Tranqer

Hallo

 

Ik woon op mijn appartement en had me na de zomer voorgenomen de bureau te installeren. De router staat in de living.

 

De printer wil ik verhuizen van de living naar de bureau. Maar momenteel zit de printer met een kabel verbonden aan de router. Het gaat om een HP Laserjet pro 200 color. Op welke manier kan de printer aangesloten worden in de bureau op het netwerk? Een kabel trekken van de living naar de bureau lijkt wat gek?

In de bureau heb ik een telefoonkabel aansluiting, kan ik daar iets mee?

 

De vaste computer die voorheen niet geïnstalleerd was, wou ik ook graag installeren en op het netwerk aansluiten.

- Het is geen performante pc die volgens mij geen wifi verbindingen opmerkt. Kan ik dit op een bepaalde manier natrekken? 

- Indien geen wifi verbinding mogelijk is, wat zijn dan de opties? In de bureau heb ik een telefoonkabel aansluiting, kan ik daar iets mee?

 

Ik had een belkin wifi-range extender N600 Dual-Band aangeschaft om het bereik in de slaapkamer te verhogen. Deze krijg ik echter ook niet geïnstalleerd. In theorie zou ik deze draadloos kunnen installeren, maar in praktijk vraagt de installatie om de extender aan te sluiten op een kabel aan de router vooraleer ik wifi bereik kan krijgen. Het heeft echter weinig nut om deze extender in dezelfde ruimte als de router te gebruiken, ik ga ervan uit dan enkel elektriciteitstoevoer moet volstaan om de extender te laten werekn. Wat doe ik hier fout?

 

Ik weet niet als ik deze drie vragen in 3 verschillende topics moet plaatsen, indien nodig kan het opgesplitst worden. Al denk ik dat probleem van de printer en de vaste computer gelijkaardig opgelost kunnen worden.

 

Alvast bedankt

 

Tranqer

 

Ik ben niet zo'n technicus. Maar het zal weinig helpen als ik een usb stick met het programma op, gewoon in laptop met het blauwe scherm steek?

Hoe kan ik Speccy op de computer zetten als het niet meer opstart? Ik kan het overzetten via een usb stick maar de computer haalt het bureablad niet meer. Sinds 19 november antwoord ik hier van op een andere computer.

Hij wil nog steeds niet functioneren. welke opstartmodus ik ook aanklik. ik krijg steeds en dan start pc opnieuw op.

ik weet niet als de tekst op het blauwe schern leesbaar is. Valt er nog iets aan te doen? Deed ik wat mis bij de tweede test? ik hoop vandat het nog kan goedkomen!

nee lukt ooo niet. blijf het steeds herhalen (opstarten tot op blauwe scherm komt en nadien opnieuw). tussendoor een keuze tussen welke wijze je wil opstarten maar geen van de mogelijkheden bood verandering.

ik zal morgenmiddag nog eens proberen hem op te starten. wie weet gaat hij dan weer..

Beste,

Na de herstart bij dhet programma heb ik steeds een blauw scherm. Ik dacht hem een nachtje uit te laten en opnieuw te proberen vanavond maar geen betering. 0x0000000B4 is de technische informatie onderaan. Moet ik eventueel een foto nemen voor meer info?

Vriendelijke groeten,

Tranqer

Hallo,

De pc van mijn vriendin wordt trager met de tijd. Maar momenteel is het te erg aan het worden. Omdat jullie me heel goed vooruit hielpen met mijn vaste pc, post ik ook hier het logje. Hopelijk kan er aan gewerkt worden! Bedankt alvast!

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-11-17 16:10:00

Microsoft® Windows Vista™ Home Basic Service Pack 2

System drive C: has 63 GB (13%) free of 477 GB

Total RAM: 2941 MB (43% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:10:14, on 17/11/2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v9.00 (9.00.8112.16421)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe

C:\Windows\System32\spool\drivers\w32x86\3\E_FATICDE.EXE

C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe

C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe

C:\Users\GEBRUI~1\AppData\Local\Temp\RtkBtMnt.exe

C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe

C:\Windows\System32\mobsync.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

C:\Users\Gebruiker\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Gebruiker\Downloads\RSIT.exe

C:\Program Files\trend micro\Gebruiker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.simplespeedy.info/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.simplespeedy.info/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ContuinUaEotaosave - {E450300B-32B2-DB31-CB2A-0762D35DEAE8} - C:\ProgramData\ContuinUaEotaosave\513459d9e4ccd.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

O4 - HKLM\..\Run: [skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [Reader Library Launcher] C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe

