Have0
-
Items
408 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door Have0
-
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Beste Droske, inderdaad een usb-hub. De poort vooraan de p.c. doet het nu weer wel. Ik begrijp er niets van maar probleem is opgelost. Huidige installatie, p.c. en windows gebruik ik minimaal 10 jaar nu. Opstarten duurt wel lang. Ik heb gekeken bij systeem, het is een hele grote reeks waarbij vooral 7023, 7035 en 7036 komt vaak voor. Bij toepassing ook een hele lange reeks waarbij 1800 veel voorkomt. Ik weet niet wat deze gebeurtenissen betekenen en hoe ik het kan oplossen ? -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Beste Droske, ik heb de printer en de losse usb op 2 andere usbpoorten aangesloten waardoor beiden het doen. Niet helemaal de bedoeling maar het werkt. Nu werkt mijn printer weer gelukkig. Ik heb op uw advies inderdaad IObit Malware verwijderd. Ik gebruik laatste versie van CCleaner. Hoe kan ik erachter komen wat u aangeeft met - Heb je de Windows logboeken al eens geraadpleegd betreffende eventuele fouten? Opstart duurt wel lang inderdaad. -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Beste Kape, heeft u nog een andere suggestie ? Ik ben op vakantie geweest. Helaas werkt de printer nog niet via mijn p.c. -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Beste Kape, helaas is het probleem nog niet opgelost. Vreemde vind ik dat usb-poort voor webcam wel werkt. Ook voor toetsenbord. De usb-poorten voor printer en usb-stick werken nog niet. -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
ComboFix 13-06-08.02 - Fam. Haverkamp 12-06-2013 19:11:44.15.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1243 [GMT 2:00] Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Mijn documenten\Downloads\ComboFix.exe AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\program files\PricePeep c:\program files\PricePeep\installer.ico c:\program files\PricePeep\uninstall.exe c:\program files\PricePeep\unutil.exe c:\windows\IsUn0413.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2013-05-12 to 2013-06-12 )))))))))))))))))))))))))))))) . . 2013-06-12 11:59 . 2013-06-12 11:59 -------- dc----w- c:\windows\LastGood 2013-06-11 17:28 . 2013-06-11 17:28 388096 -c--a-r- c:\documents and settings\Fam. Haverkamp\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-05-28 17:15 . 2013-05-28 17:15 -------- dc----w- c:\program files\Apple Software Update 2013-05-25 18:28 . 2013-06-12 06:00 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend 2013-05-19 15:23 . 2013-05-19 15:23 -------- dc----w- c:\documents and settings\Fam. Haverkamp\AppData . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-06-01 07:32 . 2012-07-09 20:13 692104 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2013-06-01 07:32 . 2011-12-23 14:36 71048 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2013-04-16 22:26 . 2008-04-15 12:00 920064 -c--a-w- c:\windows\system32\wininet.dll 2013-04-16 22:26 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll 2013-04-16 22:26 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl 2013-04-12 23:30 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec 2013-04-12 14:01 . 2008-04-15 12:00 1876480 -c--a-w- c:\windows\system32\win32k.sys 2013-04-04 12:50 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys 2013-03-29 00:53 . 2011-12-23 11:32 208184 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2013-03-21 01:08 . 2011-07-11 00:14 182072 -c--a-w- c:\windows\system32\drivers\avgtdix.sys . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-04-28 4408368] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2010-11-29 421888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk backup=c:\windows\pss\Statusvenster.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2013-04-04 21:06 958576 -c--a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 6] 2013-04-18 18:38 491840 -c--a-w- c:\program files\IObit\Advanced SystemCare 6\ASCTray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlcoholAutomount] 2012-01-05 15:42 75624 -c--a-w- c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] 2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] 2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2011-05-04 12:59 252136 -c--a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 (0x2) "AdvancedSystemCareService5"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"= "c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\TVersity\\Media Server\\MediaServer.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 4:50 60216] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 4:46 245048] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 7:30 39224] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 13:32 208184] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 13:32 22328] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 7:23 170808] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 2:14 182072] R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 11:56 54272] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 18:07 759048] R2 AdvancedSystemCareService6;Advanced SystemCare Service 6;c:\program files\IObit\Advanced SystemCare 6\ASCService.exe [19-1-2013 0:07 574272] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [18-4-2013 4:34 283136] R2 IMFservice;IMF Service;c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe [14-2-2013 19:41 821592] R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 20:40 140848] S0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\Drivers\SmartDefragDriver.sys --> c:\windows\system32\Drivers\SmartDefragDriver.sys [?] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [14-5-2013 0:54 4937264] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 17:42 75624] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 11:56 24576] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 17:55 47360] . Inhoud van de 'Gedeelde Taken' map . 2013-06-12 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-09 07:32] . 2013-06-07 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2011-06-01 15:57] . 2013-06-12 c:\windows\Tasks\SmartDefragUpdate.job - c:\program files\IObit\Smart Defrag 2\AutoUpdate.exe [2013-02-14 10:06] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ mStart Page = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/ FF - prefs.js: keyword.URL - hxxp://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=198484&p= FF - ExtSQL: 2013-05-19 19:23; ascsurfingprotection@iobit.com; c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\ascsurfingprotection@iobit.com . - - - - ORPHANS VERWIJDERD - - - - . MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe MSConfigStartUp-HOSTS Anti-Adware_PUPs - c:\program files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware_main.exe AddRemove-DATA BECKER Eigen Homepage - c:\windows\IsUn0413.exe AddRemove-PricePeep - c:\program files\PricePeep\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-06-12 19:22 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ . [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(928) c:\windows\system32\igfxsrvc.dll c:\windows\system32\hccutils.DLL . - - - - - - - > 'winlogon.exe'(3484) c:\windows\system32\igfxsrvc.dll c:\windows\system32\hccutils.DLL . Voltooingstijd: 2013-06-12 19:27:58 ComboFix-quarantined-files.txt 2013-06-12 17:27 . Pre-Run: 2.113.822.720 bytes beschikbaar Post-Run: 2.144.288.768 bytes beschikbaar . - - End Of File - - 6A992CDCF5E8FF8BC65BCA4BA04A78E9 3051207086651214E435112E51817DC5 -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Sorry probleem is nog niet opgelost. HIeronder nog een logfile Malwarebytes Anti-Malware 1.75.0.1300 Malwarebytes : Free anti-malware download Databaseversie: v2013.06.11.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Fam. Haverkamp :: FAM-8CE7DC89595 [administrator] 11-6-2013 19:42:37 mbam-log-2013-06-11 (19-42-37).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 254807 Verstreken tijd: 24 minuut/minuten, 17 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:30:14, on 11-6-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\TVersity\Media Server\MediaServer.exe C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\winlogon.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\system32\msiexec.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\ADVANC~4\BROWER~1\ASCPLU~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [EPSON SX440 Series (Kopie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIHBE.EXE /FU "C:\DOCUME~1\FAM~1.HAV\LOCALS~1\Temp\E_S145.tmp" /EF "HKCU" O4 - HKUS\S-1-5-21-1123561945-299502267-1417001333-1008\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Paula') O4 - HKUS\S-1-5-21-1123561945-299502267-1417001333-1008\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'Paula') O4 - HKUS\S-1-5-21-1123561945-299502267-1417001333-1008\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime (User 'Paula') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe (file missing) O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: TVersity Media Server (TVersityMediaServer) - Unknown owner - C:\Program Files\TVersity\Media Server\MediaServer.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 8971 bytes -
usb poort voor printer werkt niet meer ook niet na verwijderen
Have0 plaatste een topic in Archief Internet & Netwerk
Beste lezer, mijn usb poorten werkte niet meer. Ik heb ze verwijderd en nadat p.c. opgestart was deed alles het weer via usb. Nu geeft hij opnieuw aan "het usb apparaat wordt niet herkend". ben bang dat er softwarematig iets niet goed is. Kan ik een logfile plaatsen en wil iemand deze nakijken ? Moet ik dit doen via Hijackthis ? Of wat welke gegevens wilt u hebben ? Alvast bedankt voor uw tijd. -
usb poort voor printer werkt niet meer
Have0 reageerde op Have0's topic in Archief Internet & Netwerk
Het werkt weer. Super bedankt !!!! -
Beste lezer, ik heb een vaste p.c. met daaraan een printer gekoppeld. Het lukt niet meer op een printopdracht te geven via vaste p.c. Omdat de printer ook via wifi te benaderen is kan ik wel printen via mijn laptop. Ook lukt het niet om een usb-stick te lezen op mijn vaste p.c. Wat kan ik het beste doen zodat ik de 2 usb-poorten op mijn vaste pc weer kan gebruiken ? Alvast bedankt. Andere vraag. Eerst kon ik toch lezen welke vragen ik had gesteld op het Forum. Ik mis dit, is dit veranderd of kijk ik niet goed ?
