frank12444
-
Items
10 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door frank12444
-
-
ComboFix 12-06-23.05 - Adrie 23-06-2012 14:59:27.2.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.545 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Adrie\Bureaublad\ComboFix.exe
gebruikte Opdracht switches :: c:\documents and settings\Adrie\Bureaublad\CFScript.txt
AV: ESET Smart Security 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
FILE ::
"c:\windows\System32\XDva031.sys"
"c:\windows\system32\XDva039.sys"
"c:\windows\system32\XDva068.sys"
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_XDVA031
-------\Legacy_XDVA039
-------\Legacy_XDVA068
-------\Service_mailKmd
-------\Service_XDva031
-------\Service_XDva039
-------\Service_XDva068
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))
.
.
2012-06-23 10:34 . 2012-06-23 10:34 -------- d-----w- c:\documents and settings\All Users\Favorieten
2012-06-22 13:36 . 2012-06-22 13:36 1409 ----a-w- c:\windows\QTFont.for
2012-06-22 12:59 . 2012-06-22 12:59 388096 ----a-r- c:\documents and settings\Adrie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-22 12:59 . 2012-06-22 12:59 -------- d-----w- c:\program files\Trend Micro
2012-06-20 14:31 . 2012-06-23 12:52 -------- d--h--r- c:\documents and settings\Adrie\Onlangs geopend
2012-06-09 11:29 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2012-06-09 11:26 . 2012-06-09 11:27 -------- d-----w- c:\program files\Defraggler
2012-06-09 11:24 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\Adrie\Local Settings\Application Data\Temp
2012-06-08 19:30 . 2012-06-08 19:30 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Search
2012-06-08 11:19 . 2012-06-08 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2012-06-08 11:18 . 2012-06-08 18:40 -------- d-----w- c:\documents and settings\Adrie\Application Data\IObit
2012-05-31 07:20 . 2012-05-31 07:20 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-25 10:29 . 2012-05-25 10:29 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Desktop Search
2012-05-25 10:28 . 2012-05-25 10:28 -------- d-----w- c:\program files\Windows Desktop Search
2012-05-25 10:25 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2012-05-25 10:25 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2012-05-25 10:25 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 09:17 . 2009-10-07 10:40 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2012-05-31 13:22 . 2003-12-29 16:10 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-31 07:20 . 2011-05-20 08:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-22 17:05 . 2012-05-22 15:39 14664 ----a-w- c:\windows\stinger.sys
2012-05-22 15:54 . 2012-05-22 15:54 159608 ----a-w- c:\windows\system32\mfevtps.exe.c775.deleteme
2012-05-22 15:38 . 2012-05-22 15:38 159608 ----a-w- c:\windows\system32\mfevtps.exe.55ec.deleteme
2012-04-11 13:55 . 2002-09-09 13:18 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2002-09-09 13:17 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:55 . 2003-12-28 22:02 1862400 ----a-w- c:\windows\system32\win32k.sys
2012-04-04 13:56 . 2010-08-12 11:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((( SnapShot@2012-06-23_11.23.20 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-06-23 13:19 . 2012-06-23 13:19 16384 c:\windows\Temp\Perflib_Perfdata_104.dat
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRISMSTA.EXE"="PRISMSTA.EXE START" [X]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-10-03 40960]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-09-12 65536]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]
"FLMOFFICE4DMOUSE"="c:\program files\Browser MOUSE\mouse32a.exe" [2006-12-13 360448]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2003-05-12 32768]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 54784]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e
.
[HKLM\~\startupfolder\C:^Documents and Settings^Adrie^Menu Start^Programma's^Opstarten^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ImageFox.lnk]
backup=c:\windows\pss\ImageFox.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Photo Express Calendar Checker SE.lnk]
backup=c:\windows\pss\Photo Express Calendar Checker SE.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk]
backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^REALTEK RTL8187 Wireless LAN Utility.lnk]
backup=c:\windows\pss\REALTEK RTL8187 Wireless LAN Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^UltraMon.lnk]
backup=c:\windows\pss\UltraMon.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 10:02 2356088 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-01-03 13:54 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMBROWSEMOUSE2]
2006-12-13 14:48 550400 ----a-w- c:\program files\Browser MOUSE\R2M.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 16:34 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 14:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 14:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp]
2003-05-12 13:28 32768 ----a-w- c:\program files\Launch Manager\LaunchAp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
2003-06-25 09:53 204800 ----a-w- c:\program files\Launch Manager\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2002-12-10 15:54 127022 -c--a-w- c:\program files\Common Files\Logitech\QCDriver3\LVComS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-03-09 13:29 7561216 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-03-09 13:29 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-03-09 13:29 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-01-29 17:12 57344 ----a-w- c:\program files\Home Cinema\PowerCinema\PCMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 15:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\powerman]
2003-12-23 19:48 126976 ----a-w- c:\windows\system32\powerman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 14:00 155648 -c--a-w- c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2003-11-20 15:18 499712 -c--a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2003-11-20 15:19 98304 -c--a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
2008-02-07 10:00 90112 -c--a-w- c:\program files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\Trayserver.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"=
"c:\\Program Files\\Google\\Google SketchUp 6\\LayOut\\LayOut.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"h:\\program files\\redalert3\\Data\\ra3_1.0.game"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\GtkRadiant 1.5.0\\GtkRadiant.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9068:TCP"= 9068:TCP:BitComet 9068 TCP
"9068:UDP"= 9068:UDP:BitComet 9068 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6-1-2008 13:16 715248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11-9-2009 8:23 108792]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6-12-2007 22:03 660768]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [6-7-2011 15:45 38144]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11-9-2009 8:24 735960]
R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [20-9-2002 19:29 53248]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23-12-2008 17:35 50704]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [14-9-2008 17:32 10496]
R3 PRISM_A00;PRISM 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [16-10-2003 2:15 364320]
S2 PIEUsb;Pacific Image Electronics USB Scanner;c:\windows\system32\drivers\usbscan.sys [30-12-2006 20:45 15104]
S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [20-9-2002 19:27 77824]
S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [20-9-2002 19:41 77824]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [27-5-2009 14:53 223232]
S3 cglptnt;cglptnt;c:\totalcmd\CGLPTNT.SYS [9-7-2009 12:51 7888]
S3 dump_wmimmc;dump_wmimmc;\??\c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys --> c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt --> k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [4-9-2009 18:56 1527900]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4-9-2008 19:32 47360]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys [6-7-2011 15:45 332928]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP2\RpcAgentSrv.exe [4-1-2009 18:08 98488]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [25-3-2011 15:42 384752]
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Append Link Target to Existing PDF
IE: Download All Files by HiDownload
IE: Download by HiDownload
TCP: DhcpNameServer = 192.168.178.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Adrie\Application Data\Mozilla\Firefox\Profiles\x7qbfdgj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
*/
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1338454994
FF - user.js: app.update.lastUpdateTime.restart-nag-timer - 1225570569
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1339045179
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.lastDir - c:\\Documents and Settings\\Adrie\\Mijn documenten\\Mijn afbeeldingen
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.download.save_converter_index - 0
FF - user.js: browser.fixup.alternate.enabled - false
FF - user.js: browser.history_expire_days - 20
FF - user.js: browser.migration.version - 1
FF - user.js: browser.places.importBookmarksHTML - false
FF - user.js: browser.places.importDefaults - false
FF - user.js: browser.places.leftPaneFolderId - -1
FF - user.js: browser.places.migratePostDataAnnotations - false
FF - user.js: browser.places.smartBookmarksVersion - 1
FF - user.js: browser.places.updateRecentTagsUri - false
FF - user.js: browser.preferences.advanced.selectedTabIndex - 0
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.defaultenginename - Google