O4 - HKLM\..\Run: [blackBerryAutoUpdate] C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe /background

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [Google Update] "C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [EPSON Stylus DX7400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE /FU "C:\Windows\TEMP\E_SAB92.tmp" /EF "HKCU"

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: Dropbox.lnk = C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\Gebruiker\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~1\contin~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe

--

End of file - 9802 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4171983273-2752588272-3659722859-1000Core.job

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4171983273-2752588272-3659722859-1000UA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5gm63ty4.default

prefs.js - "browser.startup.homepage" - "http://websearch.simplespeedy.info/"

prefs.js - "keyword.URL" - "http://websearch.simplespeedy.info/?l=1&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"=C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\IPSFFPlgn\

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]

"Description"=McAfee Mss Plugin

"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@protectdisc.com/NPMPDRM]

"Description"=MPDRM License Acquisition Plugin

"Path"=C:\Program Files\Common Files\mpDRM\NPMPDRM.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@rim.com/npappworld]

"Description"=

"Path"=C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0]

"Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers

"Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@sony.com/eBookLibrary]

"Description"=Sony Reader Library 3.1 is installed if this plugin exists

"Path"=C:\Program Files\Sony\Reader\Data\bin\npebldetectmoz.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.3]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\

bing.xml

bolcom-nl.xml

google.xml

marktplaats-nl.xml

wikipedia-nl.xml

C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5gm63ty4.default\extensions\

cje5@thk-.net

C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\5gm63ty4.default\searchplugins\

WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]

MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-09-05 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]

Norton Vulnerability Protection - C:\Program Files\Norton AntiVirus\Engine\19.7.1.5\IPS\IPSBHO.DLL [2012-03-29 210360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]

avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2011-11-29 3844768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-19 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E450300B-32B2-DB31-CB2A-0762D35DEAE8}]

ContuinUaEotaosave - C:\ProgramData\ContuinUaEotaosave\513459d9e4ccd.dll [2013-03-04 118272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-03-06 1224568]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-06-06 937920]

"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2008-08-29 61440]

"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-02-24 6789664]

"Skytel"=C:\Program Files\Realtek\Audio\HDA\Skytel.exe [2009-02-24 1833504]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]

"Reader Library Launcher"=C:\Program Files\Sony\Reader\Data\bin\launcher\Reader Library Launcher.exe [2010-07-13 906648]

"BlackBerryAutoUpdate"=C:\Program Files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe [2009-11-19 623960]

"RoxWatchTray"=C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [2009-07-08 236016]

"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-03-06 4767304]

"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2013-10-01 152392]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Google Update"=C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [2011-11-25 136176]

"ISUSPM"=C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2008-10-24 206112]

"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

"EPSON Stylus DX7400 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICDE.EXE [2007-04-12 182272]

"Akamai NetSession Interface"=C:\Users\Gebruiker\AppData\Local\Akamai\netsession_win.exe [2013-06-05 4489472]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

VPN Client.lnk - C:\Windows\Installer\{1CE60928-8325-49A8-8B06-633E48DD2B67}\Icon3E5562ED7.ico

C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

Dropbox.lnk - C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="c:\progra~1\contin~1\sprote~1.dll c:\progra~1\simple~1\sprote~1.dll"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"BindDirectlyToPropertySetStorage"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"vidc.VP60"=C:\Windows\system32\vp6vfw.dll

"vidc.VP61"=C:\Windows\system32\vp6vfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2013-11-17 16:10:01 ----D---- C:\Program Files\trend micro

2013-11-17 16:10:00 ----D---- C:\rsit

2013-11-06 20:16:50 ----D---- C:\Program Files\FanFictionDownloader

2013-11-06 20:14:01 ----D---- C:\ProgramData\WinterSoft

2013-10-16 16:23:47 ----D---- C:\Users\Gebruiker\AppData\Roaming\VC 2 Paradise Resort

2013-10-16 16:22:26 ----D---- C:\Program Files\FishBone Games

2013-10-16 16:22:25 ----D---- C:\Downloads

2013-10-13 21:35:41 ----SHD---- C:\Config.Msi

2013-10-08 09:03:33 ----D---- C:\Program Files\iPod

2013-10-08 09:03:30 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

2013-10-08 09:03:29 ----D---- C:\Program Files\iTunes

======List of files/folders modified in the last 2 months======

2013-11-17 16:10:12 ----D---- C:\Windows\Prefetch

2013-11-17 16:10:01 ----RD---- C:\Program Files

2013-11-17 16:09:54 ----D---- C:\Windows\Temp

2013-11-17 16:06:26 ----D---- C:\ProgramData\InstallMate

2013-11-17 16:01:51 ----D---- C:\Program Files\McAfee Security Scan

2013-11-07 21:31:18 ----D---- C:\Users\Gebruiker\AppData\Roaming\vlc

2013-11-07 19:46:05 ----D---- C:\Windows\System32

2013-11-07 19:46:05 ----D---- C:\Windows\inf

2013-11-07 19:46:05 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-11-07 18:00:33 ----D---- C:\Users\Gebruiker\AppData\Roaming\Dropbox