-
Beste Mako en Kweezie Wabbit, excuus voor mijn late reactie het probleem is opgelost. Ik heb jullie beiden adviezen opgelost en het probleem is verholpen. Thanks
-
Beste lezer/lezeres, hieronder vind u mijn logfiles. Ik weet niet of punt 1 helemaal gelukt is. Bij het opstarten en daarna geeft hij nog steeds als startpagina Yahoo! Zoeken - zoeken op het web in plaats van www. telegraaf.nl # AdwCleaner v2.109 - Verslag gemaakt op 03/02/2013 om 18:29:18 # Geactualiseerd op 26/01/2013 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : Fam. Haverkamp - FAM-8CE7DC89595 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\Fam. Haverkamp\Bureaublad\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** ***** [Register] ***** ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v4.0 (nl) File : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Documents and Settings\Bram\Application Data\Mozilla\Firefox\Profiles\wxjdntap.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. File : C:\Documents and Settings\Paula\Application Data\Mozilla\Firefox\Profiles\tgl5jznp.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R1].txt - [1785 octets] - [18/01/2013 18:21:27] AdwCleaner[R2].txt - [1952 octets] - [23/01/2013 15:32:03] AdwCleaner[R3].txt - [2062 octets] - [24/01/2013 22:05:40] AdwCleaner[R4].txt - [2087 octets] - [26/01/2013 13:15:30] AdwCleaner[s10].txt - [2010 octets] - [19/01/2013 14:37:14] AdwCleaner[s11].txt - [1898 octets] - [21/01/2013 21:35:20] AdwCleaner[s12].txt - [3031 octets] - [02/02/2013 19:12:34] AdwCleaner[s13].txt - [1586 octets] - [03/02/2013 18:29:18] AdwCleaner[s2].txt - [1295 octets] - [27/12/2012 09:53:43] AdwCleaner[s3].txt - [1355 octets] - [27/12/2012 20:37:07] AdwCleaner[s4].txt - [1415 octets] - [28/12/2012 20:32:47] AdwCleaner[s5].txt - [1472 octets] - [29/12/2012 18:59:51] AdwCleaner[s6].txt - [1532 octets] - [31/12/2012 10:23:42] AdwCleaner[s7].txt - [1592 octets] - [06/01/2013 15:55:32] AdwCleaner[s8].txt - [1715 octets] - [12/01/2013 10:51:42] AdwCleaner[s9].txt - [2474 octets] - [18/01/2013 18:00:31] ########## EOF - C:\AdwCleaner[s13].txt - [2127 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:06:07, on 3-2-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Outlook Express\msimn.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Fam. Haverkamp\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 7711 bytes
-
Beste lezer/lezeres, hieronder vind u mijn logfile. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:00:45, on 2-2-2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\Application Updater\ApplicationUpdater.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Fam. Haverkamp\Bureaublad\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen R3 - URLSearchHook: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\6.7\iobitappsToolbarIE.dll O2 - BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\6.7\iobitappsToolbarIE.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\6.7\iobitappsToolbarIE.dll O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - (no CLSID) - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: HOSTS Anti-PUPs - Unknown owner - C:\Program Files\Hosts_Anti_Adwares_PUPs\HOSTS_Anti-Adware.exe (file missing) O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 8173 bytes
-
Beste lezer/lezeres, als ik mijn computer opstart begint internet normaal gesproken met mijn voorkeursstartpagina Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl Sindskort is dit deze pagina geworden Yahoo! Zoeken - zoeken op het web Ik heb al aantal keren geprobeerd om via configuratiescherm, internetopties de startpagina op Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl te zetten, toepassen en op ok. Toch blijft hij naar pagina Yahoo! Zoeken - zoeken op het web schieten. Terwijl als ik kijk via configuratie, internetopties wel staat als startpagina, Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl Is er dan een registerfout, of moet ik toch ergens anders iets aan of uitzetten ? Bedankt voor uw advies alvast.
-
Beste Jion, bedankt. Ik heb het programmaatje gedownload en zie achter onderstaande namen diverse gegevens staan. Welke zijn van belang ? Network name (SSIFD) Key T Key (Hex) Key (ASCii) Adapter name adapter guid Authendication Encryption Connection Type Nu zie hierachter info staan maar welke zijn van belang ?
-
Geachte lezer(es), ik wil mijn nieuwe t.v. opnemen in het thuisnetwerk. Ik weet echter mijn wachtwoord e.d. niet meer van mijn router. Ik heb een vaste p.c. met draad verbonden aan router en een laptop (windows &) die draadloos verbonden is mijn router. Heeft u enig idee waar ik op mijn p.c. of laptop na kan gaan wat ook al weer het wachtwoord e.d. is ? Bedankt alvast.
-
Weer superbedankt Kape !!!
-
Beste Kape of collega, mijn laptop startte erg moeilijk op. Daarna deed hij het gewoon. Wilt u voor de zekerheid kijken of er toch iets te zien is in onderstaande logfiles ? Hartelijk dank en goed 2013 alvast. Malwarebytes Anti-Malware 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2012.12.28.09 Windows 7 x64 NTFS Internet Explorer 8.0.7600.16385 Have0 :: HAVE0-PC [administrator] 28-12-2012 17:03:52 mbam-log-2012-12-28 (17-03-52).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 210795 Verstreken tijd: 3 minuut/minuten, 59 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:08:43, on 16-2-2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16700) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\USB_video_device\Utility\RemoteTool\BDARemote.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\Adobe\Reader 9.0\Reader\reader_sl.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: NewShortcut1.lnk = C:\Program Files (x86)\USB_video_device\Utility\RemoteTool\BDARemote.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9277 bytes
-
Kweezie Wabbit en Kape, SUPERBEDANKT en alvast een goed gezond 2013 !!!
-
Beste Kape, het laden van internetpagina's gaat nu als weer vanouds. SUPERBEDANKT. Het is zeker niet de bedoeling dat ik AdwCleaner preventief gebruik in de toekomst ? Adwcleaner schoont "nog dieper op" dan combifix ?
-
Beste Kweezie Wabbit en Kape, bedankt voor jullie hulp en tijd. Nog een goede tweede Kerstdag. Hieronder de logfiles. Misschien maakt het niet uit maar ik heb eerst adwcleaner, daarna hijackthis en als laatste combofix een scan laten uitvoeren. Mijn internet reageert wel sneller nu. Ben benieuwd of en wat jullie nog kunnen vinden. Hartelijk dank Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:00:13, on 26-12-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\brsvc01a.exe C:\WINDOWS\system32\brss01a.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVG\AVG2013\avgnsx.exe C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe C:\Program Files\Pure Networks\Network Magic\nmapp.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 6992 bytes # AdwCleaner v2.103 - Verslag gemaakt op 26/12/2012 om 17:47:39 # Geactualiseerd op 25/12/2012 door Xplode # Besturingssysteem : Microsoft Windows XP Service Pack 3 (32 bits) # Gebruiker : Fam. Haverkamp - FAM-8CE7DC89595 # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Documents and Settings\Fam. Haverkamp\Mijn documenten\Downloads\adwcleaner(1).exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Verwijdert : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Verwijdert : C:\user.js Map Verwijdert : C:\Documents and Settings\All Users\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\Bram\Application Data\AVG Secure Search Map Verwijdert : C:\Documents and Settings\Bram\Application Data\BabylonToolbar Map Verwijdert : C:\Documents and Settings\Bram\Application Data\Mozilla\Firefox\Profiles\wxjdntap.default\extensions\crossriderapp4479@crossrider.com Map Verwijdert : C:\Documents and Settings\Bram\Local Settings\Application Data\ConduitEngine Map Verwijdert : C:\Documents and Settings\Bram\Local Settings\Application Data\uTorrentBar_NL Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Babylon Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\Conduit Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ConduitEngine Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\engine@conduit.com Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\SweetIMToolbarData Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Application Data\Softonic Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Conduit Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\ConduitEngine Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\Giant Savings Map Verwijdert : C:\Documents and Settings\Fam. Haverkamp\Local Settings\Application Data\uTorrentBar_NL Map Verwijdert : C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentBar_NL Map Verwijdert : C:\Documents and Settings\Paula\Application Data\Mozilla\Firefox\Profiles\tgl5jznp.default\extensions\crossriderapp4479@crossrider.com Map Verwijdert : C:\Program Files\Common Files\spigot Map Verwijdert : C:\Program Files\Conduit Map Verwijdert : C:\Program Files\ConduitEngine Map Verwijdert : C:\Program Files\Giant Savings Map Verwijdert : C:\Program Files\Softonic Map Verwijdert : C:\Program Files\uTorrentBar_NL ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\conduitEngine Sleutel Verwijdert : HKCU\Software\Crossrider Sleutel Verwijdert : HKCU\Software\Giant Savings Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{749580F7-A82F-4D1E-9F59-F32EA40C0E5E} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\SweetIM Sleutel Verwijdert : HKCU\Software\uTorrentBar_NL Sleutel Verwijdert : HKLM\Software\Babylon Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.BHO.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.FBApi.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CrossriderApp0004479.Sandbox.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055445579} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446679} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077447779} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Prod.cap Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.dskBnd Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore Sleutel Verwijdert : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc Sleutel Verwijdert : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044444479} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0DCED0A8-7928-40FE-94B4-B03EB8F75EFF} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F03FBDF2-E275-4B81-BD3C-0443C5197A7D} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A7BC02AF-1128-4A31-BCF8-1A3EE803D3B3} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar_NL Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine Sleutel Verwijdert : HKLM\Software\Softonic Sleutel Verwijdert : HKLM\Software\SweetIM Sleutel Verwijdert : HKLM\Software\uTorrentBar_NL Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] ***** [browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com -\\ Mozilla Firefox v4.0 (nl) File : C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\prefs.js C:\Documents and Settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\user.js ... Verwijdert ! Verwijdert : user_pref("CT2504091.