FF - user.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage - hxxp://www.startpagina.nl
FF - user.js: browser.startup.homepage_override.mstone - rv:1.9.0.14
FF - user.js: browser.visited_color - #800080
FF - user.js: distribution.google-cjk.bookmarksProcessed - true
FF - user.js: extensions.enabledItems - {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W,{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - user.js: extensions.lastAppVersion - 3.0.14
FF - user.js: extensions.mozilla.metrics.event-count - 0
FF - user.js: extensions.update.notifyUser - false
FF - user.js: flashgot.custom.Retriever.maxLinks - 10
FF - user.js: flashgot.defaultDM - BitComet
FF - user.js: flashgot.detect.cache - (Interne downloadbeheerder),HiDownload,BitComet
FF - user.js: flashgot.dmchoice - false
FF - user.js: flashgot.version - 1.1.8.7
FF - user.js: general.useragent.extra.microsoftdotnet - (.NET CLR 3.5.30729)
FF - user.js: google.toolbar.auto_page_translate.rules.blacklist - nl
FF - user.js: google.toolbar.auto_page_translate.rules.whitelist -
FF - user.js: google.toolbar.button_option.cached.gtbCountrySearch - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbCountrySearch\ tooltip=\gtbMultilineTooltip\ label=\Nederland\ fullText=\Nederland\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbFeelingLucky - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbFeelingLucky\ tooltip=\gtbMultilineTooltip\ label=\Ik doe een gok\ fullText=\Ik doe een gok\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchBlogs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBlogs\ tooltip=\gtbMultilineTooltip\ label=\Zoeken in blogs met Google\ fullText=\Zoeken in blogs met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAYBJREFUeNqUkjtOA0EMhr1LRDYUtCCliKiQ4AB0CIkLQIkENHCgiAMgIeAAiANQ86iQoEcUqSkSsrvjMX7MLLME8bBi2Zkdf/49MxkRwcndMU0QYeLYMXH97yH9Ng756PAmA7Z8eHtEpfdQewIkc07NQSKZg0X+cQaweLopATpClaKKKyry4Dh3lMJmgaKaFBMA8rFmFaKkUjWmyPk2DIMS5P1o9QLwSnVBQYUJiMRJYwS5ZFQDODRA8CpRImNFNRKjItcCoAGwAVAzTonfQHSfqVbAmBUQRABwFyuKSspUUVAosHAEpkBOFQGaGWvdLOdBbUBy3dE6ktpVQjNGPNB0lAiSNbEizzVm+f4a7e6t6gMZTafwVjuFSKflogvzeWY3odfqG+mP16+A509ZJvLnDtZ1fWNnwJBSFfR7BdxfvYD0kZ72Aj+l08WzPmUFRFu53KZ3ljtY6MEDF0sH+MXyrwv9XvfPxTO2dLZFciYU3jvnP+5P1ZucfxRHwIcAAwAX2fYcgJ+EGwAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchBooks - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBooks\ tooltip=\gtbMultilineTooltip\ label=\Zoeken naar boeken met Google\ fullText=\Zoeken naar boeken met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAiNJREFUeNp0kztvE0EUhc/Ya5uEFCsiiJQiwjJIiAaLAkSFRUPrAgpqfgBQUSL/gkBBDRJFCpB4SBFNikAVCRE5giISTmQkjCP8iNfG6915MjO7fuKMdKTdO3O/e+beXXJzSxXWs/U8gAda57VKWk+v5lY7mFi7B7/N3hOt4iBkL299WHsfPMY20QB1xhG4d7aDC6fo8LxJfmZA8ftDU4AL6W5WM3jxLYUjL0BYWiGO2W3zJJ7Xl5HLUNx2e7i4SN242hWtgpTK/dpI4tX+Asq1EIzqQioiO8OSSgf2+2l895ZxbWmAG66PS0u0uNdO4u2hg51fCjTwIQVGyRYgRPQuJWCeOQc+Nxew8amOQesYK+kuFnOXIZiwRZScykeCMWhLWiySAXANCrwuglYDYevIwodSk9nGAWVR0EiYQyICKGNHMhDJpwByHsB4MhvDQyYXgoMIaiE2Fmt2OSxuqJoBKE5BeADi0Cgu/rc/vkIMUEOAqcRDENbXgMAC51WfuoKauQaoD0J7IKnIwUnLCX3dKCc1auQY0Eci9EAyBGpepm6uHWN752PHr/20I6TxKBmPHUg2t6r0/oAe7Np/JaGblfV/fCn9LW+BHjfsCE+yrPwuWHUPvF4p6SllTYyMdu+8Nn/besJdLTpreSTLG0CzgnNuGvL6fdQqh5C95jt95hHe3K1Gn7+aAIxBBQvig7y5ZzqVQEBOl+PE7SlHGvBPgAEAhIhYJbvKryMAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchCalendar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchCalendar\ tooltip=\gtbMultilineTooltip\ label=\Google Agenda\ fullText=\Google Agenda\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAldJREFUeNp8U01oU0EQ/t4zeU00iWLxr2nFXlSohyCkrTcv6kH0VAVPiiBeBfHmoUfBn4NHEQTxZKugN0FQNFiEgBfbElQkmor2x6bv2TQvb3fH2d2X0ODPwDCbt/N9M9/sxCEipK4pgpIgdsiIXYBky5xJcBQhR+uImiB2df+YAzbXgElBfXsLURqH+l4Gf4Ax0tE6LVdAlQeglQ/myjnzxCS5ujKUwoa5F1CLM5xQhSbUboiYRHeJxg9QUIW39tkSky2SMG1zcqZ4Ef37D+JnuoAgVIbUkJO9zw2OonfPdiyG29DyQ1tEExjNXCmQPfCTh4CWYCDPQAPj7nQMGoAv8ka/BVObQMStKgz1ClwoNJHPCLypEm6VWAaTjfYrDPc5mHynUFtSdtgdCXraZmAKp/f+wtHdLdQbLVwa8fCFk7NJhauHHUjpYuojobYgbGexuUYCPxVxvPEqwsjtOm5yVJyUz0hMfQowUa7zb9sNccdt/bYD/c7xtH1KoHo5Z6au/dl0gJl5F5PTCZw4oCyYSdYbdxB2LcqpO1XcLS2ZiueKPXaZ2IWUJra1dwgoCjvbdmQwgu/uwMRsmjUr7Mooc0ci4lnrTe0GxxLC+EUUzhaSGB5wjURd8d7rBT7omTlQ9CfYbKR7/iW11za/cRXFnWvIplw8n13FXCNnNGc9iX2b66isbOElcztgejjmJBB6INc3BLW6g9pyyr6z2sTfIpOoQeX5rd2VKW0l9PmP4Q2NQbaXY92W/cuSSQ/N94/4dJyJGDRw8sr/EX+xr0+vm7/zbwEGAAc7ldeFiLAmAAAAAElFTkSuQmCC\ hassend=\true\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbSearchDocs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchDocs\ tooltip=\gtbMultilineTooltip\ label=\Google Documenten\ fullText=\Google Documenten\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAfxJREFUeNqEU8tOFEEUPcXMIII6gisxkogkGk0gceUs3bHgB4wkfAD/IIlbl/yBBj/ApTEhIS5MXBAzhhiBlTIsZoQZm+7pqdf1VlV3T08YY3Vu30pVnXNPnaoSRIS8vW6CzhRwJkP0uD93BVi7Dazfh8jXCRG6DlvNB7cPQJK5tAWMyxwp95s9oMLzFQI9XwokDpiTTOQEkQaOv+3jYPc94iSBZLDKwqlppcC7IwzlZq0gcHK/f97F8dcvqHZb6JugYMDRVYGgTJJvvSA450X1Rw3MP1xBdOMOYiaIWZUj6rGcVn9IslNSUnjgZFYfNCCXgFMG/WHCCyaQ2uBXfIFuPIGalRwKkzrBUfsWbTXqQuRSnn0EObmpq8wRMUGfHTVawqoBrB74bFTIc5NAe/OxKBR0BmwYBYLEhMrWKAbKLGvOGpRFx+2vvIWODEeorYW1AUweJD0JcSbNY26c5y95kEieIMuTHMZwVr6S9SCZKZFeBUqnWRAYmWLqpIna+QmixaewlZqv5mVrlSlhY7jI2HtgZR/Xfuyh3mpiWbTZqDSYlxs4BjyqgAG9hSdYnJY4pBnvtjfMar8lXL6EowRXSSKaXcCe8yF2fphgFo0H3pyqjRJc//QG91Y3PMB9/yhYtN8f3vJ/GaL8nO++ePkf2LD93Hnln+NfAQYAumFzRInKlVsAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchGroups - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchGroups\ tooltip=\gtbMultilineTooltip\ label=\Google Discussiegroepen\ fullText=\Google Discussiegroepen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchImages - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchImages\ tooltip=\gtbMultilineTooltip\ label=\Google Afbeeldingen\ fullText=\Google Afbeeldingen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchLocal - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchLocal\ tooltip=\gtbMultilineTooltip\ label=\Google Maps\ fullText=\Google Maps\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchNews - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchNews\ tooltip=\gtbMultilineTooltip\ label=\Google Nieuws\ fullText=\Google Nieuws\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbGadgetButtonWithSeparateMenu\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchPhotos - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchPhotos\ tooltip=\gtbMultilineTooltip\ label=\Picasa Webalbums\ fullText=\Picasa Webalbums\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAt9JREFUeNpcU01ME0EU/rbdtvzTghWKFCPhRyQShaiRHz2YeECTwsnEgx48wQkTMJwkHIwHOaAXPBhvJkZjQAU5eCLBkyYmBYuJRiihECgtULptd2d3xzdbStCXvMzs5H0/782shCORTsXcnPMRnWkD+C90XR3nJh8tP167mzujWki5j0w63sM0dVLspcVvMKKbYEuL4P5a8NaLQFmZVSdB6vVW1k/9Q3AITnJoW8twvH4GlspAVzJglGrnNfh6KqHKzWCSVwB7K3yNU4LAlla23QLM4xyxl2vYeW9D6spdGDYZpm6CGyZJAQ4WROn+Y8j6CiRJmtyIhNxC3CZ6Fpv42wipaqSoIT5fAPN6H4yiEpjMADeJiG1AyiyhZHc4NwALZzMMfSC9kIQaI8tUbBiGRbL50wbnENX4TmRd6FHKCOxqEPLeG9hlhzVo2ZrBugLGmKVkUDH3SzgWqIBcXIjC4YfgUQIbnykZKUvQk6tAadaILAaRXlNIncE0qdk6O6punYTT6SSXpFxQgMIaP3gkH1wrBkw7SpxhJA5uzyYm5KhxkQMdyoV8fOlqIrDDAgvywzXtgZmspPRhR20lp3rWQWI/Aaffhc3LxRh1n4MzrOB2jUq0/ICAW60lHR2QmFPcADL5TTBT6SzBysofNJ85i/FYNULbHC0uDV9jQUyvzyFFA02Ssz2dIanRbbA8NLh8eFTRiuVwGLV1RBBc+IH6ugYMnOKYX8+jFlWE9sKYi4ag6AYSOhFoDEwjOVXCvfNXIUYlcB2d3bD19Q1J7yYn0e7leNW2g2pysE+gjYyKLVWlfrPgIjMPT1vuoLvxEj7OfILAWU9b9ChiYuIJ7w0E6G1zfN/+jee/ZrGqxFDl8KC9/DS6/W3wFnnwYXrGAlO9WLPvQMTBocUWuHkDL7rui9dm3YKqaaQ6e1h39C+VxVRzLhQl5RkcHNnNER0NARwbG3UfuEV//wPLwV8BBgAilqQLWMIqvAAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchScholar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchScholar\ tooltip=\gtbMultilineTooltip\ label=\Wetenschap\ fullText=\Wetenschap\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAD//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////4yMjP9OV1r/PktM/7W1tf////////////////////////////////////////////////////////////////8hJCj/ZL72/1Oezf9ra2v/////////////////////////////////////////////////////////////////SkpK/1Oi1f9Dhqz/lJSU/////////////////97e3v/39/f//////////////////////////////////////4yMjP9Lkrz/MmqM/+fn5////////////56Zl/+QQTD/bktF/8bHxv////////////////////////////////+cnJz/Q4a0/ylVa//Nzc3/kIyM/3dHPv/eXDn//2xC//9sQv+tTDH/hGRb/5eXl/+1tbX/3t7e////////////ra2t/0OGrP9LboT/lC8h/95UMf/3XDn//2xC//9sQv//bEL//2xC//dgOf/GRDH/czAh/5SUlP///////////97e3v9Afpj/X3mH/3ssGP/nUDH/91g5/7VMMf+cQCn/nDsp/61IKf/3WDH/71Ax/0oYEP/n5+f////////////39/f/GDhS/21vcv8wHxf/nDMh/5wzIf/eTDH//1Q5//9UOf/nTDH/pTch/4wrGP9EJh//////////////////jIyM/zFJWv9SLCn/zkQx//9UOf//VDn//1Q5//9UOf//VDn//1Q5//9UOf//VDn/pTMh/0w3Mf+xsLH//v7+/z4fF//GQCn/xkxC/71QSv+cREL/pURC/3swMf9rJBj/vUAp//9UOf//VDn//1Q5//9UOf//UDn/ShgQ/zAzMP/v7+//jIyM/2ZBN/+MKyH/70wx//9UOf//VDn/xkAp/85EMf//VDn//1Q5/95IMf97KBj/Nh8Y/4SGhP/n5+f/////////////////xsbG/1dVUv9wJx//xkAp//9QOf/GOyn/cyQY/1IzMP9zc3P/xsbG////////////////////////////////////////////5+fn/4SEhP82LCn/e3t7/97e3v//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchSite - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchSite\ tooltip=\gtbMultilineTooltip\ label=\Site doorzoeken\ fullText=\Site doorzoeken\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchVideo - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchVideo\ tooltip=\gtbMultilineTooltip\ label=\Google Video\ fullText=\Google Video\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAghJREFUeNpsksFrE0EUxr83M7ubpkK0tLYB9VArUolHvfUgvXn3Ih79Q/wL/AMURNSrQs8eBEF67E3sIbSUpralIDQsscnOjO/NzCZd6ZKXmd2d7zff93bIe4/tr8f+sF/i90GJvKXRe7QAbQhyfdsaYH93iLVeBxtPu+HZqKzw4fUu3n/fJPr8tu/zQoUX5bDCYL+EQNcedKaQnR9n2Ps1xK3VeTx+cjM8G/+1+PJuD3p9+cWrG4sFslxBQNoonByOcHo0wlK3BaUJ3TvtAO//PMf5nzFu370W1t172AE9v//Ri7g9b1BfsngydijmNObaevr8ZDAK7hYWWxw1ujbLvdWwuxG7RHDWoc3iauK5XCiBTXgsVuL87ILHIb/juZEFznlMSACA57nc20rKwVq+ryu986kcuzFC1JyTYr/YIuJCFohYNqgh9j8Q+Bcd2CZActYCcVKJEx5d1QQpRdGBUhKfmoDaRTWDXAbJuoy/2hUA34hxGRJANkaSMxKaL52k8EVijBowbaaNO4Z+iAP+OnI25MTm0YFlQNxd/n0dw/mmi+REcou44DJZikDpE14JSBDvEGznRRRnWTpI7oLzKhfVwKwPLkIEJhGlYSIOtpMYrDVHfgvr158F0QwQR4mmpUxdKkSQzTS73j7+BBJhb+XlTJ2aQampYc4TcUFoXjsHb+ifAAMAoBeO3DWt6ZQAAAAASUVORK5CYII=\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbSearchWebhistory - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchWebhistory\ tooltip=\gtbMultilineTooltip\ label=\Webgeschiedenis\ fullText=\Webgeschiedenis\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml\ tooltip=\gtbMultilineTooltip\ label=\Gmail\ fullText=\Gmail\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg42v84ONr/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/ODja/zg42v84ONr/ODja/+Li////////////////////////////////////////////////////////4uL//zg42v84ONr/ODja/zg42v+np/n/4uL/////////////////////////////////////////////4uL//6en+f84ONr/ODja/zg42v84ONr/4uL//6en+f/i4v////////////+BgfL/gYHy////////////4uL//6en+f/i4v//ODja/zg42v84ONr/ODja///////i4v//p6f5/7a2//+BgfL/Wlrp/1pa6f+BgfL/trb//6en+f/i4v///////zg42v84ONr/ODja/zg42v///////////7a2//+BgfL/Wlrp/zg42v84ONr/Wlrp/4GB8v+2tv////////////84ONr/ODja/zg42v84ONr///////////+BgfL/Wlrp/zg42v+2tv//trb//zg42v9aWun/gYHy////////////ODja/zg42v84ONr/ODja//////+BgfL/Wlrp/zg42v+2tv////////////+2tv//ODja/1pa6f+BgfL//////zg42v84ONr/ODja/zg42v+BgfL/Wlrp/zg42v+2tv///////////////////////7a2//84ONr/Wlrp/4GB8v84ONr/ODja/zg42v84ONr/ODja/zg42v+2tv//////////////////////////////////trb//zg42v84ONr/ODja/zg42v84ONr/ODja/zg42v+BgfL/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+BgfL/ODja/zg42v84ONr/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAP//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAD//wAA//8AAA==\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml\ tooltip=\gtbMultilineTooltip\ label=\Knoppenlijstj\ fullText=\Knoppenlijstj\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAcNJREFUeNpsU7tOAzEQXF8uCgLCQ+IHkICa74ACISEaOh4SNeIXqGmgA0o+AAlqhBDiG6CkoQHEI+Tu/FhmbcdJjlia2+TsnZ0d7ykaWMzs49Y98XtFJHgDPiqmtw2lZE+FkM5ngwSyuf9IbMBje8B7B7QvuzyY3FtZ/UWB02UECpNGdM5JORq1Mq5tdAxR1waiArGSXBAwWxrVbi6P3QdmqfiLMz8m4DcSVVYkGGJraezslZ0uyOnSd+wfm3fg5lBJEoTkG8nfmugLZmitkV8iqfKJnsD/Bw6XVS5O29hrEVV0ogpjLCqbCI1WEJ0NYBdakGtyQsDBOFHRRWULyc5UHmz0MAl+90xNBCaqMJIoFaxI1yFGJDXOJTPz6aajT5A0ieGopR9fuS/bJ0NFA5XHc4eZQKU8o5lWHq6xON2jSSqprQqgosyWwSSPfgsZa5oGwUwrJDevjsPwyX0ure6kYXhZPwomeakmSDdBzcLtSZL+dH2u0hz07lQWromT07Fn55Jp/2Y5q8/3/ATTbG5pKjM01UBsMs2NNWhhtjV0DqppJOPiyjabtQOqj3jsWT3fXAyNsxo134Oe1Huuf85/AgwABNSAmdF/QsEAAAAASUVORK5CYII=\ type=\menu\ class=\gtb-custombutton gtbHelperIcon gtbWholeMenuGadgetButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml\ tooltip=\gtbMultilineTooltip\ label=\Google Earth\ fullText=\Google Earth\ image=\data:image/x-icon;base64,R0lGODlhEAAQAPfDAA40ViRReM7q/c7h8hA6XxM/ZjpUbDpVbgUrTB88VqSuuBJNgQw5YRVOgS+BwlNpfQ8yUhhJdRxMdgkvUqy7ytHd59Xe5Nfe5UZjfiZoojlad0FhfvD095umsSNln32SpU9meytzsCJzummCmCZmnUqp7CBWh7S+x6S+1RY8X3SJm0FedzqGxp2tupams2d5iRYzTRRYlD6V1i54uKSwuxw7V2F1hkRbb4merx5SgImaqU1tih08WV638vv7/Mzd66i1wZKjsiJAWwcpRwc3YwAkSDJijEODvG+ZvszU3AYqSqS1xNHo94Cqzm6p2hpFbDuX2yiByV1/nVN0kVOGsmOBmwYpSCJai2at41mv6nWv4B1ioSRnoqvM6O/y9dzs+dzi6DRcfjWS1xMzUCdqpVBpgCpyrypspn6QnxVQhg8zVF6HrIOVpTxbdx5RfWqJpqu8zC+CxCVkm/Hz9Qo0WSZWgRQ6Wyt5uziR05mxxz1cdx9dlTJzrk5pgDWFyh5Jb5Souc3b5vn6+3ms2TZXdFt3j4mZp0qBswErUFam4aazvoGmxdDb5GuBlR5vt4+hsGCUwiNglhI/aS9kk3mRpp650B1OelBofaexvPX4/JilsGeIpEVccFd+oZ2uvofM9hhBZR5VhxhQgqvA0tHZ36G91wsqR/z8/C9/wCZtrGyFmwsqRihspxE5XKne/TthgqOzwaa0waKywdDi8wkrSltugTVfhHqYtBdQhOfs70llfXKGl+34/pajryx2tT9ffS58vBIvSf///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAMMALAAAAAAQABAAAAj8AIcJFDjq1psqqoAMXDgMxZZUkEoFshBrhSKGSI4McuLH0Zk1jASpQDOwUpNMwoR90SIihhsKwnbREEhlFhNeKYV14bPgTxIfBoblOcQi0SdXAlL+mESE0JwTmDp5uCMjS48SWAYIqxAGkS5DNupEMhMHDxQxUWYs4pBLQxFanAKYIBECmANUvriksSWLVCMhN6ZEaLAnAysycq5YKkCnjY4HtQC92mREFK5QOSQ8AZVCjZVVCobtEOYFjpQAkhgQaAUAwphgAnF4SnnqwhJKhTD0OQCjw8ARsMBs+PWhRRA2lxK8YPhIjx0AExAoGWJKE8OBLsrwqAGiF8OAADs=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.gtbAutoFill - true
FF - user.js: google.toolbar.button_option.gtbBookmarks - true
FF - user.js: google.toolbar.button_option.gtbSearchBookmarks - true
FF - user.js: google.toolbar.button_option.gtbSearchGoogle - true
FF - user.js: google.toolbar.button_option.gtbSidewiki - false
FF - user.js: google.toolbar.button_option.gtbSpellCheck - false
FF - user.js: google.toolbar.button_option.gtbTranslate - true
FF - user.js: google.toolbar.button_option.gtbTranslateMenu - false
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - true
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml.feedUpdate - 1339045199
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - true
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml.feedUpdate - 1339054058
FF - user.js: google.toolbar.button_option.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - true
FF - user.js: google.toolbar.component.bundled.dictionaries_config.json - 7.1.20110512
FF - user.js: google.toolbar.component.bundled.share_providers.json - 7.1.20110512
FF - user.js: google.toolbar.component.bundled.suggest_window.html - 7.1.20110512
FF - user.js: google.toolbar.custombuttons.list - gtbSearchImages,gtbCountrySearch,gtbSearchLocal,gtbSearchSite,gtbSearchNews,gtbSearchVideo,gtbSearchWebhistory,gtbFeelingLucky,gtbSearchGroups,gtbSearchBlogs,gtbSearchBooks,gtbSearchCalendar,gtbSearchDocs,gtbSearchPhotos,gtbSearchScholar,gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml,gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml,gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml
FF - user.js: google.toolbar.custombuttons.migrated - true
FF - user.js: google.toolbar.custombuttons.order.migrated.to.v6 - false
FF - user.js: google.toolbar.custombuttons.version - 1
FF - user.js: google.toolbar.done_page_shown - AU_3.1.20081010
FF - user.js: google.toolbar.enhanced_features.week - -1
FF - user.js: google.toolbar.firstrun.done - true
FF - user.js: google.toolbar.google_home - www.google.nl
FF - user.js: google.toolbar.google_home.default - www.google.nl
FF - user.js: google.toolbar.install_id - qeoEXlA1Y819UJ5vx9pOZH7VzwuiGy5koK1eMpyEoHPs
FF - user.js: google.toolbar.install_ping_acked - true
FF - user.js: google.toolbar.last_ping_attempt - 1338967666101
FF - user.js: google.toolbar.never_show_done_page - false
FF - user.js: google.toolbar.opted_into_advanced_features_1 - true
FF - user.js: google.toolbar.rlz - 1B3GGGL_nlNL247NL255
FF - user.js: google.toolbar.safebrowsing.keyupdatetime - 1339130996
FF - user.js: google.toolbar.search-icon - data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/0227/+Tzvb/9vv5/97h0f9JeBz/NHoA/z98Av9AfAD/PHsA/0F6AP8AAAAA/vz7/1+33/8Mp+z/FrHw/xWy8f8bs/T/Hqrx/3zE7v////7/t8qp/zF2A/87gwH/P4ID/z59AP8+egD/Q3kA/97s8v8botj/ELn3/wy58f8PtfL/D7Lw/xuz9P8vq+f/8/n///779v9KhR3/OYYA/0GFAv88hgD/QIAC/z17AP/0+/j/N6bM/wC07/8Cxf7/CsP7/wm+9v8Aqur/SrDb//7+/v///P7/VZEl/zSJAP87jQD/PYYA/0OBBf8+fQH///3//9Dp8/84sM7/CrDf/wC14/8CruL/KqnW/9ns8f/8/v//4OjX/z+GDf85kAD/PIwD/z2JAv8+hQD/PoEA/9C7pv/97uv////+/9Xw+v+w3ej/ls/e/+rz9///////+/z6/22mSf8qjQH/OJMA/zuQAP85iwL/PIgA/zyFAP+OSSL/nV44/7J+Vv/AkG7/7trP//7//f/9//7/6/Lr/2uoRv8tjQH/PJYA/zuTAP87kwD/PY8A/z2KAP89hAD/olkn/6RVHP+eSgj/mEgR//Ho3//+/v7/5Ozh/1GaJv8tlAD/OZcC/zuXAv84lAD/O5IC/z2PAf89iwL/OIkA/6hWFf+cTxD/pm9C/76ihP/8/v//+////8nav/8fdwL/NZsA/zeZAP83mgD/PJQB/zyUAf84jwD/PYsB/z6HAf+fXif/1r6s//79///58u//3r+g/+3i2v/+//3/mbiF/yyCAP87mgP/OpgD/zeWAP85lgD/OpEB/z+TAP9ChwH/7eHb/////v/28ej/tWwo/7tUAP+5XQ7/5M+5/////v+bsZn/IHAd/zeVAP89lgP/O5MA/zaJCf8tZTr/DyuK//3////9////0qmC/7lTAP/KZAT/vVgC/8iQWf/+//3///j//ygpx/8GGcL/ESax/xEgtv8FEMz/AALh/wAB1f///f7///z//758O//GXQL/yGYC/8RaAv/Ojlf/+/////////9QU93/BAD0/wAB//8DAP3/AAHz/wAA5f8DAtr///////v7+/+2bCT/yGMA/89mAP/BWQD/0q+D///+/////P7/Rkbg/wEA+f8AA/z/AQH5/wMA8P8AAev/AADf///7/P////7/uINQ/7lXAP/MYwL/vGIO//Lm3P/8/v//1dT2/woM5/8AAP3/AwH+/wAB/f8AAfb/BADs/wAC4P8AAAAA//z7/+LbzP+mXyD/oUwE/9Gshv/8//3/7/H5/zo/w/8AAdX/AgL6/wAA/f8CAP3/AAH2/wAA7v8AAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==
FF - user.js: google.toolbar.searchdomaincheck.done - true
FF - user.js: google.toolbar.spell_check.dictionary.words2 -
FF - user.js: google.toolbar.spell_check.lang - nl
FF - user.js: google.toolbar.spell_check.last_lang - nl
FF - user.js: google.toolbar.translate.target_lang - nl
FF - user.js: google.toolbar.translate.updateFlag - true
FF - user.js: google.toolbar.usage_stats.default - false
FF - user.js: intl.accept_languages - nl
FF - user.js: intl.charsetmenu.browser.cache - us-ascii, windows-1252, ISO-8859-9, UTF-8, ISO-8859-15
FF - user.js: metrics.event-count - 0
FF - user.js: microsoft.CLR.auto_install - false
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.http.proxy.version - 1.0
FF - user.js: pref.advanced.javascript.disable_button.advanced - false
FF - user.js: pref.browser.homepage.disable_button.bookmark_page - false
FF - user.js: pref.browser.homepage.disable_button.current_page - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: spellchecker.dictionary - nl
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1339166194
FF - user.js: urlclassifier.tableversion.goog-black-enchash - 1.62997
FF - user.js: urlclassifier.tableversion.goog-black-url - 1.25401
FF - user.js: urlclassifier.tableversion.goog-white-domain - 1.493
FF - user.js: urlclassifier.tableversion.goog-white-url - 1.371
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-23 15:21
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe???????@?`??????w???w???????w???w;??w?r@????? ???????????????d???????????????????????4????????$?w???????????sI??s???s@????????????a?wx??st???????B-?s???????????????s???s?????n?w????Y??sL;??D??s??@??4@?X;?????????
