Vraag & Antwoord

Beveiliging & privacy

mysearch

Anoniem
pcguy
7 antwoorden
  • telekens weer mysearch als startpagina

    hier mijn hijack hopelijk zo goed

    Logfile of HijackThis v1.98.0
    Scan saved at 15:16:17, on 18-09-2004
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\PROGRAM FILES\SPAMIHILATOR\SPAMIHILATOR.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
    C:\WINDOWS\TEMP\HIJACKTHIS.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ckwsqwuyvtpkzqwedilld.com/FoHJRrrfuMr3sGU0VW4vPxxSZEx2dj5xE_oEH1Y1l_g.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.nbonzkgdfeifp.com/FoHJRrrfuMoDQwMAVA0z7155_5JvXriJdEVUKj7PIstawhblMRy_jnuZ_LvIibdv.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer by Maxdata
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YCOMP5_3_19_0.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - (no file)
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_nl_2.0.106-deleon.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: Curl Class - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - C:\WINDOWS\SYSTEM\NDRV.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {85FD5506-8727-6025-35D5-494BB2E74DA1} - C:\PROGRAM FILES\CORNWINDOWBEND\EGGS 01.EXE
    O3 - Toolbar: @msdxmLC.dll,-1@1043,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
    O3 - Toolbar: ANWB Toolbar - {EBB03E3E-020A-418D-B322-761B730CA860} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: InvulFormulieren &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Opslaan Formulieren &^ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Aanpassen &Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Save Flash - res://C:\PROGRAM FILES\UNH SOLUTIONS\FLASH SAVING PLUGIN\FLASHSBUTTON.DLL/210
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra button: ANWB - {C180B365-AAB4-49c3-8E52-C37832A8C758} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O9 - Extra 'Tools' menuitem: ANWB-toolbar - {C180B365-AAB4-49c3-8E52-C37832A8C758} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Werkbalk &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: InvulFormulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: InvulFormulieren &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Opslaan Formulieren &^ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Pictures - {C7486E80-B111-4768-995E-23CF307346FC} - (no file) (HKCU)
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - (no file) (HKCU)
    O12 - Plugin for .ssc: C:\WINDOWS\Downloaded Program Files\Ubizen\SmartStart\NPSmartStart32.dll
    O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
    O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://quickfix.chello.nl/sdccommon/download/tgctlins.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {94B964F0-45CC-11D4-9F1D-0060085C7782} (Version Class) - https://hypotheken.amersfoortse.nl/multisecure/hypothekenamersfoortse/smartstart/Win32/SmartStartSetup.cab
    O16 - DPF: {660B74E4-4E01-43DE-BB13-2BA2D643C05A} (SmartStartCtl Class) - https://hypotheken.amersfoortse.nl/multisecure/hypothekenamersfoortse/smartstart/Win32/SmartStartCtl.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/sikes/nl/win/QuickTimeInstaller.exe
    O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
    O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
    O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP! Control) - http://www.harderwijk.nl/uman/plattegrond/whip.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {23273A1C-C870-43C4-A3E3-67DC98630AC6} (IntSOFTEC Class) - http://213.229.160.209/dialers/it.cab
    O16 - DPF: {4E15D681-1D20-11D4-8B72-000021DA1956} - http://www.e-sexcash.com/plugin/552/liefdesdokternl.exe
    O16 - DPF: {FFFF0017-0001-101A-A3C9-08002B2F49FB} - http://www.regnodelsesso.com/23a101.exe
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {2C1651EF-8827-11D6-91A2-00E02964E8E3} - http://www.adultoweb.com/dialershtml/dialerweb.cab
    O16 - DPF: {70D86F3C-BA4D-11D2-80F5-006008B066EE} (VSPrefMgmt Class) - https://cert.abz.nl/vspcakm.cab
    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) -
    O16 - DPF: {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} (Medi@Show Control) - http://members.chello.nl/~e.vdwielen/Stripshow/MediaShow.cab
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://131.174.221.63/activex/AxisCamControl.ocx
    O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} (IntRuboskizo2 Class) - http://www.chicasmodelos.com/ruboskizo2.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031024/qtinstall.info.apple.com/abarth/nl/win/QuickTimeFullInstaller.exe
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
    O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
    O16 - DPF: {CAFECAFE-0013-0001-0009-ABCDEFABCDEF} (JInitiator 1.3.1.9) -
    O16 - DPF: {E1375E30-2C83-4D05-B87C-B38E06F0641E} (HTMLClientExtension Control) - https://rhg01.interpolis.nl/aip/appl610/HTMLClientExtension.ocx
    O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {F1A775D1-4AC0-11D3-9D32-00C04F37BB31} -
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
    O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} - http://virusscanasap.4sure.it/VS2/bin/myCioAgt.cab
    O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - (no file)
    O18 - Protocol: jit - {D6749987-7E8A-472C-AB19-8F3DF0C9109C} - C:\PROGRA~1\EFDECE\NWP\CLIENT\NWPPRO~1.DLL
  • [quote:f70153894f]R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ckwsqwuyvtpkzqwedilld.com/FoHJRrrfuMr3sGU0VW4vPxxSZEx2dj5xE_oEH1Y1l_g.htm
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.nbonzkgdfeifp.com/FoHJRrrfuMoDQwMAVA0z7155_5JvXriJdEVUKj7PIstawhblMRy_jnuZ_LvIibdv.html
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
    O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - (no file)
    O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)
    O2 - BHO: (no name) - {85FD5506-8727-6025-35D5-494BB2E74DA1} - C:\PROGRAM FILES\CORNWINDOWBEND\EGGS 01.EXE
    O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
    O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: Pictures - {C7486E80-B111-4768-995E-23CF307346FC} - (no file) (HKCU)
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - (no file) (HKCU)
    O16 - DPF: {23273A1C-C870-43C4-A3E3-67DC98630AC6} (IntSOFTEC Class) - http://213.229.160.209/dialers/it.cab
    O16 - DPF: {4E15D681-1D20-11D4-8B72-000021DA1956} - http://www.e-sexcash.com/plugin/552/liefdesdokternl.exe
    O16 - DPF: {FFFF0017-0001-101A-A3C9-08002B2F49FB} - http://www.regnodelsesso.com/23a101.exe
    O16 - DPF: {2C1651EF-8827-11D6-91A2-00E02964E8E3} - http://www.adultoweb.com/dialershtml/dialerweb.cab
    O16 - DPF: {0C568603-D79D-11D2-87A7-00C04FF158BB} (BrowseFolderPopup Class) -
    O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://131.174.221.63/activex/AxisCamControl.ocx
    O16 - DPF: {4B6015E7-3ABB-45DC-96B7-55A843751F28} (IntRuboskizo2 Class) - http://www.chicasmodelos.com/ruboskizo2.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
    O16 - DPF: {CAFECAFE-0013-0001-0009-ABCDEFABCDEF} (JInitiator 1.3.1.9) -
    O16 - DPF: {F1A775D1-4AC0-11D3-9D32-00C04F37BB31} -
    O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - (no file)
    [/quote:f70153894f]
    voordat je wat doet.. een vraag aan de ander log schoners.. wat iz RoboFormComFillForms?? spyware of iets van de belastingen?? :roll:

    of weet je dat zelf??

    PS: laat CWshredder 1.59.1 eens scannen.. 8)

    en post je nieuwe 1.98.2 log.. die vind meer zooi.. :lol:

    EDIT: de log is aangepast en dit kan weg.. :roll:
  • Roboform is een wachtwoordbeheerder. Zeer handig.
  • weer wat geleerd.. :D dan alles behalve robonog wat weg.. 8)
  • Deze niet fixen!!!!
    [list:eac1dfc0a1][b:eac1dfc0a1]
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
    O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
    [/b:eac1dfc0a1][/list:u:eac1dfc0a1]
  • Logfile of HijackThis v1.98.0
    Scan saved at 14:15:03, on 19-09-2004
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\SYSTEM\RPCSS.EXE
    C:\WINDOWS\SYSTEM\QTTASK.EXE
    C:\WINDOWS\EWUPDATER.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\PROGRAM FILES\SPAMIHILATOR\SPAMIHILATOR.EXE
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\SYSTEM\INTERNAT.EXE
    C:\WINDOWS\SYSTEM\DDHELP.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\PSTORES.EXE
    C:\WINDOWS\SYSTEM\WINOA386.MOD
    C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
    C:\HIJACK\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer by Maxdata
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
    R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar_nl_2.0.106-deleon.dll
    O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O2 - BHO: Curl Class - {A78CC2FF-6E4E-4556-B27C-D7C3A70D7A50} - C:\WINDOWS\SYSTEM\NDRV.DLL
    O2 - BHO: (no name) - {85FD5506-8727-6025-35D5-494BB2E74DA1} - C:\PROGRAM FILES\CORNWINDOWBEND\EGGS 01.EXE
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: BHO Class - {C77E900A-FF55-400E-9BAA-E042C8212898} - C:\PROGRAM FILES\SIMPELINTERNET\EASYBAR\TOOLBARSTARTER.DLL
    O3 - Toolbar: @msdxmLC.dll,-1@1043,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
    O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
    O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
    O3 - Toolbar: ANWB Toolbar - {EBB03E3E-020A-418D-B322-761B730CA860} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O3 - Toolbar: Easybar - {9AD55269-A21C-4260-BA7F-866FD09E8A8E} - C:\PROGRAM FILES\SIMPELINTERNET\EASYBAR\EASYBARSHELL.DLL
    O4 - HKLM\..\Run: [that clock] C:\PROGRA~1\STUPID~1\PollBlueLive.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
    O4 - HKLM\..\Run: [ewupdater] C:\WINDOWS\EWUPDATER.EXE
    O4 - HKLM\..\RunOnce: [Ad-aware] "C:\PROGRAM FILES\LAVASOFT\AD-AWARE 6\AD-AWARE.EXE" "+b1"
    O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O8 - Extra context menu item: Search Using Copernic Agent - C:\Program Files\Copernic Agent\Web\SearchExt.htm
    O8 - Extra context menu item: InvulFormulieren &] - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: Opslaan Formulieren &^ - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O8 - Extra context menu item: Aanpassen &Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Save Flash - res://C:\PROGRAM FILES\UNH SOLUTIONS\FLASH SAVING PLUGIN\FLASHSBUTTON.DLL/210
    O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra 'Tools' menuitem: Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRAM FILES\COPERNIC AGENT\COPERNICAGENT.EXE
    O9 - Extra button: ANWB - {C180B365-AAB4-49c3-8E52-C37832A8C758} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O9 - Extra 'Tools' menuitem: ANWB-toolbar - {C180B365-AAB4-49c3-8E52-C37832A8C758} - C:\PROGRAM FILES\ANWBTOOLBAR\ANWBTOOLBAR.DLL