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Verwijdert : user_pref("CT2504091.CTID", "CT2504091"); Verwijdert : user_pref("CT2504091.CurrentServerDate", "27-10-2010"); Verwijdert : user_pref("CT2504091.DialogsAlignMode", "LTR"); Verwijdert : user_pref("CT2504091.DownloadReferralCookieData", ""); Verwijdert : user_pref("CT2504091.EMailNotifierPollDate", "Wed Oct 27 2010 22:57:39 GMT+0200"); Verwijdert : user_pref("CT2504091.FeedLastCount129079840422964131", 0); Verwijdert : user_pref("CT2504091.FeedPollDate128891351169457140", "Wed Oct 27 2010 23:22:39 GMT+0200"); Verwijdert : user_pref("CT2504091.FeedPollDate129079840422964131", "Wed Oct 27 2010 19:57:57 GMT+0200"); Verwijdert : user_pref("CT2504091.FeedTTL128891351169457140", 40); Verwijdert : user_pref("CT2504091.FirstServerDate", "27-10-2010"); Verwijdert : user_pref("CT2504091.FirstTime", true); Verwijdert : user_pref("CT2504091.FirstTimeFF3", true); Verwijdert : user_pref("CT2504091.FirstTimeSettingsDone", true); Verwijdert : user_pref("CT2504091.FixPageNotFoundErrors", true); Verwijdert : user_pref("CT2504091.GroupingServerCheckInterval", 1440); Verwijdert : user_pref("CT2504091.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Verwijdert : user_pref("CT2504091.Initialize", true); Verwijdert : user_pref("CT2504091.InitializeCommonPrefs", true); Verwijdert : user_pref("CT2504091.InstallationAndCookieDataSentCount", 1); Verwijdert : user_pref("CT2504091.InstallationType", "UnknownIntegration"); Verwijdert : user_pref("CT2504091.InstalledDate", "Wed Oct 27 2010 19:57:57 GMT+0200"); Verwijdert : user_pref("CT2504091.IsGrouping", false); Verwijdert : user_pref("CT2504091.IsMulticommunity", false); Verwijdert : user_pref("CT2504091.IsOpenThankYouPage", false); Verwijdert : user_pref("CT2504091.IsOpenUninstallPage", false); Verwijdert : user_pref("CT2504091.LanguagePackLastCheckTime", "Wed Oct 27 2010 19:57:59 GMT+0200"); Verwijdert : user_pref("CT2504091.LanguagePackReloadIntervalMM", 1440); Verwijdert : user_pref("CT2504091.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Verwijdert : user_pref("CT2504091.LastLogin_2.7.2.0", "Wed Oct 27 2010 19:57:58 GMT+0200"); Verwijdert : user_pref("CT2504091.LatestVersion", "2.6.0.14"); Verwijdert : user_pref("CT2504091.Locale", "en-us"); Verwijdert : user_pref("CT2504091.LoginCache", 4); Verwijdert : user_pref("CT2504091.MCDetectTooltipHeight", "83"); Verwijdert : user_pref("CT2504091.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Verwijdert : user_pref("CT2504091.MCDetectTooltipWidth", "295"); Verwijdert : user_pref("CT2504091.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Verwijdert : user_pref("CT2504091.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("CT2504091.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT250[...] Verwijdert : user_pref("CT2504091.SearchInNewTabEnabled", true); Verwijdert : user_pref("CT2504091.SearchInNewTabIntervalMM", 1440); Verwijdert : user_pref("CT2504091.SearchInNewTabLastCheckTime", "Wed Oct 27 2010 19:57:59 GMT+0200"); Verwijdert : user_pref("CT2504091.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Verwijdert : user_pref("CT2504091.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Verwijdert : user_pref("CT2504091.SettingsCheckIntervalMin", 120); Verwijdert : user_pref("CT2504091.SettingsLastCheckTime", "Wed Oct 27 2010 19:57:55 GMT+0200"); Verwijdert : user_pref("CT2504091.SettingsLastUpdate", "1286395440"); Verwijdert : user_pref("CT2504091.ThirdPartyComponentsInterval", 504); Verwijdert : user_pref("CT2504091.ThirdPartyComponentsLastCheck", "Wed Oct 27 2010 19:57:54 GMT+0200"); Verwijdert : user_pref("CT2504091.ThirdPartyComponentsLastUpdate", "1246790578"); Verwijdert : user_pref("CT2504091.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...] Verwijdert : user_pref("CT2504091.UserID", "UN68962922702853760"); Verwijdert : user_pref("CT2504091.ValidationData_Search", 0); Verwijdert : user_pref("CT2504091.ValidationData_Toolbar", 0); Verwijdert : user_pref("CT2504091.alertChannelId", "897164"); Verwijdert : user_pref("CT2504091.clientLogIsEnabled", false); Verwijdert : user_pref("CT2504091.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Verwijdert : user_pref("CT2504091.myStuffEnabled", true); Verwijdert : user_pref("CT2504091.myStuffPublihserMinWidth", 400); Verwijdert : user_pref("CT2504091.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Verwijdert : user_pref("CT2504091.myStuffServiceIntervalMM", 1440); Verwijdert : user_pref("CT2504091.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Verwijdert : user_pref("CT2504091.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1257316/1252989/NL", "\"0\"[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/NL", "\"0\"")[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/21/2[...] Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...] Verwijdert : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine"); Verwijdert : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com"); Verwijdert : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine"); Verwijdert : user_pref("CommunityToolbar.IsEngineShown", true); Verwijdert : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com"); Verwijdert : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine"); Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2504091,ConduitEngine"); Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2504091,ConduitEngine"); Verwijdert : user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Mar 23 2011 19:55:03 GMT+01[...] Verwijdert : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Verwijdert : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Aug 17 2011 17:38:55 GMT+0200"); Verwijdert : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.locale", "en"); Verwijdert : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Verwijdert : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu Aug 25 2011 16:32:32 GMT+0200"); Verwijdert : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611"); Verwijdert : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Verwijdert : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Verwijdert : user_pref("CommunityToolbar.alert.showTrayIcon", false); Verwijdert : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Verwijdert : user_pref("CommunityToolbar.alert.userId", "c706c0b8-656d-49e7-a65d-31cc5136d00a"); Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Verwijdert : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Aug 17 2011 16:29:13 GMT+0200"); Verwijdert : user_pref("ConduitEngine.CTID", "ConduitEngine"); Verwijdert : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Aug 23 2011 21:53:15 GMT+0200"); Verwijdert : user_pref("ConduitEngine.FirstServerDate", "03/23/2011 21"); Verwijdert : user_pref("ConduitEngine.FirstTime", true); Verwijdert : user_pref("ConduitEngine.FirstTimeFF3", true); Verwijdert : user_pref("ConduitEngine.FixPageNotFoundErrors", false); Verwijdert : user_pref("ConduitEngine.HasUserGlobalKeys", true); Verwijdert : user_pref("ConduitEngine.Initialize", true); Verwijdert : user_pref("ConduitEngine.InitializeCommonPrefs", true); Verwijdert : user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Verwijdert : user_pref("ConduitEngine.InstalledDate", "Thu Dec 23 2010 07:25:48 GMT+0100"); Verwijdert : user_pref("ConduitEngine.IsMulticommunity", false); Verwijdert : user_pref("ConduitEngine.IsOpenThankYouPage", false); Verwijdert : user_pref("ConduitEngine.IsOpenUninstallPage", false); Verwijdert : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200"); Verwijdert : user_pref("ConduitEngine.LastLogin_3.3.3.2", "Thu Aug 25 2011 16:32:34 GMT+0200"); Verwijdert : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Verwijdert : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Verwijdert : user_pref("ConduitEngine.SettingsLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200"); Verwijdert : user_pref("ConduitEngine.UserID", "UN37020278140083233"); Verwijdert : user_pref("ConduitEngine.engineLocale", "nl"); Verwijdert : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Thu Aug 25 2011 16:32:35 GMT+0200"); Verwijdert : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Thu Aug 25 2011 16:32:36 GMT+0200"); Verwijdert : user_pref("ConduitEngine.initDone", true); Verwijdert : user_pref("ConduitEngine.isAppTrackingManagerOn", true); Verwijdert : user_pref("ConduitEngine.usagesFlag", 2); Verwijdert : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com"); Verwijdert : user_pref("browser.search.defaultengine", "Ask.com"); Verwijdert : user_pref("extensions.BabylonToolbar.admin", false); Verwijdert : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Verwijdert : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Verwijdert : user_pref("extensions.BabylonToolbar.babExt", ""); Verwijdert : user_pref("extensions.BabylonToolbar.babTrack", "tt=261211_ctrl"); Verwijdert : user_pref("extensions.BabylonToolbar.bbDpng", 25); Verwijdert : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Verwijdert : user_pref("extensions.BabylonToolbar.dfltSrch", true); Verwijdert : user_pref("extensions.BabylonToolbar.excTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.hmpg", true); Verwijdert : user_pref("extensions.BabylonToolbar.id", "b03f213b000000000000000c762341da"); Verwijdert : user_pref("extensions.BabylonToolbar.instlDay", "15676"); Verwijdert : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Verwijdert : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109130&tt=261211_ct[...] Verwijdert : user_pref("extensions.BabylonToolbar.lastDP", 25); Verwijdert : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1712:44:47"); Verwijdert : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "9.0"); Verwijdert : user_pref("extensions.BabylonToolbar.newTab", true); Verwijdert : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb"); Verwijdert : user_pref("extensions.BabylonToolbar.noFFXTlbr", false); Verwijdert : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Verwijdert : user_pref("extensions.BabylonToolbar.propectorlck", 66073223); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 1); Verwijdert : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Verwijdert : user_pref("extensions.BabylonToolbar.ptch_0717", true); Verwijdert : user_pref("extensions.BabylonToolbar.