LaunchAp = c:\program files\Launch Manager\LaunchAp.exe????\??? ??|h??|????a??|Nj?w?j?w????????0??? ???????????????d??????|????????p????u@????????????????s???????s???sx??s@?????????????}|h??st??????????s?????????????????C?sc"?sx??s??????:~??@?N'?s?;???4@? ;?????????
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver]
"ImagePath"="\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\SecuROM\License information*]
"datasecu"=hex:02,bd,4e,ee,17,04,52,9b,f9,e0,34,2e,47,f2,ac,2b,be,74,fc,78,f1,
0f,68,25,1f,74,40,11,98,ab,a4,9b,a0,e2,aa,62,4b,e1,0d,6a,c8,ae,af,6e,45,70,\
"rkeysecu"=hex:67,68,7a,37,96,63,29,84,de,3d,d0,37,0e,0f,6d,63
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(1516)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Browser MOUSE\MOUDL32A.DLL
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\PRISMSTA.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
.
**************************************************************************
.
Voltooingstijd: 2012-06-23 15:32:23 - machine werd herstart
ComboFix-quarantined-files.txt 2012-06-23 13:32
ComboFix2.txt 2012-06-23 11:36
.
Pre-Run: 5.903.589.376 bytes beschikbaar
Post-Run: 5.891.608.576 bytes beschikbaar
.
- - End Of File - - C8FAFD7A9CCA32FEF51D0322B87D6F65
-
het lijkt vooralsnog dat hij een heel stuk sneller is (heb 2 webpaginas bekeken binnen 10seconde!!!).
ComboFix 12-06-23.05 - Adrie 23-06-2012 12:58:43.1.2 - x86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.468 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Adrie\Bureaublad\ComboFix.exe
AV: ESET Smart Security 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.
ADS - system32: deleted 12 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Adrie\Application Data\ACD Systems\ACDSee\ImageDB.ddf
c:\documents and settings\Adrie\Application Data\inst.exe
c:\documents and settings\Adrie\Application Data\SQLite3.dll
c:\documents and settings\Adrie\Application Data\vso_ts_preview.xml
c:\documents and settings\Adrie\WINDOWS
c:\documents and settings\All Users\Application Data\TEMP
C:\Documents
C:\option.ini
c:\windows\CRES1100.EXE
c:\windows\help\wmplayer.bak
c:\windows\IsUn0413.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\system32\dllcache\dlimport.exe
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\install
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET72.tmp
c:\windows\system32\SET73.tmp
c:\windows\system32\SET76.tmp
c:\windows\system32\Thumbs.db
c:\windows\unin0407.exe
c:\windows\unin0413.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_FCI
-------\Legacy_ICF
-------\Legacy_ILVMONEYDRIVER53
-------\Legacy_WINRING0_1_0_1
-------\Service_IlvMoneyDRIVER53
-------\Service_WinRing0_1_0_1
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))
.
.
2012-06-23 10:34 . 2012-06-23 10:34 -------- d-----w- c:\documents and settings\All Users\Favorieten
2012-06-22 13:36 . 2012-06-22 13:36 1409 ----a-w- c:\windows\QTFont.for
2012-06-22 12:59 . 2012-06-22 12:59 388096 ----a-r- c:\documents and settings\Adrie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-06-22 12:59 . 2012-06-22 12:59 -------- d-----w- c:\program files\Trend Micro
2012-06-20 14:31 . 2012-06-20 14:31 -------- d--h--r- c:\documents and settings\Adrie\Onlangs geopend
2012-06-09 11:29 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google
2012-06-09 11:26 . 2012-06-09 11:27 -------- d-----w- c:\program files\Defraggler
2012-06-09 11:24 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\Adrie\Local Settings\Application Data\Temp
2012-06-08 19:30 . 2012-06-08 19:30 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Search
2012-06-08 11:19 . 2012-06-08 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit
2012-06-08 11:18 . 2012-06-08 18:40 -------- d-----w- c:\documents and settings\Adrie\Application Data\IObit
2012-05-31 07:20 . 2012-05-31 07:20 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-05-25 10:29 . 2012-05-25 10:29 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Desktop Search
2012-05-25 10:28 . 2012-05-25 10:28 -------- d-----w- c:\program files\Windows Desktop Search
2012-05-25 10:25 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll
2012-05-25 10:25 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll
2012-05-25 10:25 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-06-17 09:17 . 2009-10-07 10:40 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys
2012-05-31 13:22 . 2003-12-29 16:10 602624 ----a-w- c:\windows\system32\crypt32.dll
2012-05-31 07:20 . 2011-05-20 08:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-05-22 17:05 . 2012-05-22 15:39 14664 ----a-w- c:\windows\stinger.sys
2012-05-22 15:54 . 2012-05-22 15:54 159608 ----a-w- c:\windows\system32\mfevtps.exe.c775.deleteme
2012-05-22 15:38 . 2012-05-22 15:38 159608 ----a-w- c:\windows\system32\mfevtps.exe.55ec.deleteme
2012-04-11 13:55 . 2002-09-09 13:18 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe
2012-04-11 13:55 . 2002-09-09 13:17 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe
2012-04-11 13:55 . 2003-12-28 22:02 1862400 ----a-w- c:\windows\system32\win32k.sys
2012-04-04 13:56 . 2010-08-12 11:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PRISMSTA.EXE"="PRISMSTA.EXE START" [X]
"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-10-03 40960]
"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-09-12 65536]
"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]
"FLMOFFICE4DMOUSE"="c:\program files\Browser MOUSE\mouse32a.exe" [2006-12-13 360448]
"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2003-05-12 32768]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]
"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2008-03-28 413696]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 54784]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e
.
[HKLM\~\startupfolder\C:^Documents and Settings^Adrie^Menu Start^Programma's^Opstarten^MagicDisc.lnk]
backup=c:\windows\pss\MagicDisc.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ImageFox.lnk]
backup=c:\windows\pss\ImageFox.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]
backup=c:\windows\pss\Microsoft Office.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Photo Express Calendar Checker SE.lnk]
backup=c:\windows\pss\Photo Express Calendar Checker SE.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk]
backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^REALTEK RTL8187 Wireless LAN Utility.lnk]
backup=c:\windows\pss\REALTEK RTL8187 Wireless LAN Utility.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^UltraMon.lnk]
backup=c:\windows\pss\UltraMon.lnkCommon Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k [X]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Works Update Detection
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PE2CKFNT SE
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpyEraser
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
2008-09-26 10:02 2356088 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]
2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
2008-01-03 13:54 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMBROWSEMOUSE2]
2006-12-13 14:48 550400 ----a-w- c:\program files\Browser MOUSE\R2M.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]
2006-11-13 16:34 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-02-16 14:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-02-16 14:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp]
2003-05-12 13:28 32768 ----a-w- c:\program files\Launch Manager\LaunchAp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]
2003-06-25 09:53 204800 ----a-w- c:\program files\Launch Manager\OSD.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
2002-12-10 15:54 127022 -c--a-w- c:\program files\Common Files\Logitech\QCDriver3\LVComS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-03-09 13:29 7561216 ----a-w- c:\windows\system32\nvcpl.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-03-09 13:29 86016 ----a-w- c:\windows\system32\nvmctray.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-03-09 13:29 1519616 ----a-w- c:\windows\system32\nwiz.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
2004-01-29 17:12 57344 ----a-w- c:\program files\Home Cinema\PowerCinema\PCMService.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
2003-11-10 15:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\powerman]
2003-12-23 19:48 126976 ----a-w- c:\windows\system32\powerman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2008-03-28 21:37 413696 ----a-w- c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
2003-09-29 14:00 155648 -c--a-w- c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2003-11-20 15:18 499712 -c--a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]
2003-11-20 15:19 98304 -c--a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]
2008-02-07 10:00 90112 -c--a-w- c:\program files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\Trayserver.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"=
"c:\\Program Files\\Google\\Google SketchUp 6\\LayOut\\LayOut.exe"=
"c:\\WINDOWS\\system32\\java.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"h:\\program files\\redalert3\\Data\\ra3_1.0.game"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\RpcAgentSrv.exe"=
"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\GtkRadiant 1.5.0\\GtkRadiant.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9068:TCP"= 9068:TCP:BitComet 9068 TCP
"9068:UDP"= 9068:UDP:BitComet 9068 UDP
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)
.
