&s=3&cr=1062395452&cd=2XzutAtN2Y1L1QzutN0D0TzutBtDtCtBtDtBtDzy&q= FF - user.js: extensions.searchya_i.id - 3026a1f100000000000000265a78d04b FF - user.js: extensions.searchya_i.instlDay - 15379 FF - user.js: extensions.searchya_i.vrsn - 1.5.11.13 FF - user.js: extensions.searchya_i.vrsni - 1.5.11.13 FF - user.js: extensions.searchya_i.vrsnTs - 1.5.11.1319:06 FF - user.js: extensions.searchya_i.prtnrId - ironsrc FF - user.js: extensions.searchya_i.prdct - searchya FF - user.js: extensions.searchya_i.aflt - dcom FF - user.js: extensions.searchya_i.smplGrp - none FF - user.js: extensions.searchya_i.tlbrId - base FF - user.js: extensions.searchya_i.instlRef - dcom-100 FF - user.js: extensions.searchya_i.dfltLng - FF - user.js: extensions.searchya_i.excTlbr - false FF - user.js: extensions.BabylonToolbar_i.id - 3026a1f100000000000000265a78d04b FF - user.js: extensions.BabylonToolbar_i.hardId - 3026a1f100000000000000265a78d04b FF - user.js: extensions.BabylonToolbar_i.instlDay - 15393 FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.1712:28 FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar_i.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar_i.tlbrId - tb9 FF - user.js: extensions.BabylonToolbar_i.newTab - false FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=110004 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar_i.instlRef - sst . - - - - ORPHANS VERWIJDERD - - - - . AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files\Complitly\unins000.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-03-13 18:03 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\N360] "ImagePath"="\"c:\program files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files\Norton 360\Engine\5.2.0.13\diMaster.dll\" /prefetch:1" . Voltooingstijd: 2012-03-13 18:05:28 ComboFix-quarantined-files.txt 2012-03-13 17:05 ComboFix2.txt 2012-03-12 20:58 . Pre-Run: 21.662.183.424 bytes beschikbaar Post-Run: 21.631.795.200 bytes beschikbaar . - - End Of File - - F746DBE8EE5C2FF704B874882273AC6E