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrId", "irhnew"); Verwijdert : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Verwijdert : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1712:44:47"); Verwijdert : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); Verwijdert : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Verwijdert : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.812:10:01"); Verwijdert : user_pref("extensions.Softonic.admin", false); Verwijdert : user_pref("extensions.Softonic.aflt", "SD"); Verwijdert : user_pref("extensions.Softonic.autoRvrt", "false"); Verwijdert : user_pref("extensions.Softonic.cntry", "NL"); Verwijdert : user_pref("extensions.Softonic.cv", "cv5"); Verwijdert : user_pref("extensions.Softonic.dfltLng", "nl"); Verwijdert : user_pref("extensions.Softonic.dfltSrch", true); Verwijdert : user_pref("extensions.Softonic.dspNew", "Search the web (Softonic)"); Verwijdert : user_pref("extensions.Softonic.dspOld", ""); Verwijdert : user_pref("extensions.Softonic.envrmnt", "production"); Verwijdert : user_pref("extensions.Softonic.excTlbr", false); Verwijdert : user_pref("extensions.Softonic.hdrMd5", "FCC2A771C6574F24A7AD7FB7DDDFA34F"); Verwijdert : user_pref("extensions.Softonic.hmpg", true); Verwijdert : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&[...] Verwijdert : user_pref("extensions.Softonic.hpNew", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc[...] Verwijdert : user_pref("extensions.Softonic.hpOld", "hxxp://www.telegraaf.nl/"); Verwijdert : user_pref("extensions.Softonic.id", "b03f213b000000000000000c762341da"); Verwijdert : user_pref("extensions.Softonic.instlDay", "15677"); Verwijdert : user_pref("extensions.Softonic.instlRef", "INF00047"); Verwijdert : user_pref("extensions.Softonic.isdcmntcmplt", true); Verwijdert : user_pref("extensions.Softonic.keyWordUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=[...] Verwijdert : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.423:08:33"); Verwijdert : user_pref("extensions.Softonic.mntrvrsn", "1.3.0"); Verwijdert : user_pref("extensions.Softonic.newTab", true); Verwijdert : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1[...] Verwijdert : user_pref("extensions.Softonic.prdct", "Softonic"); Verwijdert : user_pref("extensions.Softonic.prtnrId", "softonic"); Verwijdert : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...] Verwijdert : user_pref("extensions.Softonic.sg", "az"); Verwijdert : user_pref("extensions.Softonic.smplGrp", "none"); Verwijdert : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); Verwijdert : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive"); Verwijdert : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/INF00047/tb_v1?SearchSource[...] Verwijdert : user_pref("extensions.Softonic.vrsn", "1.6.7.4"); Verwijdert : user_pref("extensions.Softonic.vrsnTs", "1.6.7.423:08:33"); Verwijdert : user_pref("extensions.Softonic.vrsni", "1.6.7.4"); Verwijdert : user_pref("extensions.Softonic_i.dnsErr", true); Verwijdert : user_pref("extensions.Softonic_i.hmpg", true); Verwijdert : user_pref("extensions.Softonic_i.newTab", true); Verwijdert : user_pref("extensions.Softonic_i.smplGrp", "none"); Verwijdert : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.423:08:33"); Verwijdert : user_pref("extensions.funmoods.aflt", "test331"); Verwijdert : user_pref("extensions.funmoods.autoRvrt", false); Verwijdert : user_pref("extensions.funmoods.brwsrsrc", "ietlbr"); Verwijdert : user_pref("extensions.funmoods.cntry", "NL"); Verwijdert : user_pref("extensions.funmoods.cv", "cv5"); Verwijdert : user_pref("extensions.funmoods.dfltLng", ""); Verwijdert : user_pref("extensions.funmoods.dfltSrch", true); Verwijdert : user_pref("extensions.funmoods.dfltlng", "en"); Verwijdert : user_pref("extensions.funmoods.dfltsrch", true); Verwijdert : user_pref("extensions.funmoods.dnsErr", true); Verwijdert : user_pref("extensions.funmoods.envrmnt", "production"); Verwijdert : user_pref("extensions.funmoods.excTlbr", false); Verwijdert : user_pref("extensions.funmoods.hdrMd5", "5422588FD7DBACB1562990A6347EC966"); Verwijdert : user_pref("extensions.funmoods.hmpg", true); Verwijdert : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2[...] Verwijdert : user_pref("extensions.funmoods.hrdid", "000C762341DA213B"); Verwijdert : user_pref("extensions.funmoods.id", "000C762341DA213B"); Verwijdert : user_pref("extensions.funmoods.instlDay", "15619"); Verwijdert : user_pref("extensions.funmoods.instlRef", "test331"); Verwijdert : user_pref("extensions.funmoods.instlday", "15619"); Verwijdert : user_pref("extensions.funmoods.instlref", "test331"); Verwijdert : user_pref("extensions.funmoods.isdcmntcmplt", true); Verwijdert : user_pref("extensions.funmoods.keywordurl", ""); Verwijdert : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2213:23:13"); Verwijdert : user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); Verwijdert : user_pref("extensions.funmoods.newTab", true); Verwijdert : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd[...] Verwijdert : user_pref("extensions.funmoods.newtab", true); Verwijdert : user_pref("extensions.funmoods.newtaburl", "hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd[...] Verwijdert : user_pref("extensions.funmoods.prdct", "funmoods"); Verwijdert : user_pref("extensions.funmoods.prtnrId", "funmoods"); Verwijdert : user_pref("extensions.funmoods.prtnrid", "funmoods"); Verwijdert : user_pref("extensions.funmoods.savedVrsnTs", "1"); Verwijdert : user_pref("extensions.funmoods.sg", "none"); Verwijdert : user_pref("extensions.funmoods.smplGrp", "none"); Verwijdert : user_pref("extensions.funmoods.smplgrp", "none"); Verwijdert : user_pref("extensions.funmoods.srch", ""); Verwijdert : user_pref("extensions.funmoods.srchPrvdr", "Search"); Verwijdert : user_pref("extensions.funmoods.srchprvdr", "Search"); Verwijdert : user_pref("extensions.funmoods.tlbrId", "base"); Verwijdert : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&[...] Verwijdert : user_pref("extensions.funmoods.tlbrid", "base"); Verwijdert : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&[...] Verwijdert : user_pref("extensions.funmoods.vrsn", "1.5.23.22"); Verwijdert : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2213:23:13"); Verwijdert : user_pref("extensions.funmoods.vrsni", "1.5.23.22"); Verwijdert : user_pref("extensions.funmoods.vrsnts", "1.5.23.2213:23:13"); Verwijdert : user_pref("extensions.funmoods_i.newTab", true); Verwijdert : user_pref("extensions.funmoods_i.smplGrp", "none"); Verwijdert : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2213:23:13"); Verwijdert : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...] Verwijdert : user_pref("extensions.wajam.affiliate_id", "1401"); Verwijdert : user_pref("extensions.wajam.firstrun", "false"); Verwijdert : user_pref("extensions.wajam.log_info_only_error", "false"); Verwijdert : user_pref("extensions.wajam.log_send_info", "true"); Verwijdert : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21078\",\"supported_sites\":{\[...] Verwijdert : user_pref("extensions.wajam.server_current_mapping_version", "0.21078"); Verwijdert : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...] Verwijdert : user_pref("extensions.wajam.trace_log", "1329414887323 - processDOMLoad - mappingList after parse: [[...] Verwijdert : user_pref("extensions.wajam.unique_id", "01C77991A50A11D0869A3421CD4408F9"); Verwijdert : user_pref("extensions.wajam.user_current_mapping_version", "0"); Verwijdert : user_pref("extensions.wajam.version", "1.22"); Verwijdert : user_pref("extensions.wajam.website_version", "1.00211"); Verwijdert : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Verwijdert : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Verwijdert : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Verwijdert : user_pref("sweetim.toolbar.mode.debug", "false"); Verwijdert : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Verwijdert : user_pref("sweetim.toolbar.search.history.capacity", "10"); Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "true"); Verwijdert : user_pref("sweetim.toolbar.simapp_id", "{1B162F4F-C7C1-4F7F-8F6D-7B63AA87779D}"); File : C:\Documents and Settings\Bram\Application Data\Mozilla\Firefox\Profiles\wxjdntap.default\prefs.js Verwijdert : user_pref("avg.install.installDirPath", "C:\\Documents and Settings\\All Users\\Application Data\\AV[...] Verwijdert : user_pref("browser.search.defaultenginename", "AVG Secure Search"); Verwijdert : user_pref("browser.search.selectedEngine", "AVG Secure Search"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1349535277); Verwijdert : user_pref("extensions.crossriderapp4479.4479.active", true); Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbar", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.affid", "0"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundver", 7); Verwijdert : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true); Verwijdert : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.changeprevious", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1349535277"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1349535277"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Fri Dec 14 2012 17:[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Tue Dec 18 2012 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22NL%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1355502347"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1349535360086"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%2290535%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1349535319201"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.domain", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.emailsig", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.enablesearch", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.exposesites", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.group", 0); Verwijdert : user_pref("extensions.crossriderapp4479.4479.homepage", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.iframe", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "44"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Fri Dec 14[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22re[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.manifesturl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.newtab", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.opensearch", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 7); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 4); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"u[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 4); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,47,1000015"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 17); Verwijdert : user_pref("extensions.crossriderapp4479.4479.premium", true); Verwijdert : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0); Verwijdert : user_pref("extensions.crossriderapp4479.4479.setnewtab", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.settingsurl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.thankyou", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360); Verwijdert : user_pref("extensions.crossriderapp4479.4479.ver", 44); Verwijdert : user_pref("extensions.crossriderapp4479.apps", "4479"); Verwijdert : user_pref("extensions.crossriderapp4479.bic", "13a36921f853f5a2873a651ba22aad60"); Verwijdert : user_pref("extensions.crossriderapp4479.cid", 4479); Verwijdert : user_pref("extensions.crossriderapp4479.firstrun", false); Verwijdert : user_pref("extensions.crossriderapp4479.hadappinstalled", true); Verwijdert : user_pref("extensions.crossriderapp4479.installationdate", 1349535277); Verwijdert : user_pref("extensions.crossriderapp4479.lastcheck", 22591706); Verwijdert : user_pref("extensions.crossriderapp4479.lastcheckitem", 