R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6-1-2008 13:16 715248]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11-9-2009 8:23 108792]
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6-12-2007 22:03 660768]
R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [6-7-2011 15:45 38144]
R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11-9-2009 8:24 735960]
R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [20-9-2002 19:29 53248]
R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23-12-2008 17:35 50704]
R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [14-9-2008 17:32 10496]
R3 PRISM_A00;PRISM 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [16-10-2003 2:15 364320]
S1 mailKmd;mailKmd; [x]
S2 PIEUsb;Pacific Image Electronics USB Scanner;c:\windows\system32\drivers\usbscan.sys [30-12-2006 20:45 15104]
S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [20-9-2002 19:27 77824]
S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [20-9-2002 19:41 77824]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [27-5-2009 14:53 223232]
S3 cglptnt;cglptnt;c:\totalcmd\CGLPTNT.SYS [9-7-2009 12:51 7888]
S3 dump_wmimmc;dump_wmimmc;\??\c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys --> c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [?]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt --> k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt [?]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [4-9-2009 18:56 1527900]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4-9-2008 19:32 47360]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys [6-7-2011 15:45 332928]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP2\RpcAgentSrv.exe [4-1-2009 18:08 98488]
S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [25-3-2011 15:42 384752]
S3 XDva031;XDva031;\??\c:\windows\System32\XDva031.sys --> c:\windows\System32\XDva031.sys [?]
S3 XDva039;XDva039;\??\c:\windows\system32\XDva039.sys --> c:\windows\system32\XDva039.sys [?]
S3 XDva068;XDva068;\??\c:\windows\system32\XDva068.sys --> c:\windows\system32\XDva068.sys [?]
.
Inhoud van de 'Gedeelde Taken' map
.
.
------- Bijkomende Scan -------
.
uStart Page = hxxp://www.startpagina.nl/
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Append Link Target to Existing PDF
IE: Download All Files by HiDownload
IE: Download by HiDownload
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Adrie\Application Data\Mozilla\Firefox\Profiles\x7qbfdgj.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl
FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}
FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}
FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
# Mozilla User Preferences
/* Do not edit this file.
*
* If you make changes to this file while the application is running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs
*/
FF - user.js: accessibility.typeaheadfind.flashBar - 0
FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1339045178
FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1338454994
FF - user.js: app.update.lastUpdateTime.restart-nag-timer - 1225570569
FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1339045179
FF - user.js: browser.anchor_color - #0000FF
FF - user.js: browser.display.background_color - #C0C0C0
FF - user.js: browser.display.use_system_colors - true
FF - user.js: browser.download.lastDir - c:\\Documents and Settings\\Adrie\\Mijn documenten\\Mijn afbeeldingen
FF - user.js: browser.download.manager.alertOnEXEOpen - true
FF - user.js: browser.download.save_converter_index - 0
FF - user.js: browser.fixup.alternate.enabled - false
FF - user.js: browser.history_expire_days - 20
FF - user.js: browser.migration.version - 1
FF - user.js: browser.places.importBookmarksHTML - false
FF - user.js: browser.places.importDefaults - false
FF - user.js: browser.places.leftPaneFolderId - -1
FF - user.js: browser.places.migratePostDataAnnotations - false
FF - user.js: browser.places.smartBookmarksVersion - 1
FF - user.js: browser.places.updateRecentTagsUri - false
FF - user.js: browser.preferences.advanced.selectedTabIndex - 0
FF - user.js: browser.rights.3.shown - true
FF - user.js: browser.search.defaultenginename - Google
FF - user.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - user.js: browser.search.selectedEngine - Google
FF - user.js: browser.shell.checkDefaultBrowser - false
FF - user.js: browser.startup.homepage - hxxp://www.startpagina.nl
FF - user.js: browser.startup.homepage_override.mstone - rv:1.9.0.14
FF - user.js: browser.visited_color - #800080
FF - user.js: distribution.google-cjk.bookmarksProcessed - true
FF - user.js: extensions.enabledItems - {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W,{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14
FF - user.js: extensions.lastAppVersion - 3.0.14
FF - user.js: extensions.mozilla.metrics.event-count - 0
FF - user.js: extensions.update.notifyUser - false
FF - user.js: flashgot.custom.Retriever.maxLinks - 10
FF - user.js: flashgot.defaultDM - BitComet
FF - user.js: flashgot.detect.cache - (Interne downloadbeheerder),HiDownload,BitComet
FF - user.js: flashgot.dmchoice - false
FF - user.js: flashgot.version - 1.1.8.7
FF - user.js: general.useragent.extra.microsoftdotnet - (.NET CLR 3.5.30729)
FF - user.js: google.toolbar.auto_page_translate.rules.blacklist - nl
FF - user.js: google.toolbar.auto_page_translate.rules.whitelist -
FF - user.js: google.toolbar.button_option.cached.gtbCountrySearch - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbCountrySearch\ tooltip=\gtbMultilineTooltip\ label=\Nederland\ fullText=\Nederland\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbFeelingLucky - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbFeelingLucky\ tooltip=\gtbMultilineTooltip\ label=\Ik doe een gok\ fullText=\Ik doe een gok\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchBlogs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBlogs\ tooltip=\gtbMultilineTooltip\ label=\Zoeken in blogs met Google\ fullText=\Zoeken in blogs met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAYBJREFUeNqUkjtOA0EMhr1LRDYUtCCliKiQ4AB0CIkLQIkENHCgiAMgIeAAiANQ86iQoEcUqSkSsrvjMX7MLLME8bBi2Zkdf/49MxkRwcndMU0QYeLYMXH97yH9Ng756PAmA7Z8eHtEpfdQewIkc07NQSKZg0X+cQaweLopATpClaKKKyry4Dh3lMJmgaKaFBMA8rFmFaKkUjWmyPk2DIMS5P1o9QLwSnVBQYUJiMRJYwS5ZFQDODRA8CpRImNFNRKjItcCoAGwAVAzTonfQHSfqVbAmBUQRABwFyuKSspUUVAosHAEpkBOFQGaGWvdLOdBbUBy3dE6ktpVQjNGPNB0lAiSNbEizzVm+f4a7e6t6gMZTafwVjuFSKflogvzeWY3odfqG+mP16+A509ZJvLnDtZ1fWNnwJBSFfR7BdxfvYD0kZ72Aj+l08WzPmUFRFu53KZ3ljtY6MEDF0sH+MXyrwv9XvfPxTO2dLZFciYU3jvnP+5P1ZucfxRHwIcAAwAX2fYcgJ+EGwAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchBooks - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBooks\ tooltip=\gtbMultilineTooltip\ label=\Zoeken naar boeken met Google\ fullText=\Zoeken naar boeken met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAiNJREFUeNp0kztvE0EUhc/Ya5uEFCsiiJQiwjJIiAaLAkSFRUPrAgpqfgBQUSL/gkBBDRJFCpB4SBFNikAVCRE5giISTmQkjCP8iNfG6915MjO7fuKMdKTdO3O/e+beXXJzSxXWs/U8gAda57VKWk+v5lY7mFi7B7/N3hOt4iBkL299WHsfPMY20QB1xhG4d7aDC6fo8LxJfmZA8ftDU4AL6W5WM3jxLYUjL0BYWiGO2W3zJJ7Xl5HLUNx2e7i4SN242hWtgpTK/dpI4tX+Asq1EIzqQioiO8OSSgf2+2l895ZxbWmAG66PS0u0uNdO4u2hg51fCjTwIQVGyRYgRPQuJWCeOQc+Nxew8amOQesYK+kuFnOXIZiwRZScykeCMWhLWiySAXANCrwuglYDYevIwodSk9nGAWVR0EiYQyICKGNHMhDJpwByHsB4MhvDQyYXgoMIaiE2Fmt2OSxuqJoBKE5BeADi0Cgu/rc/vkIMUEOAqcRDENbXgMAC51WfuoKauQaoD0J7IKnIwUnLCX3dKCc1auQY0Eci9EAyBGpepm6uHWN752PHr/20I6TxKBmPHUg2t6r0/oAe7Np/JaGblfV/fCn9LW+BHjfsCE+yrPwuWHUPvF4p6SllTYyMdu+8Nn/besJdLTpreSTLG0CzgnNuGvL6fdQqh5C95jt95hHe3K1Gn7+aAIxBBQvig7y5ZzqVQEBOl+PE7SlHGvBPgAEAhIhYJbvKryMAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchCalendar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchCalendar\ tooltip=\gtbMultilineTooltip\ label=\Google Agenda\ fullText=\Google Agenda\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAldJREFUeNp8U01oU0EQ/t4zeU00iWLxr2nFXlSohyCkrTcv6kH0VAVPiiBeBfHmoUfBn4NHEQTxZKugN0FQNFiEgBfbElQkmor2x6bv2TQvb3fH2d2X0ODPwDCbt/N9M9/sxCEipK4pgpIgdsiIXYBky5xJcBQhR+uImiB2df+YAzbXgElBfXsLURqH+l4Gf4Ax0tE6LVdAlQeglQ/myjnzxCS5ujKUwoa5F1CLM5xQhSbUboiYRHeJxg9QUIW39tkSky2SMG1zcqZ4Ef37D+JnuoAgVIbUkJO9zw2OonfPdiyG29DyQ1tEExjNXCmQPfCTh4CWYCDPQAPj7nQMGoAv8ka/BVObQMStKgz1ClwoNJHPCLypEm6VWAaTjfYrDPc5mHynUFtSdtgdCXraZmAKp/f+wtHdLdQbLVwa8fCFk7NJhauHHUjpYuojobYgbGexuUYCPxVxvPEqwsjtOm5yVJyUz0hMfQowUa7zb9sNccdt/bYD/c7xtH1KoHo5Z6au/dl0gJl5F5PTCZw4oCyYSdYbdxB2LcqpO1XcLS2ZiueKPXaZ2IWUJra1dwgoCjvbdmQwgu/uwMRsmjUr7Mooc0ci4lnrTe0GxxLC+EUUzhaSGB5wjURd8d7rBT7omTlQ9CfYbKR7/iW11za/cRXFnWvIplw8n13FXCNnNGc9iX2b66isbOElcztgejjmJBB6INc3BLW6g9pyyr6z2sTfIpOoQeX5rd2VKW0l9PmP4Q2NQbaXY92W/cuSSQ/N94/4dJyJGDRw8sr/EX+xr0+vm7/zbwEGAAc7ldeFiLAmAAAAAElFTkSuQmCC\ hassend=\true\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbSearchDocs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchDocs\ tooltip=\gtbMultilineTooltip\ label=\Google Documenten\ fullText=\Google Documenten\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAfxJREFUeNqEU8tOFEEUPcXMIII6gisxkogkGk0gceUs3bHgB4wkfAD/IIlbl/yBBj/ApTEhIS5MXBAzhhiBlTIsZoQZm+7pqdf1VlV3T08YY3Vu30pVnXNPnaoSRIS8vW6CzhRwJkP0uD93BVi7Dazfh8jXCRG6DlvNB7cPQJK5tAWMyxwp95s9oMLzFQI9XwokDpiTTOQEkQaOv+3jYPc94iSBZLDKwqlppcC7IwzlZq0gcHK/f97F8dcvqHZb6JugYMDRVYGgTJJvvSA450X1Rw3MP1xBdOMOYiaIWZUj6rGcVn9IslNSUnjgZFYfNCCXgFMG/WHCCyaQ2uBXfIFuPIGalRwKkzrBUfsWbTXqQuRSnn0EObmpq8wRMUGfHTVawqoBrB74bFTIc5NAe/OxKBR0BmwYBYLEhMrWKAbKLGvOGpRFx+2vvIWODEeorYW1AUweJD0JcSbNY26c5y95kEieIMuTHMZwVr6S9SCZKZFeBUqnWRAYmWLqpIna+QmixaewlZqv5mVrlSlhY7jI2HtgZR/Xfuyh3mpiWbTZqDSYlxs4BjyqgAG9hSdYnJY4pBnvtjfMar8lXL6EowRXSSKaXcCe8yF2fphgFo0H3pyqjRJc//QG91Y3PMB9/yhYtN8f3vJ/GaL8nO++ePkf2LD93Hnln+NfAQYAumFzRInKlVsAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchGroups - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchGroups\ tooltip=\gtbMultilineTooltip\ label=\Google Discussiegroepen\ fullText=\Google Discussiegroepen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchImages - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchImages\ tooltip=\gtbMultilineTooltip\ label=\Google Afbeeldingen\ fullText=\Google Afbeeldingen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchLocal - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchLocal\ tooltip=\gtbMultilineTooltip\ label=\Google Maps\ fullText=\Google Maps\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchNews - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchNews\ tooltip=\gtbMultilineTooltip\ label=\Google Nieuws\ fullText=\Google Nieuws\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbGadgetButtonWithSeparateMenu\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchPhotos - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchPhotos\ tooltip=\gtbMultilineTooltip\ label=\Picasa Webalbums\ fullText=\Picasa Webalbums\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAt9JREFUeNpcU01ME0EU/rbdtvzTghWKFCPhRyQShaiRHz2YeECTwsnEgx48wQkTMJwkHIwHOaAXPBhvJkZjQAU5eCLBkyYmBYuJRiihECgtULptd2d3xzdbStCXvMzs5H0/782shCORTsXcnPMRnWkD+C90XR3nJh8tP167mzujWki5j0w63sM0dVLspcVvMKKbYEuL4P5a8NaLQFmZVSdB6vVW1k/9Q3AITnJoW8twvH4GlspAVzJglGrnNfh6KqHKzWCSVwB7K3yNU4LAlla23QLM4xyxl2vYeW9D6spdGDYZpm6CGyZJAQ4WROn+Y8j6CiRJmtyIhNxC3CZ6Fpv42wipaqSoIT5fAPN6H4yiEpjMADeJiG1AyiyhZHc4NwALZzMMfSC9kIQaI8tUbBiGRbL50wbnENX4TmRd6FHKCOxqEPLeG9hlhzVo2ZrBugLGmKVkUDH3SzgWqIBcXIjC4YfgUQIbnykZKUvQk6tAadaILAaRXlNIncE0qdk6O6punYTT6SSXpFxQgMIaP3gkH1wrBkw7SpxhJA5uzyYm5KhxkQMdyoV8fOlqIrDDAgvywzXtgZmspPRhR20lp3rWQWI/Aaffhc3LxRh1n4MzrOB2jUq0/ICAW60lHR2QmFPcADL5TTBT6SzBysofNJ85i/FYNULbHC0uDV9jQUyvzyFFA02Ssz2dIanRbbA8NLh8eFTRiuVwGLV1RBBc+IH6ugYMnOKYX8+jFlWE9sKYi4ag6AYSOhFoDEwjOVXCvfNXIUYlcB2d3bD19Q1J7yYn0e7leNW2g2pysE+gjYyKLVWlfrPgIjMPT1vuoLvxEj7OfILAWU9b9ChiYuIJ7w0E6G1zfN/+jee/ZrGqxFDl8KC9/DS6/W3wFnnwYXrGAlO9WLPvQMTBocUWuHkDL7rui9dm3YKqaaQ6e1h39C+VxVRzLhQl5RkcHNnNER0NARwbG3UfuEV//wPLwV8BBgAilqQLWMIqvAAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchScholar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchScholar\ tooltip=\gtbMultilineTooltip\ label=\Wetenschap\ fullText=\Wetenschap\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAD//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////4yMjP9OV1r/PktM/7W1tf////////////////////////////////////////////////////////////////8hJCj/ZL72/1Oezf9ra2v/////////////////////////////////////////////////////////////////SkpK/1Oi1f9Dhqz/lJSU/////////////////97e3v/39/f//////////////////////////////////////4yMjP9Lkrz/MmqM/+fn5////////////56Zl/+QQTD/bktF/8bHxv////////////////////////////////+cnJz/Q4a0/ylVa//Nzc3/kIyM/3dHPv/eXDn//2xC//9sQv+tTDH/hGRb/5eXl/+1tbX/3t7e////////////ra2t/0OGrP9LboT/lC8h/95UMf/3XDn//2xC//9sQv//bEL//2xC//dgOf/GRDH/czAh/5SUlP///////////97e3v9Afpj/X3mH/3ssGP/nUDH/91g5/7VMMf+cQCn/nDsp/61IKf/3WDH/71Ax/0oYEP/n5+f////////////39/f/GDhS/21vcv8wHxf/nDMh/5wzIf/eTDH//1Q5//9UOf/nTDH/pTch/4wrGP9EJh//////////////////jIyM/zFJWv9SLCn/zkQx//9UOf//VDn//1Q5//9UOf//VDn//1Q5//9UOf//VDn/pTMh/0w3Mf+xsLH//v7+/z4fF//GQCn/xkxC/71QSv+cREL/pURC/3swMf9rJBj/vUAp//9UOf//VDn//1Q5//9UOf//UDn/ShgQ/zAzMP/v7+//jIyM/2ZBN/+MKyH/70wx//9UOf//VDn/xkAp/85EMf//VDn//1Q5/95IMf97KBj/Nh8Y/4SGhP/n5+f/////////////////xsbG/1dVUv9wJx//xkAp//9QOf/GOyn/cyQY/1IzMP9zc3P/xsbG////////////////////////////////////////////5+fn/4SEhP82LCn/e3t7/97e3v//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchSite - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchSite\ tooltip=\gtbMultilineTooltip\ label=\Site doorzoeken\ fullText=\Site doorzoeken\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbSearchVideo - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchVideo\ tooltip=\gtbMultilineTooltip\ label=\Google Video\ fullText=\Google Video\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAghJREFUeNpsksFrE0EUxr83M7ubpkK0tLYB9VArUolHvfUgvXn3Ih79Q/wL/AMURNSrQs8eBEF67E3sIbSUpralIDQsscnOjO/NzCZd6ZKXmd2d7zff93bIe4/tr8f+sF/i90GJvKXRe7QAbQhyfdsaYH93iLVeBxtPu+HZqKzw4fUu3n/fJPr8tu/zQoUX5bDCYL+EQNcedKaQnR9n2Ps1xK3VeTx+cjM8G/+1+PJuD3p9+cWrG4sFslxBQNoonByOcHo0wlK3BaUJ3TvtAO//PMf5nzFu370W1t172AE9v//Ri7g9b1BfsngydijmNObaevr8ZDAK7hYWWxw1ujbLvdWwuxG7RHDWoc3iauK5XCiBTXgsVuL87ILHIb/juZEFznlMSACA57nc20rKwVq+ryu986kcuzFC1JyTYr/YIuJCFohYNqgh9j8Q+Bcd2CZActYCcVKJEx5d1QQpRdGBUhKfmoDaRTWDXAbJuoy/2hUA34hxGRJANkaSMxKaL52k8EVijBowbaaNO4Z+iAP+OnI25MTm0YFlQNxd/n0dw/mmi+REcou44DJZikDpE14JSBDvEGznRRRnWTpI7oLzKhfVwKwPLkIEJhGlYSIOtpMYrDVHfgvr158F0QwQR4mmpUxdKkSQzTS73j7+BBJhb+XlTJ2aQampYc4TcUFoXjsHb+ifAAMAoBeO3DWt6ZQAAAAASUVORK5CYII=\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbSearchWebhistory - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchWebhistory\ tooltip=\gtbMultilineTooltip\ label=\Webgeschiedenis\ fullText=\Webgeschiedenis\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml\ tooltip=\gtbMultilineTooltip\ label=\Gmail\ fullText=\Gmail\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg42v84ONr/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/ODja/zg42v84ONr/ODja/+Li////////////////////////////////////////////////////////4uL//zg42v84ONr/ODja/zg42v+np/n/4uL/////////////////////////////////////////////4uL//6en+f84ONr/ODja/zg42v84ONr/4uL//6en+f/i4v////////////+BgfL/gYHy////////////4uL//6en+f/i4v//ODja/zg42v84ONr/ODja///////i4v//p6f5/7a2//+BgfL/Wlrp/1pa6f+BgfL/trb//6en+f/i4v///////zg42v84ONr/ODja/zg42v///////////7a2//+BgfL/Wlrp/zg42v84ONr/Wlrp/4GB8v+2tv////////////84ONr/ODja/zg42v84ONr///////////+BgfL/Wlrp/zg42v+2tv//trb//zg42v9aWun/gYHy////////////ODja/zg42v84ONr/ODja//////+BgfL/Wlrp/zg42v+2tv////////////+2tv//ODja/1pa6f+BgfL//////zg42v84ONr/ODja/zg42v+BgfL/Wlrp/zg42v+2tv///////////////////////7a2//84ONr/Wlrp/4GB8v84ONr/ODja/zg42v84ONr/ODja/zg42v+2tv//////////////////////////////////trb//zg42v84ONr/ODja/zg42v84ONr/ODja/zg42v+BgfL/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+BgfL/ODja/zg42v84ONr/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAP//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAD//wAA//8AAA==\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>
FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml\ tooltip=\gtbMultilineTooltip\ label=\Knoppenlijstj\ fullText=\Knoppenlijstj\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAcNJREFUeNpsU7tOAzEQXF8uCgLCQ+IHkICa74ACISEaOh4SNeIXqGmgA0o+AAlqhBDiG6CkoQHEI+Tu/FhmbcdJjlia2+TsnZ0d7ykaWMzs49Y98XtFJHgDPiqmtw2lZE+FkM5ngwSyuf9IbMBje8B7B7QvuzyY3FtZ/UWB02UECpNGdM5JORq1Mq5tdAxR1waiArGSXBAwWxrVbi6P3QdmqfiLMz8m4DcSVVYkGGJraezslZ0uyOnSd+wfm3fg5lBJEoTkG8nfmugLZmitkV8iqfKJnsD/Bw6XVS5O29hrEVV0ogpjLCqbCI1WEJ0NYBdakGtyQsDBOFHRRWULyc5UHmz0MAl+90xNBCaqMJIoFaxI1yFGJDXOJTPz6aajT5A0ieGopR9fuS/bJ0NFA5XHc4eZQKU8o5lWHq6xON2jSSqprQqgosyWwSSPfgsZa5oGwUwrJDevjsPwyX0ure6kYXhZPwomeakmSDdBzcLtSZL+dH2u0hz07lQWromT07Fn55Jp/2Y5q8/3/ATTbG5pKjM01UBsMs2NNWhhtjV0DqppJOPiyjabtQOqj3jsWT3fXAyNsxo134Oe1Huuf85/AgwABNSAmdF/QsEAAAAASUVORK5CYII=\ type=\menu\ class=\gtb-custombutton gtbHelperIcon gtbWholeMenuGadgetButton\/>