2013-11-07 17:54:42 ----D---- C:\Users\Gebruiker\AppData\Roaming\uTorrent

2013-11-07 15:04:24 ----SHD---- C:\System Volume Information

2013-11-06 20:14:01 ----HD---- C:\ProgramData

2013-10-16 11:21:32 ----D---- C:\Windows

2013-10-16 11:18:58 ----D---- C:\Windows\system32\catroot

2013-10-16 11:17:30 ----D---- C:\Program Files\Common Files\InstallShield

2013-10-16 11:17:06 ----HD---- C:\Program Files\InstallShield Installation Information

2013-10-16 11:15:06 ----D---- C:\Windows\system32\Tasks

2013-10-13 21:36:18 ----SHD---- C:\Windows\Installer

2013-10-09 17:00:26 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-10-08 09:03:31 ----D---- C:\Program Files\Common Files\Apple

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86s;ahcix86s; C:\Windows\system32\DRIVERS\ahcix86s.sys [2008-10-03 183312]

R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [2013-03-06 49248]

R0 AtiPcie;ATI PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2008-04-28 14352]

R0 PxHelp20;PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [2007-05-01 43528]

R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NAV\1308000.00E\SYMDS.SYS [2011-07-25 340088]

R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NAV\1308000.00E\SYMEFA.SYS [2012-05-22 924320]

R1 AswRdr;aswRdr; C:\Windows\system32\drivers\AswRdr.sys [2013-03-06 49760]

R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2013-03-06 765736]

R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2013-03-06 368176]

R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2013-03-06 62376]

R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\BASHDefs\20111210.003\BHDrvx86.sys [2011-11-14 819320]

R1 ccSet_NAV;Norton AntiVirus Settings Manager; C:\Windows\system32\drivers\NAV\1308000.00E\ccSetx86.sys [2012-06-07 132768]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2011-12-27 239168]

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2011-11-21 374392]

R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\IPSDefs\20111220.001\IDSvix86.sys [2011-11-18 368248]

R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NAV\1308000.00E\SRTSPX.SYS [2012-07-06 32928]

R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NAV\1308000.00E\Ironx86.SYS [2012-04-18 149624]

R2 aswFsBlk;aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [2013-03-06 29816]

R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2013-03-06 66336]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2010-04-27 1214976]

R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-02-09 4172800]

R3 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\Windows\system32\Drivers\CVPNDRVA.sys [2010-09-27 308859]

R3 DNE;Deterministic Network Enhancer Miniport; C:\Windows\system32\DRIVERS\dne2000.sys [2008-11-16 131984]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2011-11-21 106104]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-24 2327968]

R3 k57nd60x;Broadcom NetLink Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\k57nd60x.sys [2011-11-16 223232]

R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136]

R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]

R3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-12-25 155808]

R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2012-03-28 141944]

R3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056]

R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2008-10-10 23096]

R3 usbvideo;USB-videoapparaat (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]

S3 AiCharger;AiCharger; C:\Windows\system32\drivers\AiCharger.sys [2012-03-22 13952]

S3 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys [2013-03-06 164736]

S3 CVirtA;Cisco Systems VPN Adapter; C:\Windows\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 drmkaud;Microsoft Kernel DRM-audiodecoder; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]

S3 HdAudAddService;Microsoft 1.1 UAA Functiestuurprogramma voor High Definition Audio-service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]

S3 MSKSSRV;Microsoft Streaming Service-proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]

S3 MSPCLOCK;Microsoft Streaming Clock-proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]

S3 MSPQM;Microsoft Streaming Kwaliteitsbeheer Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]

S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink-conversieprogramma; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]

S3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20111220.038\NAVENG.SYS [2011-11-21 86136]

S3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_19.1.0.28\Definitions\VirusDefs\20111220.038\NAVEX15.SYS [2011-11-21 1576312]

S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784]

S3 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NAV\1307010.005\SRTSP.SYS [2012-03-29 574072]

S3 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NAV\1307010.005\SYMTDIV.SYS [2012-03-29 345208]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]

S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448]