22591706); Verwijdert : user_pref("extensions.crossriderapp4479.misc.lastBgWorkerTimer", "1349561507283"); Verwijdert : user_pref("extensions.crossriderapp4479.misc.lastDomWorkerTimer", "1349561507275"); Verwijdert : user_pref("extensions.crossriderapp4479.modetype", "production"); Verwijdert : user_pref("extensions.enabledAddons", "4zffxtbr%40VideoDownloadConverter_4z.com:2.71.0.60687,crossri[...] Verwijdert : user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jh[...] Verwijdert : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid=%7Bf9e33cd0-78dd-4154-9a49-fb007ad4322a%[...] File : C:\Documents and Settings\Paula\Application Data\Mozilla\Firefox\Profiles\tgl5jznp.default\prefs.js Verwijdert : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1354548037); Verwijdert : user_pref("extensions.crossriderapp4479.4479.active", true); Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbar", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.addressbarenhanced", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.backgroundver", 7); Verwijdert : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true); Verwijdert : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.changeprevious", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1354548037"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1354548037"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Fri Dec 21 2012 07:[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Fri Dec 28 2012 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22NL%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1356072346"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 0[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.value", "%221356061426%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%2[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1354548175495"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%22114825%22"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1354548139039"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.expiration", "Fri Feb 01 2030 00:00:[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.cookie.lastrequest.value", "%7B%22path%22%3A%22/nl/Thom[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons dis[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.domain", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.enablesearch", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.fbremoteurl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.group", 0); Verwijdert : user_pref("extensions.crossriderapp4479.4479.homepage", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.iframe", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "47"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb [...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Fri Dec 21[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.manifesturl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.newtab", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.opensearch", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 8); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 4); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=f[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.code", "(function(f){var u={};var e=M[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.name", "FacebookFFIE"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_15.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"u[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 4); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefine[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlug[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 2); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 3); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=func[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.code", "(function(){var h=\"__CR_EMPT[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.name", "appApiMessage"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.code", "if(appAPI.__should_activate_v[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.name", "appApiValidation"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.ver", 1); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "17,14,16,64,72,47,1000015"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,13,16,15,64,72,4,1,21,[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...] Verwijdert : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 20); Verwijdert : user_pref("extensions.crossriderapp4479.4479.publisher", "215 Apps"); Verwijdert : user_pref("extensions.crossriderapp4479.4479.searchstatus", 0); Verwijdert : user_pref("extensions.crossriderapp4479.4479.setnewtab", false); Verwijdert : user_pref("extensions.crossriderapp4479.4479.settingsurl", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.thankyou", ""); Verwijdert : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360); Verwijdert : user_pref("extensions.crossriderapp4479.4479.ver", 47); Verwijdert : user_pref("extensions.crossriderapp4479.adsOldValue", -1); Verwijdert : user_pref("extensions.crossriderapp4479.apps", "4479"); Verwijdert : user_pref("extensions.crossriderapp4479.bic", "13b615ac6f8a0e5e264b550be848c5ac"); Verwijdert : user_pref("extensions.crossriderapp4479.cid", 4479); Verwijdert : user_pref("extensions.crossriderapp4479.firstrun", false); Verwijdert : user_pref("extensions.crossriderapp4479.hadappinstalled", true); Verwijdert : user_pref("extensions.crossriderapp4479.installationdate", 1354548037); Verwijdert : user_pref("extensions.crossriderapp4479.lastcheck", 22601206); Verwijdert : user_pref("extensions.crossriderapp4479.lastcheckitem", 22601249); Verwijdert : user_pref("extensions.crossriderapp4479.modetype", "production"); Verwijdert : user_pref("extensions.crossriderapp4479.reportInstall", true); Verwijdert : user_pref("extensions.enabledAddons", "crossriderapp4479%40crossrider.com:0.86.44,%7B972ce4c6-7e08-4[...] ************************* AdwCleaner[s1].txt - [59633 octets] - [26/12/2012 17:47:39] ########## EOF - C:\AdwCleaner[s1].txt - [59694 octets] ########## ComboFix 12-12-25.02 - Fam. Haverkamp 26-12-2012 18:08:35.14.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1612 [GMT 1:00] Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-26 to 2012-12-26 )))))))))))))))))))))))))))))) . . 2012-12-22 19:16 . 2012-12-23 20:26 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend 2012-12-22 13:39 . 2012-12-22 13:39 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DDMSettings 2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013 2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI 2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI 2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn 2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn 2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO 2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll 2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects 2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft 2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys 2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013 2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software 2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013 2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013 2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData 2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO 2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared 2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN 2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free 2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z 2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX 2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX 2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX 2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages 2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft 2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll 2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll 2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll 2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll 2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll 2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys 2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys 2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys 2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll 2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT 2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll 2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll 2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec 2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT 2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT 2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT 2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT 2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT 2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT 2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll 2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys 2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys 2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk backup=c:\windows\pss\Statusvenster.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] 2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] 2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 (0x2) "AdvancedSystemCareService5"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"= "c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832] R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664] R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?] . Inhoud van de 'Gedeelde Taken' map . 2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ mStart Page = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/ FF - ExtSQL: 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5 . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-12-26 18:19 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ . [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(2464) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-12-26 18:24:28 ComboFix-quarantined-files.txt 2012-12-26 17:24 ComboFix2.txt 2012-12-23 20:16 ComboFix3.txt 2012-12-23 10:55 ComboFix4.txt 2012-12-22 11:19 ComboFix5.txt 2012-12-26 17:05 . Pre-Run: 17.849.163.776 bytes beschikbaar Post-Run: 17.822.588.928 bytes beschikbaar . - - End Of File - - BFC21250ACB6D4E9F8333C0EA46F59C5
-