FF - user.js: google.toolbar.button_option.cached.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml\ tooltip=\gtbMultilineTooltip\ label=\Google Earth\ fullText=\Google Earth\ image=\data:image/x-icon;base64,R0lGODlhEAAQAPfDAA40ViRReM7q/c7h8hA6XxM/ZjpUbDpVbgUrTB88VqSuuBJNgQw5YRVOgS+BwlNpfQ8yUhhJdRxMdgkvUqy7ytHd59Xe5Nfe5UZjfiZoojlad0FhfvD095umsSNln32SpU9meytzsCJzummCmCZmnUqp7CBWh7S+x6S+1RY8X3SJm0FedzqGxp2tupams2d5iRYzTRRYlD6V1i54uKSwuxw7V2F1hkRbb4merx5SgImaqU1tih08WV638vv7/Mzd66i1wZKjsiJAWwcpRwc3YwAkSDJijEODvG+ZvszU3AYqSqS1xNHo94Cqzm6p2hpFbDuX2yiByV1/nVN0kVOGsmOBmwYpSCJai2at41mv6nWv4B1ioSRnoqvM6O/y9dzs+dzi6DRcfjWS1xMzUCdqpVBpgCpyrypspn6QnxVQhg8zVF6HrIOVpTxbdx5RfWqJpqu8zC+CxCVkm/Hz9Qo0WSZWgRQ6Wyt5uziR05mxxz1cdx9dlTJzrk5pgDWFyh5Jb5Souc3b5vn6+3ms2TZXdFt3j4mZp0qBswErUFam4aazvoGmxdDb5GuBlR5vt4+hsGCUwiNglhI/aS9kk3mRpp650B1OelBofaexvPX4/JilsGeIpEVccFd+oZ2uvofM9hhBZR5VhxhQgqvA0tHZ36G91wsqR/z8/C9/wCZtrGyFmwsqRihspxE5XKne/TthgqOzwaa0waKywdDi8wkrSltugTVfhHqYtBdQhOfs70llfXKGl+34/pajryx2tT9ffS58vBIvSf///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAMMALAAAAAAQABAAAAj8AIcJFDjq1psqqoAMXDgMxZZUkEoFshBrhSKGSI4McuLH0Zk1jASpQDOwUpNMwoR90SIihhsKwnbREEhlFhNeKYV14bPgTxIfBoblOcQi0SdXAlL+mESE0JwTmDp5uCMjS48SWAYIqxAGkS5DNupEMhMHDxQxUWYs4pBLQxFanAKYIBECmANUvriksSWLVCMhN6ZEaLAnAysycq5YKkCnjY4HtQC92mREFK5QOSQ8AZVCjZVVCobtEOYFjpQAkhgQaAUAwphgAnF4SnnqwhJKhTD0OQCjw8ARsMBs+PWhRRA2lxK8YPhIjx0AExAoGWJKE8OBLsrwqAGiF8OAADs=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>
FF - user.js: google.toolbar.button_option.gtbAutoFill - true
FF - user.js: google.toolbar.button_option.gtbBookmarks - true
FF - user.js: google.toolbar.button_option.gtbSearchBookmarks - true
FF - user.js: google.toolbar.button_option.gtbSearchGoogle - true
FF - user.js: google.toolbar.button_option.gtbSidewiki - false
FF - user.js: google.toolbar.button_option.gtbSpellCheck - false
FF - user.js: google.toolbar.button_option.gtbTranslate - true
FF - user.js: google.toolbar.button_option.gtbTranslateMenu - false
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - true
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml.feedUpdate - 1339045199
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - true
FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml.feedUpdate - 1339054058
FF - user.js: google.toolbar.button_option.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - true
FF - user.js: google.toolbar.component.bundled.dictionaries_config.json - 7.1.20110512
FF - user.js: google.toolbar.component.bundled.share_providers.json - 7.1.20110512
FF - user.js: google.toolbar.component.bundled.suggest_window.html - 7.1.20110512
FF - user.js: google.toolbar.custombuttons.list - gtbSearchImages,gtbCountrySearch,gtbSearchLocal,gtbSearchSite,gtbSearchNews,gtbSearchVideo,gtbSearchWebhistory,gtbFeelingLucky,gtbSearchGroups,gtbSearchBlogs,gtbSearchBooks,gtbSearchCalendar,gtbSearchDocs,gtbSearchPhotos,gtbSearchScholar,gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml,gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml,gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml
FF - user.js: google.toolbar.custombuttons.migrated - true
FF - user.js: google.toolbar.custombuttons.order.migrated.to.v6 - false
FF - user.js: google.toolbar.custombuttons.version - 1
FF - user.js: google.toolbar.done_page_shown - AU_3.1.20081010
FF - user.js: google.toolbar.enhanced_features.week - -1
FF - user.js: google.toolbar.firstrun.done - true
FF - user.js: google.toolbar.google_home - www.google.nl
FF - user.js: google.toolbar.google_home.default - www.google.nl
FF - user.js: google.toolbar.install_id - qeoEXlA1Y819UJ5vx9pOZH7VzwuiGy5koK1eMpyEoHPs
FF - user.js: google.toolbar.install_ping_acked - true
FF - user.js: google.toolbar.last_ping_attempt - 1338967666101
FF - user.js: google.toolbar.never_show_done_page - false
FF - user.js: google.toolbar.opted_into_advanced_features_1 - true
FF - user.js: google.toolbar.rlz - 1B3GGGL_nlNL247NL255
FF - user.js: google.toolbar.safebrowsing.keyupdatetime - 1339130996
FF - user.js: google.toolbar.search-icon - data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/0227/+Tzvb/9vv5/97h0f9JeBz/NHoA/z98Av9AfAD/PHsA/0F6AP8AAAAA/vz7/1+33/8Mp+z/FrHw/xWy8f8bs/T/Hqrx/3zE7v////7/t8qp/zF2A/87gwH/P4ID/z59AP8+egD/Q3kA/97s8v8botj/ELn3/wy58f8PtfL/D7Lw/xuz9P8vq+f/8/n///779v9KhR3/OYYA/0GFAv88hgD/QIAC/z17AP/0+/j/N6bM/wC07/8Cxf7/CsP7/wm+9v8Aqur/SrDb//7+/v///P7/VZEl/zSJAP87jQD/PYYA/0OBBf8+fQH///3//9Dp8/84sM7/CrDf/wC14/8CruL/KqnW/9ns8f/8/v//4OjX/z+GDf85kAD/PIwD/z2JAv8+hQD/PoEA/9C7pv/97uv////+/9Xw+v+w3ej/ls/e/+rz9///////+/z6/22mSf8qjQH/OJMA/zuQAP85iwL/PIgA/zyFAP+OSSL/nV44/7J+Vv/AkG7/7trP//7//f/9//7/6/Lr/2uoRv8tjQH/PJYA/zuTAP87kwD/PY8A/z2KAP89hAD/olkn/6RVHP+eSgj/mEgR//Ho3//+/v7/5Ozh/1GaJv8tlAD/OZcC/zuXAv84lAD/O5IC/z2PAf89iwL/OIkA/6hWFf+cTxD/pm9C/76ihP/8/v//+////8nav/8fdwL/NZsA/zeZAP83mgD/PJQB/zyUAf84jwD/PYsB/z6HAf+fXif/1r6s//79///58u//3r+g/+3i2v/+//3/mbiF/yyCAP87mgP/OpgD/zeWAP85lgD/OpEB/z+TAP9ChwH/7eHb/////v/28ej/tWwo/7tUAP+5XQ7/5M+5/////v+bsZn/IHAd/zeVAP89lgP/O5MA/zaJCf8tZTr/DyuK//3////9////0qmC/7lTAP/KZAT/vVgC/8iQWf/+//3///j//ygpx/8GGcL/ESax/xEgtv8FEMz/AALh/wAB1f///f7///z//758O//GXQL/yGYC/8RaAv/Ojlf/+/////////9QU93/BAD0/wAB//8DAP3/AAHz/wAA5f8DAtr///////v7+/+2bCT/yGMA/89mAP/BWQD/0q+D///+/////P7/Rkbg/wEA+f8AA/z/AQH5/wMA8P8AAev/AADf///7/P////7/uINQ/7lXAP/MYwL/vGIO//Lm3P/8/v//1dT2/woM5/8AAP3/AwH+/wAB/f8AAfb/BADs/wAC4P8AAAAA//z7/+LbzP+mXyD/oUwE/9Gshv/8//3/7/H5/zo/w/8AAdX/AgL6/wAA/f8CAP3/AAH2/wAA7v8AAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==
FF - user.js: google.toolbar.searchdomaincheck.done - true
FF - user.js: google.toolbar.spell_check.dictionary.words2 -
FF - user.js: google.toolbar.spell_check.lang - nl
FF - user.js: google.toolbar.spell_check.last_lang - nl
FF - user.js: google.toolbar.translate.target_lang - nl
FF - user.js: google.toolbar.translate.updateFlag - true
FF - user.js: google.toolbar.usage_stats.default - false
FF - user.js: intl.accept_languages - nl
FF - user.js: intl.charsetmenu.browser.cache - us-ascii, windows-1252, ISO-8859-9, UTF-8, ISO-8859-15
FF - user.js: metrics.event-count - 0
FF - user.js: microsoft.CLR.auto_install - false
FF - user.js: network.cookie.prefsMigrated - true
FF - user.js: network.http.proxy.version - 1.0
FF - user.js: pref.advanced.javascript.disable_button.advanced - false
FF - user.js: pref.browser.homepage.disable_button.bookmark_page - false
FF - user.js: pref.browser.homepage.disable_button.current_page - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: spellchecker.dictionary - nl
FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1339166194
FF - user.js: urlclassifier.tableversion.goog-black-enchash - 1.62997
FF - user.js: urlclassifier.tableversion.goog-black-url - 1.25401
FF - user.js: urlclassifier.tableversion.goog-white-domain - 1.493
FF - user.js: urlclassifier.tableversion.goog-white-url - 1.371
.
.
------- Bestandsassociaties -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS VERWIJDERD - - - -
.
AddRemove-Adobe Acrobat 4.0 - c:\windows\ISUN0413.EXE
AddRemove-Adobe Acrobat 5.0 - c:\windows\ISUN0413.EXE
AddRemove-Adobe Photoshop 5.0 Limited Edition - c:\windows\UNIN0413.EXE
AddRemove-EPSON Scan! II - c:\program files\epsonscannerdrivers\DeIsL2.isu
AddRemove-MagicDisc 2.7.105 - h:\progra~1\MAGICD~1\UNWISE.EXE
AddRemove-Microsoft Interactive Training - c:\windows\IsUn0413.exe
AddRemove-Microsoft Plus! Windows CE, Handheld PC Edition 3.0 - j:\vraagteken\alle geinstaleerde dingen\Uninst.isu
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-06-23 13:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CtrlVol = c:\program files\Launch Manager\CtrlVol.exe???????@?`??????w???w???????w???w;??w?r@????? ???????????????d???????????????????????4????????$?w???????????sI??s???s@????????????a?wx??st???????B-?s???????????????s???s?????n?w????Y??sL;??D??s??@??4@?X;?????????
LaunchAp = c:\program files\Launch Manager\LaunchAp.exe????\??? ??|h??|????a??|Nj?w?j?w????????0??? ???????????????d??????|????????p????u@????????????????s???????s???sx??s@?????????????}|h??st??????????s?????????????????C?sc"?sx??s??????:~??@?N'?s?;???4@? ;?????????