    O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Werkbalk &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: InvulFormulieren - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: InvulFormulieren &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Opslaan - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Opslaan Formulieren &^ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Pictures - {C7486E80-B111-4768-995E-23CF307346FC} - (no file) (HKCU)
    O9 - Extra button: Flash - {43CF38F3-5AEC-45a3-AD31-04EB06E9C6CA} - (no file) (HKCU)
    O12 - Plugin for .ssc: C:\WINDOWS\Downloaded Program Files\Ubizen\SmartStart\NPSmartStart32.dll
    O12 - Plugin for .bcf: C:\PROGRA~1\INTERN~1\Plugins\NPBelv32.dll
    O16 - DPF: {01111F00-3E00-11D2-8470-0060089874ED} (Support.com Installer) - http://quickfix.chello.nl/sdccommon/download/tgctlins.cab
    O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab
    O16 - DPF: {94B964F0-45CC-11D4-9F1D-0060085C7782} (Version Class) - https://hypotheken.amersfoortse.nl/multisecure/hypothekenamersfoortse/smartstart/Win32/SmartStartSetup.cab
    O16 - DPF: {660B74E4-4E01-43DE-BB13-2BA2D643C05A} (SmartStartCtl Class) - https://hypotheken.amersfoortse.nl/multisecure/hypothekenamersfoortse/smartstart/Win32/SmartStartCtl.cab
    O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/sikes/nl/win/QuickTimeInstaller.exe
    O16 - DPF: {FEC3E5A3-50F7-4B0C-97D8-01CF69DFBFC7} (Measurement Service Client) - http://ccon.madonion.com/global/msc.cab
    O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
    O16 - DPF: {B2BE75F3-9197-11CF-ABF4-08000996E931} (Autodesk WHIP! Control) - http://www.harderwijk.nl/uman/plattegrond/whip.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} - http://security.symantec.com/SSC/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Besturing) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
    O16 - DPF: {70D86F3C-BA4D-11D2-80F5-006008B066EE} (VSPrefMgmt Class) - https://cert.abz.nl/vspcakm.cab
    O16 - DPF: {5DBF08EF-4BDE-11D3-B8E4-0080C84E9C66} (Medi@Show Control) - http://members.chello.nl/~e.vdwielen/Stripshow/MediaShow.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20031024/qtinstall.info.apple.com/abarth/nl/win/QuickTimeFullInstaller.exe
    O16 - DPF: {C58EFA10-2CC0-4C50-8C77-B326555EC1B7} (LaunchApp.clsDefault) - http://quickfix2.chello.nl/quickfix2/asp/LaunchApp.CAB
    O16 - DPF: {1D185838-009D-47C8-824B-B65B4854430E} (chelloInstall.Install) - http://quickfix2.chello.nl/quickfix2/asp/chelloInstall.CAB
    O16 - DPF: {E1375E30-2C83-4D05-B87C-B38E06F0641E} (HTMLClientExtension Control) - https://rhg01.interpolis.nl/aip/appl610/HTMLClientExtension.ocx
    O16 - DPF: {F2A84794-EE6D-447B-8C21-3BA1DC77C5B4} (SDKInstall Class) - http://activex.microsoft.com/activex/controls/sdkupdate/sdkinst.cab
    O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
    O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/aio/en/check/qdiagh.cab?319
    O16 - DPF: {72C23FEC-3AF9-48FC-9597-241A8EBDFE0A} (InstallShield International Setup Player) - http://ftp.hp.com/pub/automatic/player/isetupML.cab
    O16 - DPF: {40C83AF8-FEA7-4A6A-A470-431EE84A0886} - http://virusscanasap.4sure.it/VS2/bin/myCioAgt.cab
    O16 - DPF: {3F2705D0-C9D8-4020-A15C-E495A0050EC6} (Easywebinstaller Control) - http://s7.blingblingcontent.com/toolbarcash/activex/easywebinstaller.ocx
    O18 - Protocol: myrm - {4D034FC3-013F-4B95-B544-44D49ABE3E76} - (no file)
    O18 - Protocol: jit - {D6749987-7E8A-472C-AB19-8F3DF0C9109C} - C:\PROGRA~1\EFDECE\NWP\CLIENT\NWPPRO~1.DLL
  • kijk ff

Beantwoord deze vraag

Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.