Beste Kape, ik heb beiden in de veilige modus uitgevoerd. Als het goed is hieronder beide logfiles. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:18:13, on 23-12-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Safe mode Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\WINDOWS\system32\ctfmon.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Nieuws | Altijd op de hoogte van het laatste nieuws met Telegraaf.nl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [ChkAdmin] C:\PROGRA~1\Compaq\COMPAQ~1\CHKADMIN.EXE O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [nmctxth] "C:\Program Files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Common Files\logishrd\WUApp32.exe -v 0x046d -p 0x08c5 -f video -m logitech -d 11.0.0.1217 (User 'Default user') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Onderzoek - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file) O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe O23 - Service: Compaq Local Alerter (CPQALERT) - Hewlett-Packard Company - C:\Program Files\Compaq\Compaq Management Agents\cpqalert.exe O23 - Service: cpqdmi - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\cpqdmi.exe O23 - Service: Compaq DMI Web Agent (cpqWebDmi) - Compaq Computer Corporation - C:\PROGRA~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe O23 - Service: Pure Networks Platform Service (nmservice) - Cisco Systems, Inc. - C:\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe O23 - Service: Win32Sl (WIN32SL) - Intel - C:\Program Files\Compaq\Compaq Management Agents\Dmi\Win32\bin\Win32sl.exe -- End of file - 5632 bytes ComboFix 12-12-22.02 - Fam. Haverkamp 23-12-2012 20:59:27.13.1 - x86 MINIMAL Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1767 [GMT 1:00] Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Fam. Haverkamp\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-23 to 2012-12-23 )))))))))))))))))))))))))))))) . . 2012-12-22 19:16 . 2012-12-23 19:53 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend 2012-12-22 13:39 . 2012-12-22 13:39 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DDMSettings 2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013 2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI 2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI 2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn 2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn 2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO 2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll 2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects 2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft 2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys 2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013 2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software 2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013 2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013 2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData 2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO 2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared 2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN 2012-12-03 22:07 . 2012-12-03 22:07 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\Softonic 2012-12-03 22:06 . 2012-12-03 22:06 -------- dc----w- c:\program files\Softonic 2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free 2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z 2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX 2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX 2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX 2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages 2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft 2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll 2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll 2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll 2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll 2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AnvSoft 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\program files\AnvSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll 2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys 2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys 2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys 2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll 2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT 2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll 2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll 2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec 2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT 2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT 2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT 2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT 2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT 2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT 2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll 2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys 2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys 2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk backup=c:\windows\pss\Statusvenster.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] 2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] 2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 (0x2) "AdvancedSystemCareService5"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"= "c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936] S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832] S1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272] S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576] S2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?] S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360] . Inhoud van de 'Gedeelde Taken' map . 2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ mStart Page = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/ FF - ExtSQL: 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049&q= FF - user.js: extensions.funmoods.id - 000C762341DA213B FF - user.js: extensions.funmoods.instlDay - 15619 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:23 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - test331 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - test331 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b03f213b000000000000000c762341da&q= FF - user.js: extensions.BabylonToolbar.id - b03f213b000000000000000c762341da FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15676 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.812:10 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic_i.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.hpOld - hxxp://www.telegraaf.nl/ FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.Softonic.dspOld - FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic) FF - user.js: extensions.Softonic_i.dnsErr - true FF - user.js: extensions.Softonic_i.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.Softonic.id - b03f213b000000000000000c762341da FF - user.js: extensions.Softonic.instlDay - 15677 FF - user.js: extensions.Softonic.vrsn - 1.6.7.4 FF - user.js: extensions.Softonic.vrsni - 1.6.7.4 FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:08 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic_i.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive FF - user.js: extensions.Softonic.instlRef - INF00047 FF - user.js: extensions.Softonic.dfltLng - nl FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.admin - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-12-23 21:12 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ . [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(828) c:\windows\system32\msi.dll . Voltooingstijd: 2012-12-23 21:16:16 ComboFix-quarantined-files.txt 2012-12-23 20:16 ComboFix2.txt 2012-12-23 10:55 ComboFix3.txt 2012-12-22 11:19 ComboFix4.txt 2012-12-22 09:36 ComboFix5.txt 2012-12-23 19:56 . Pre-Run: 17.754.263.552 bytes beschikbaar Post-Run: 17.754.689.536 bytes beschikbaar . - - End Of File - - 7AEA9D2B9624DB9EC301085F7BA4324C
-
Beste Kape, zoals je ziet ben ik maar een leek nogmaals excuses. Ik heb nu inderdaad CFScript versleept en op icoon van Combifix losgelaten. Er werd wel aangegeven:"kan de uitgever niet bevestigen weet u zeker dat u deze software wil uitvoeren uitpakken?" Hopelijk is het toch goed gegaan. Combifix gaf automatisch onderstaand logfile. Hopelijk is het goed gegaan nu ? ComboFix 12-12-22.02 - Fam. Haverkamp 23-12-2012 11:40:12.12.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1569 [GMT 1:00] Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe gebruikte Opdracht switches :: c:\documents and settings\Fam. Haverkamp\Bureaublad\CFScript.txt AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-23 to 2012-12-23 )))))))))))))))))))))))))))))) . . 2012-12-22 19:16 . 2012-12-23 10:33 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend 2012-12-22 13:39 . 2012-12-22 13:39 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DDMSettings 2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013 2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI 2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI 2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn 2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn 2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO 2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll 2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects 2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft 2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys 2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013 2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software 2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013 2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013 2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData 2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO 2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared 2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN 2012-12-03 22:07 . 2012-12-03 22:07 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\Softonic 2012-12-03 22:06 . 2012-12-03 22:06 -------- dc----w- c:\program files\Softonic 2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free 2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z 2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX 2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX 2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX 2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages 2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft 2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll 2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll 2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll 2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll 2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AnvSoft 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\program files\AnvSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll 2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys 2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys 2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys 2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll 2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT 2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll 2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll 2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec 2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT 2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT 2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT 2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT 2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT 2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT 2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll 2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys 2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys 2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk backup=c:\windows\pss\Statusvenster.