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver]
"ImagePath"="\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt"
.
[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\SecuROM\License information*]
"datasecu"=hex:02,bd,4e,ee,17,04,52,9b,f9,e0,34,2e,47,f2,ac,2b,be,74,fc,78,f1,
0f,68,25,1f,74,40,11,98,ab,a4,9b,a0,e2,aa,62,4b,e1,0d,6a,c8,ae,af,6e,45,70,\
"rkeysecu"=hex:67,68,7a,37,96,63,29,84,de,3d,d0,37,0e,0f,6d,63
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'explorer.exe'(3216)
c:\program files\Windows Desktop Search\deskbar.dll
c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui
c:\program files\Windows Desktop Search\dbres.dll
c:\program files\Windows Desktop Search\wordwheel.dll
c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui
c:\program files\Windows Desktop Search\msnlExtRes.dll
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\program files\Browser MOUSE\MOUDL32A.DLL
.
------------------------ Andere Aktieve Processen ------------------------
.
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\windows\system32\SearchIndexer.exe
c:\windows\system32\wscntfy.exe
c:\windows\system32\PRISMSTA.EXE
c:\progra~1\MI3AA1~1\rapimgr.exe
.
**************************************************************************
.
Voltooingstijd: 2012-06-23 13:36:34 - machine werd herstart
ComboFix-quarantined-files.txt 2012-06-23 11:36
.
Pre-Run: 5.268.869.120 bytes beschikbaar
Post-Run: 5.904.068.608 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Home-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /NoExecute=OptIn
.
- - End Of File - - A73E9D8E4622A8C79ECDB114F5C72000
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:10:30, on 23-6-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192972525500
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194005729359
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a6bbb6c683e394c4.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP2\RpcAgentSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 10343 bytes
-
ik zit nu op mijn geinvecteeds account in safe modus, ik had het hijackthis logje ook bekeken omtekijken of er dezelfde files er instonden. niet dus. echter heb ik dus nogsteeds het politivirus / ukashvirus worm of hoe je het ook wilt noemen melding die alles vergendeld
lekker is dit... drie maal overnieuw opgestard 3maal politie melding... net na safemodus en nogmaals mbam en ccleaner die beide niets vonden nogmaals geprobeerd en o my god 0.0" its gone!!!
ik heb al aardig wat rare dingetjes mee gemaakt maar dit soort problemen die zich zelf oplossen slaat alles... in mijn logica dan...
als jullie het niet erg vinden houdt ik dit nog eventjes open mocht hij weer oppopen en dezekeer niet zonder iets tedoen weer verdwijnt
nogmaals hardstikke bedankt voor de geweldige hulp!
-
het was opgelost dacht ik, echter is hij of nooit weggeweest of hij is weer terrug binnen 24 uur...
ik heb ondertussen wel bitdefendergeinstalleerd.
en voor de 2e infectie heb ik met het dacht ik echt met ccleaner opgeruimd.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:26:50, on 23-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\Bitdefender\Bitdefender 2012\bdagent.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSICAC5.tmp
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\Bitdefender\Bitdefender Arrakis Server\bin\arrakis3.exe
O23 - Service: BitDefender Desktop Update Service (UPDATESRV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\updatesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Bitdefender - C:\Program Files\Bitdefender\Bitdefender 2012\vsserv.exe
--
End of file - 9491 bytes
-
Hallo,
Het betreft een medion laptop van 2004 met windows xp home edition.
3,06ghz intel p4 proc
1gb ddr1 ram
60gb hdd functionele hdd
nvidia geforce fx 5350
Het probleem is dat je om de 30 seconde een freeze achtig iets hebt wat we niet hebben kunnen verhelpen met de volgende programmas die uptodatezijn/waren (dit probleem hebben we al ongeveer een jaar, het wordt echter alleen steeds erger en nu dus ondragelijk). Het treedt voornamelijk op als we iets doen dat met internet temaken heeft.
nod32 v4
systemmechanic
mbam
registermechanic
ccleaner
hitmanpro 3.5
spybot s&d
het enige wat tot dus ver wat geholpen heeft is hitmanpro maar na een minut of 5 a 10 hij weer niet vooruit tebranden.
we hopen dat jullie hier wat meer mee kunnen zonder dat we alles overnieuw moeten installeren wat geen optie is voor ons.
ik zal hier onder een hijackthis logje zetten aangezien die hier heilig lijken tezijn, en het begin van zoeenbeetje elke oplossing.
Alvast hardstikkebedank voor jullie goedehulp, aandacht en ideeen!
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:04:10, on 22-6-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17109)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Browser MOUSE\mouse32a.exe
C:\WINDOWS\system32\PRISMSTA.EXE
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Startpagina.nl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\nl\msntb.dll
O4 - HKLM\..\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Program Files\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\MpcStar\Codecs\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobiele favorieten maken... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.1.11.30.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: HiDownload - {F4FBA929-A891-492C-A0F6-5C79CC4F1742} - C:\WINDOWS\System32\shdocvw.dll (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.aldi.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15589FA1-C456-11CE-BF01-000000000000} - http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://cache.systemrequirementslab.com/htdocs/srl_bin/sysreqlab_srl.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (BitDefender QuickScan Control) - http://quickscan.bitdefender.com/qsax/qsax.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://software-dl.real.com/013f4116546d849a9c06/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1192972525500
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1194005729359
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-a6bbb6c683e394c4.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9CCE3B43-4DE0-4236-A84E-108CA848EE6A} (WebCam Control) - http://www.webcamnow.com/broadcast/ActiveXWebCam.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: cbXNGaXP - cbXNGaXP.dll (file missing)
O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP2\RpcAgentSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
--
End of file - 11098 bytes
-
mbam heeft niets gevonden dit is hopelijk normaal (hij is uptodate).
ik zal zometeen in deze reactie neerzetten of het gefixt is.
totdusver lijkt het probleem opgelost!
TOPERS ZIJN JULLIE, hardstikkebedankt!!!!
Malwarebytes Anti-Malware 1.61.0.1400
Databaseversie: v2012.06.22.04
Windows 7 Service Pack 1 x86 NTFS (Veilige modus/netwerkmogelijkheden)
Internet Explorer 8.0.7601.17514
Frank :: FRANK-PC [administrator]
22-6-2012 14:22:08
mbam-log-2012-06-22 (14-22-08).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 274272
Verstreken tijd: 6 minuut/minuten, 13 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:30:30, on 22-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ºÃ¿´123ÍøÖ·µ¼º½--ÉÏÍø¾ÍÉϺÿ´123!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [spybotDeletingF4382] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt"
O4 - HKCU\..\RunOnce: [spybotDeletingF8311] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt"
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSICAC5.tmp
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
--
End of file - 9836 bytes
-
Ik zit nu inde veilige modus op het desbetreffende acount.
Hijackthis als admin uitgevoerd, toch een melding dat hij geen schrijftoegang heeft tot host file?
naja hopelijk kunt u hier iets meer mee , wacht vol smart op uw antwoord.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:36:39, on 22-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Safe mode with network support
Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ºÃ¿´123ÍøÖ·µ¼º½--ÉÏÍø¾ÍÉϺÿ´123!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [wjpnviplakdvxjg] C:\ProgramData\wjpnvipl.exe
O4 - HKCU\..\RunOnce: [spybotDeletingF4382] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOHelperWidgiToolbar.xpt"
O4 - HKCU\..\RunOnce: [spybotDeletingF8311] "C:\Program Files\Spybot - Search & Destroy 2\SDDelFile.exe" "C:\Program Files\Common Files\Spigot\wtxpcom\components\IFBHOWidgiToolbar.xpt"
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSICAC5.tmp
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
--
End of file - 10225 bytes
-
Hardstikkebedankt voor uw super snelle reactie!
Ik ben alleen vergeten tevermelden dat ik op een ander acount zit dan de geinvecteerde kan dit kwaad (wel de zelfde os hoor)?
UPDATE: Ik heb net gereboot en hij zit er nogsteeds in, mijn volgende stap wordt dan toch maar een hijackthis logje maken op het desbetreffende account in de safe modus, zal ik zometeen posten.
mbamlog
Malwarebytes Anti-Malware 1.61.0.1400
Database version: v2012.06.22.04
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 8.0.7601.17514
HTC :: FRANK-PC [administrator]
22-6-2012 12:04:49
mbam-log-2012-06-22 (12-04-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 273997
Time elapsed: 6 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
hijackthislog:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:13:15, on 22-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ºÃ¿´123ÍøÖ·µ¼º½--ÉÏÍø¾ÍÉϺÿ´123!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSICAC5.tmp
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
--
End of file - 9949 bytes
-
ik heb er dus sinds een uurtjes of 6 last van en ik wordt er knetter van...
hier mijn hijack this logje, want hier uitvandaan schijnt het tamelijk makkelijk te fixen tezijn samen met mbam.
(overigens kan ik hier niet zoveelwijsuit maar dat zal wel normaalzijn )
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:46:07, on 22-6-2012
Platform: Windows 7 SP1 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = ºÃ¿´123ÍøÖ·µ¼º½--ÉÏÍø¾ÍÉϺÿ´123!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MIF5BA~1\Office14\GROOVEEX.DLL
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MIF5BA~1\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Program Files\YouTube Downloader Toolbar\IE\5.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [spybot-S&D Cleaning] "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy 2\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (Apparaatdetectie) - http://www.logitech.com/devicedetector/plugins/LogitechDeviceDetection32.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/NL/Core/Player/2020PlayerAX_Win32.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.7.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} (SysInfo Class) - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O22 - SharedTaskScheduler: Ave's 7StartButton Changer - {F791A188-699D-4FD4-955A-EB59E89B1907} - C:\Program Files\The Skins Factory\Hyperdesk\Common\AveStartButtonChangerInProc.dll
O23 - Service: ABBYY FineReader 10 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.10.0) - ABBYY - C:\Program Files\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Updater - Unknown owner - C:\Program Files\Application Updater\ApplicationUpdater.exe (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Dragon Service (DragonSvc) - Nuance Communications, Inc. - C:\Program Files\Common Files\Nuance\dgnsvc.exe
O23 - Service: ESET Service (ekrn) - Unknown owner - C:\Program Files\ESET\ESET Smart Security\ekrn.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HyperDesk's Custom Theme Enabler (HyperDeskCustomThemeEnabler) - Unknown owner - C:\Windows\Installer\MSICAC5.tmp
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Olympus DVR Service - OLYMPUS IMAGING CORP. - C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SRS HDAudio Lab Service (SRSHDAudioService) - SRS Labs, Inc. - C:\Program Files\Common Files\SRS Labs\SRS HD Audio Lab Service\SRSAudioLabService.exe
--
End of file - 10910 bytes
het kan zijn dat ik wat verkeerd zit qua plek in forum, sorry daarvoor.
alvast bedankt voor de moeite!!!
superlangzame laptop
in Archief Windows Algemeen
Geplaatst:
het gaat hardstikke goed! hij is weer supersnel, een enkele keer hapert hij nog, maar dat is meestal op vrij grote sites als meteotines en startpagina maar dat is ook wel het enigste, en als het zo blijft zijn we zeer tevreden!
nogmaals hardstikke bedankt voor uw supersnelle en profesionele hulp!