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] 2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] 2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 (0x2) "AdvancedSystemCareService5"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"= "c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832] R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664] R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?] . Inhoud van de 'Gedeelde Taken' map . 2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ mStart Page = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/ FF - ExtSQL: 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049&q= FF - user.js: extensions.funmoods.id - 000C762341DA213B FF - user.js: extensions.funmoods.instlDay - 15619 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:23 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - test331 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - test331 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b03f213b000000000000000c762341da&q= FF - user.js: extensions.BabylonToolbar.id - b03f213b000000000000000c762341da FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15676 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.812:10 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic_i.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.hpOld - hxxp://www.telegraaf.nl/ FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.Softonic.dspOld - FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic) FF - user.js: extensions.Softonic_i.dnsErr - true FF - user.js: extensions.Softonic_i.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.Softonic.id - b03f213b000000000000000c762341da FF - user.js: extensions.Softonic.instlDay - 15677 FF - user.js: extensions.Softonic.vrsn - 1.6.7.4 FF - user.js: extensions.Softonic.vrsni - 1.6.7.4 FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:08 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic_i.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive FF - user.js: extensions.Softonic.instlRef - INF00047 FF - user.js: extensions.Softonic.dfltLng - nl FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.admin - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-12-23 11:50 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ . [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(1088) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Voltooingstijd: 2012-12-23 11:55:01 ComboFix-quarantined-files.txt 2012-12-23 10:54 ComboFix2.txt 2012-12-22 11:19 ComboFix3.txt 2012-12-22 09:36 ComboFix4.txt 2012-12-21 18:26 . Pre-Run: 19.341.090.816 bytes beschikbaar Post-Run: 19.342.860.288 bytes beschikbaar . - - End Of File - - F5EECC43F7DC7EC77E24ED577A7F24BB
-
Sorry Kape, als het goed is is de onderstaande de goede log ComboFix 12-12-22.01 - Fam. Haverkamp 22-12-2012 12:07:17.11.1 - x86 Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.2039.1560 [GMT 1:00] Gestart vanuit: c:\documents and settings\Fam. Haverkamp\Bureaublad\ComboFix.exe AV: AVG Anti-Virus Free Edition 2013 *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF} . . (((((((((((((((((((( Bestanden Gemaakt van 2012-11-22 to 2012-12-22 )))))))))))))))))))))))))))))) . . 2012-12-22 08:12 . 2012-12-22 09:17 -------- dc-h--r- c:\documents and settings\Fam. Haverkamp\Onlangs geopend 2012-12-21 06:45 . 2012-12-21 06:45 -------- dc----w- c:\documents and settings\Paula\Application Data\AVG2013 2012-12-21 06:44 . 2012-12-21 06:44 -------- dc----w- c:\documents and settings\Paula\Local Settings\Application Data\Avg2013 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\WinAVI 2012-12-17 18:30 . 2012-12-17 18:30 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\WinAVI 2012-12-17 18:29 . 2012-12-17 18:29 -------- dc----w- c:\program files\WinAVI 2012-12-16 15:51 . 2012-12-16 16:08 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\ImgBurn 2012-12-16 15:50 . 2012-12-16 15:50 -------- dc----w- c:\program files\ImgBurn 2012-12-16 15:30 . 2012-12-16 15:42 -------- dc----w- c:\program files\AnyToISO 2012-12-16 10:24 . 2005-06-21 15:49 167936 -c--a-w- c:\windows\system32\igfxres.dll 2012-12-15 16:50 . 2012-12-15 16:50 -------- dc----w- c:\program files\Smart Projects 2012-12-15 15:01 . 2012-12-15 15:01 -------- dc----w- c:\program files\Alcohol Soft 2012-12-15 14:57 . 2012-12-15 14:57 477240 -c--a-w- c:\windows\system32\drivers\sptd.sys 2012-12-14 19:31 . 2012-12-14 19:31 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AVG2013 2012-12-14 18:51 . 2012-12-14 18:51 -------- dc----w- c:\windows\system32\config\systemprofile\Application Data\AVG2013 2012-12-14 18:49 . 2012-12-14 18:49 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\TuneUp Software 2012-12-14 18:33 . 2012-12-14 18:51 -------- dc----w- c:\documents and settings\All Users\Application Data\AVG2013 2012-12-14 18:22 . 2012-12-15 12:26 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\Avg2013 2012-12-14 18:22 . 2012-12-14 18:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Local Settings\Application Data\MFAData 2012-12-09 15:55 . 2012-12-09 15:55 -------- dc----w- c:\program files\MagicISO 2012-12-07 16:13 . 2012-12-07 16:16 -------- dc----w- c:\program files\Common Files\DivX Shared 2012-12-04 17:00 . 2012-03-01 12:32 1775732 -c--a-w- c:\documents and settings\Fam. Haverkamp\E360K_F050_DSP-E360RU-1002.0.BIN 2012-12-03 22:07 . 2012-12-03 22:07 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\Softonic 2012-12-03 22:06 . 2012-12-03 22:06 -------- dc----w- c:\program files\Softonic 2012-12-03 22:02 . 2012-12-03 22:02 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\4Free 2012-12-03 20:45 . 2012-12-03 20:45 -------- dc----w- c:\program files\Video Download Converter 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\VideoDownloadConverter_4z 2012-12-03 20:44 . 2012-12-03 20:44 -------- dc----w- c:\program files\VideoDownloadConverter_4z 2012-12-03 19:07 . 2012-12-07 16:16 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\DivX 2012-12-03 18:59 . 2012-12-07 16:17 -------- dc----w- c:\program files\DivX 2012-12-03 18:58 . 2012-12-07 16:17 -------- dc----w- c:\documents and settings\All Users\Application Data\DivX 2012-12-02 11:10 . 2012-12-02 11:10 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\FLVPlayerPackages 2012-12-01 19:11 . 2012-12-03 17:22 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\.minecraft 2012-12-01 17:56 . 2002-10-30 12:14 274432 -c--a-w- c:\windows\system32\NCTAudioPlayer.dll 2012-12-01 17:56 . 2002-11-15 12:17 892928 -c--a-w- c:\windows\system32\NCTAudioInformation.dll 2012-12-01 17:56 . 2002-11-13 10:14 1703936 -c--a-w- c:\windows\system32\NCTAudioFile.dll 2012-12-01 17:56 . 2002-09-06 10:36 233472 -c--a-w- c:\windows\system32\lame_enc.dll 2012-12-01 17:56 . 2012-12-01 17:58 -------- dc----w- c:\program files\Ace MP3 To WAV Converter 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\documents and settings\Fam. Haverkamp\Application Data\AnvSoft 2012-11-25 18:40 . 2012-11-25 18:40 -------- dc----w- c:\program files\AnvSoft . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-16 12:23 . 2008-04-15 12:00 290560 -c--a-w- c:\windows\system32\atmfd.dll 2012-11-21 16:35 . 2012-10-06 10:29 87608 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\inst.exe 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\windows\system32\drivers\pcouffin.sys 2012-11-21 16:35 . 2010-07-06 15:55 47360 -c--a-w- c:\documents and settings\Fam. Haverkamp\Application Data\pcouffin.sys 2012-11-19 15:50 . 2012-11-19 15:50 18816 -c--a-w- c:\windows\system32\drivers\dvd43llh.sys 2012-11-13 20:29 . 2012-11-13 20:29 354216 -c--a-w- c:\windows\system32\DivXControlPanelApplet.cpl 2012-11-13 11:55 . 2008-04-15 12:00 1866496 -c--a-w- c:\windows\system32\win32k.sys 2012-11-02 02:03 . 2008-04-15 12:00 375296 -c--a-w- c:\windows\system32\dpnet.dll 2012-11-01 17:08 . 2012-11-01 17:08 1409 -c--a-w- c:\windows\system32\tmpE70C7.FOT 2012-11-01 12:12 . 2008-04-15 12:00 916992 -c--a-w- c:\windows\system32\wininet.dll 2012-11-01 12:12 . 2008-04-15 12:00 43520 -c----w- c:\windows\system32\licmgr10.dll 2012-11-01 12:12 . 2008-04-15 12:00 1469440 -c----w- c:\windows\system32\inetcpl.cpl 2012-11-01 00:35 . 2008-04-15 12:00 385024 -c----w- c:\windows\system32\html.iec 2012-10-31 15:20 . 2012-10-31 15:20 1409 -c--a-w- c:\windows\system32\tmpEBFA2.FOT 2012-10-27 15:53 . 2012-10-27 15:53 1409 -c--a-w- c:\windows\system32\tmp2FDEB.FOT 2012-10-27 08:07 . 2012-10-27 08:07 1409 -c--a-w- c:\windows\system32\tmpEE978.FOT 2012-10-27 07:44 . 2012-10-27 07:44 1409 -c--a-w- c:\windows\system32\tmp16DF2.FOT 2012-10-22 15:44 . 2012-10-22 15:44 1409 -c--a-w- c:\windows\system32\tmpBEAAA.FOT 2012-10-22 15:23 . 2012-10-22 15:23 1409 -c--a-w- c:\windows\system32\tmp61777.FOT 2012-10-22 12:02 . 2011-12-23 11:32 179936 -c--a-w- c:\windows\system32\drivers\avgidsdriverx.sys 2012-10-15 02:48 . 2012-04-19 02:50 55776 -c--a-w- c:\windows\system32\drivers\avgidshx.sys 2012-10-05 02:32 . 2011-08-08 05:08 93536 -c--a-w- c:\windows\system32\drivers\avgmfx86.sys 2012-10-02 18:04 . 2008-04-15 12:00 58368 -c--a-w- c:\windows\system32\synceng.dll 2012-10-02 02:30 . 2011-10-07 05:23 159712 -c--a-w- c:\windows\system32\drivers\avgldx86.sys 2012-09-29 17:54 . 2010-02-17 19:07 22856 -c--a-w- c:\windows\system32\drivers\mbam.sys 2012-12-06 18:38 . 2012-12-06 18:37 262112 -c--a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" [2012-01-05 75624] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2002-08-13 81920] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-18 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-18 40960] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-09-27 59240] "nmctxth"="c:\program files\Common Files\Pure Networks Shared\Platform\nmctxth.exe" [2009-07-07 647216] "nmapp"="c:\program files\Pure Networks\Network Magic\nmapp.exe" [2009-07-08 472112] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2005-06-21 155648] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2005-06-21 126976] "AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-06 3143800] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-15 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WUAppSetup"="c:\program files\Common Files\logishrd\WUApp32.exe" [2007-05-11 441120] . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Bluetooth Manager.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Bluetooth Manager.lnk backup=c:\windows\pss\Bluetooth Manager.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Statusvenster.lnk] path=c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\Statusvenster.lnk backup=c:\windows\pss\Statusvenster.lnkCommon Startup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2012-07-11 19:00 919008 -c--a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2012-07-31 11:20 38872 -c--a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BluetoothAuthenticationAgent] 2008-04-15 12:00 110592 -c--a-w- c:\windows\system32\bthprops.cpl . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter2.0] 2005-05-17 16:42 933888 -c----w- c:\program files\Brother\ControlCenter2\brctrcen.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-15 12:00 15360 ----a-w- c:\windows\system32\ctfmon.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXMediaServer] 2012-11-13 18:13 450560 -c--a-w- c:\program files\DivX\DivX Media Server\DivXMediaServer.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2012-11-30 02:06 1263512 -c--a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dvd43] 2009-10-23 18:34 827904 -c--a-w- c:\program files\dvd43\DVD43_Tray.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager] 2010-10-12 12:56 979328 -c--a-w- c:\program files\EPSON Software\Event Manager\EEventManager.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2010-11-29 16:38 421888 -c--a-w- c:\program files\QuickTime\QTTask.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SetDefPrt] 2005-01-26 16:02 49152 -c----w- c:\program files\Brother\Brmfl05a\BrStDvPt.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "vToolbarUpdater"=2 (0x2) "AdvancedSystemCareService5"=2 (0x2) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-j7SRa5z2T4.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\SweetImSetup.exe"= "c:\\Documents and Settings\\Fam. Haverkamp\\Mijn documenten\\Downloads\\solutoinstaller-Xc32NqTd17.exe"= "c:\\Program Files\\EPSON Software\\Event Manager\\EEventManager.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"= "c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe"= c:\program files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe:LocalSubNet,0.0.0.0/255.255.255.255:Enabled:Pure Networks Platform Service . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management . R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [19-4-2012 3:50 55776] R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [21-9-2012 3:46 177376] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [13-9-2011 6:30 35552] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [23-12-2011 12:32 179936] R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [23-12-2011 12:32 19936] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [7-10-2011 6:23 159712] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [11-7-2011 1:14 164832] R1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\drivers\Clntmgmt.sys [17-2-2010 10:56 54272] R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [14-5-2009 17:07 759048] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2013\avgwdsvc.exe [22-10-2012 13:05 196664] R2 PfFilter;PfFilter;c:\program files\IObit\Protected Folder\pffilter.sys [19-8-2011 19:40 140848] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [6-7-2010 16:55 47360] S2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG2013\avgidsagent.exe [6-11-2012 19:00 5814392] S2 AxAutoMntSrv;Alcohol Virtual Drive Auto-mount Service;c:\program files\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [5-1-2012 16:42 75624] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [17-2-2010 10:56 24576] S3 cpuz135;cpuz135;\??\c:\windows\TEMP\cpuz135\cpuz135_x32.sys --> c:\windows\TEMP\cpuz135\cpuz135_x32.sys [?] S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt --> h:\everest ultimate edition 4.60 build 1500\kerneld.wnt [?] . Inhoud van de 'Gedeelde Taken' map . 2012-12-18 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 10:34] . . ------- Bijkomende Scan ------- . uStart Page = hxxp://www.telegraaf.nl/ mStart Page = hxxp://www.google.com IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 212.54.40.25 212.54.35.25 FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.telegraaf.nl/ FF - ExtSQL: 2012-12-03 21:44; 4zffxtbr@VideoDownloadConverter_4z.com; c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\4zffxtbr@VideoDownloadConverter_4z.com FF - ExtSQL: 2012-12-03 23:06; ffxtlbra@softonic.com; c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\ffxtlbra@softonic.com FF - ExtSQL: 2012-12-07 17:16; {23fcfd51-4958-4f00-80a3-ae97e717ed8b}; c:\program files\DivX\DivX Plus Web Player\firefox\DivXHTML5 FF - ExtSQL: !HIDDEN! 2012-12-03 21:45; 4zffxtbr@VideoDownloadConverter_4z.com; c:\program files\VideoDownloadConverter_4z\bar\1.bin FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2XzutBtFtCtFtBtFtAtAtC&cr=1826531049&q= FF - user.js: extensions.funmoods.id - 000C762341DA213B FF - user.js: extensions.funmoods.instlDay - 15619 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:23 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - test331 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - test331 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b03f213b000000000000000c762341da&q= FF - user.js: extensions.BabylonToolbar.id - b03f213b000000000000000c762341da FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15676 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.812:10 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic_i.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.hpOld - hxxp://www.telegraaf.nl/ FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.Softonic.dspOld - FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic) FF - user.js: extensions.Softonic_i.dnsErr - true FF - user.js: extensions.Softonic_i.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.Softonic.id - b03f213b000000000000000c762341da FF - user.js: extensions.Softonic.instlDay - 15677 FF - user.js: extensions.Softonic.vrsn - 1.6.7.4 FF - user.js: extensions.Softonic.vrsni - 1.6.7.4 FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:08 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic_i.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive FF - user.js: extensions.Softonic.instlRef - INF00047 FF - user.js: extensions.Softonic.dfltLng - nl FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.admin - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-12-22 12:15 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\EverestDriver] "ImagePath"="\??\h:\everest ultimate edition 4.60 build 1500\kerneld.wnt" . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,47,e8,b9,cb,c6,54,bd,4d,8f,86,35,\ . [HKEY_USERS\S-1-5-21-1123561945-299502267-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{1BBBAAD5-B106-1DF8-17B6-3C5537D0C8BC}*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–}|ÿÿÿÿÀ•}|ù•9~*] "3140110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL" . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'explorer.exe'(3828) c:\windows\system32\msi.dll c:\windows\system32\webcheck.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll c:\program files\Epson Software\Easy Photo Print\EPTBL.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll c:\program files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.NLD . Voltooingstijd: 2012-12-22 12:19:18 ComboFix-quarantined-files.txt 2012-12-22 11:19 ComboFix2.txt 2012-12-22 09:36 ComboFix3.txt 2012-12-21 18:26 . Pre-Run: 19.302.830.080 bytes beschikbaar Post-Run: 19.302.223.872 bytes beschikbaar . - - End Of File - - 13349F6D7043803F2B534E0C8B27EFE7
-
Beste Kape, hieronder vind u de logfile. Firefox:: FF - ProfilePath - c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\ FF - ExtSQL: 2012-12-03 23:06; ffxtlbra@softonic.com; c:\documents and settings\Fam. Haverkamp\Application Data\Mozilla\Firefox\Profiles\75il4gpn.default\extensions\ffxtlbra@softonic.com FF - user.js: extensions.funmoods.hmpg - true FF - user.js: extensions.funmoods.hmpgUrl - hxxp://searchfunmoods.com/?f=1&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2 XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.dfltSrch - true FF - user.js: extensions.funmoods.srchPrvdr - Search FF - user.js: extensions.funmoods.dnsErr - true FF - user.js: extensions.funmoods_i.newTab - true FF - user.js: extensions.funmoods.newTabUrl - hxxp://searchfunmoods.com/?f=2&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2 XzutBtFtCtFtBtFtAtAtC&cr=1826531049 FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://searchfunmoods.com/?f=3&a=test331&chnl=test331&cd=2XzuyEtN2Y1L1QzutDtDtD0CyByCtBtAyEtC0D0AtBtCtA0BtN0D0Tzu0CtBzztDtN1L2 XzutBtFtCtFtBtFtAtAtC&cr=1826531049&q= FF - user.js: extensions.funmoods.id - 000C762341DA213B FF - user.js: extensions.funmoods.instlDay - 15619 FF - user.js: extensions.funmoods.vrsn - 1.5.23.22 FF - user.js: extensions.funmoods.vrsni - 1.5.23.22 FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2213:23 FF - user.js: extensions.funmoods.prtnrId - funmoods FF - user.js: extensions.funmoods.prdct - funmoods FF - user.js: extensions.funmoods.aflt - test331 FF - user.js: extensions.funmoods_i.smplGrp - none FF - user.js: extensions.funmoods.tlbrId - base FF - user.js: extensions.funmoods.instlRef - test331 FF - user.js: extensions.funmoods.dfltLng - FF - user.js: extensions.funmoods.excTlbr - false FF - user.js: extensions.funmoods.autoRvrt - false FF - user.js: extensions.funmoods.envrmnt - production FF - user.js: extensions.funmoods.isdcmntcmplt - true FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0 FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=b03f213b000000000000000c762341da&q= FF - user.js: extensions.BabylonToolbar.id - b03f213b000000000000000c762341da FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB} FF - user.js: extensions.BabylonToolbar.instlDay - 15676 FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8 FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.812:10 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - irhnew FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic_i.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.hpOld - hxxp://www.telegraaf.nl/ FF - user.js: extensions.Softonic.hpNew - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=13&cc= FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.keyWordUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=2&cc=&q= FF - user.js: extensions.Softonic.dspOld - FF - user.js: extensions.Softonic.dspNew - Search the web (Softonic) FF - user.js: extensions.Softonic_i.dnsErr - true FF - user.js: extensions.Softonic_i.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=15&cc= FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/INF00047/tb_v1?SearchSource=1&cc=&q= FF - user.js: extensions.Softonic.id - b03f213b000000000000000c762341da FF - user.js: extensions.Softonic.instlDay - 15677 FF - user.js: extensions.Softonic.vrsn - 1.6.7.4 FF - user.js: extensions.Softonic.vrsni - 1.6.7.4 FF - user.js: extensions.Softonic_i.vrsnTs - 1.6.7.423:08 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic_i.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - BASEirobinhoodActive FF - user.js: extensions.Softonic.instlRef - INF00047 FF - user.js: extensions.Softonic.dfltLng - nl FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.admin - false