S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]

S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656]

S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624]

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-03-06 45248]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2010-09-27 1528616]

R2 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-01 553288]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-24 116648]

S2 NAV;Norton AntiVirus; C:\Program Files\Norton AntiVirus\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-09 257416]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-04-24 116648]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]

S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2012-10-24 115168]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

S4 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2012-02-10 72704]

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]

S4 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2009-02-09 724992]

S4 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

S4 Roxio UPnP Renderer 9;Roxio UPnP Renderer 9; C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe [2007-12-06 88560]

S4 Roxio Upnp Server 9;Roxio Upnp Server 9; C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe [2007-12-06 362992]

S4 RoxLiveShare9;LiveShare P2P Server 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe [2009-07-08 313840]

S4 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2009-07-08 1108464]

S4 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2009-07-08 170480]

S4 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2012-06-07 160944]

S4 Sony SCSI Helper Service;Sony SCSI Helper Service; C:\Program Files\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [2010-04-02 73728]

-----------------EOF-----------------

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Gebruiker on vr 01/11/2013 at 12:19:21,93.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Gebruiker\Bureaublad\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-31-163948.log 20044 bytes

C:\zoek-results2013-10-31-165540.log 82624 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20130111_1225_.backup

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

user.js not found

---- Lines Lyric removed from prefs.js ----

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.description", "LyricsMonkey will allow you to di

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.name", "LyricsMonkey-15");

---- FireFox user.js and prefs.js backups ----

prefs_20130111_1225_.backup

==== Deleting Files \ Folders ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2) deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{9494ded5-43f8-4571-bf19-fe88853faa74}(2) deleted

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [08/09/2012 11:00]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk

- Dictionnaire franais Classique - %ProfilePath%\extensions\fr-classique@dictionaries.addons.mozilla(2).org

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

4AE054AAF74F93566720766CBC9A0E64 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

2F4781F84C92E8C4B1586E47A78E8A61 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255

18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

81D388824634378A37765FD943FB3144 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{73178189-D9FF-43C6-B712-83A791CA53A2} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF"

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator.WIT\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator.WIT\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\Cache emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on vr 01/11/2013 at 12:28:14,06 ======================

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Gebruiker on do 31/10/2013 at 17:39:56,04.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Gebruiker\Bureaublad\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-10-31-163948.log 20044 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{D73E11CB-F204-4E65-B08C-0A1B87F75CC1} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\prefs.js:

Added to C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\prefs.js:

user_pref("browser.startup.homepage", "https://www.google.be/");

user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2928232&SearchSource=3&q={searchTerms}");

user_pref("browser.newtab.url", "about:home");

user_pref("browser.search.defaultengine", "Web Search");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Search the web (Babylon)");

user_pref("keyword.URL", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=KW_ss&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20133110_1746_.backup

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar.admin", false);

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.id", "f4c1ce27000000000000001cc02a6bc2");

user_pref("extensions.BabylonToolbar.instlDay", "15613");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");

user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:06:35");

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("extensions.BabylonToolbar.id", "f4c1ce27000000000000001cc02a6bc2");

user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

user_pref("extensions.BabylonToolbar.instlDay", "15613");

user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");

user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:06:35");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.admin", false);

---- Lines CT2088433 removed from prefs.js ----

user_pref("CommunityToolbar.ToolbarsList", "CT2088433,CT2269050,ConduitEngine,CT2661040,CT2928232");

user_pref("CommunityToolbar.ToolbarsList2", "CT2088433,CT2269050,CT2661040,CT2928232");

user_pref("CT2088433.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2088433.alertChannelId", "514448");

user_pref("CT2088433.backendstorage.http://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");

user_pref("CT2088433.clientLogIsEnabled", true);

user_pref("CT2088433.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2088433.CTID", "CT2088433");

user_pref("CT2088433.CurrentServerDate", "25-9-2010");

user_pref("CT2088433.DialogsAlignMode", "LTR");

user_pref("CT2088433.DownloadReferralCookieData", "");

user_pref("CT2088433.EMailNotifierPollDate", "Sat Sep 25 2010 13:13:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate128987942421563064", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate129235006468118858", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate129237589749795253", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedLastCount128728594662093846", 365);

user_pref("CT2088433.FeedPollDate128728593579282204", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728593868969193", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728594303656973", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728594641156345", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728605119906817", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728620224750982", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728621999281513", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728624614438005", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728631330531749", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637292250655", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637427719582", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637736781257", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedTTL128728593579282204", 5);

user_pref("CT2088433.FeedTTL128728624614438005", 30);

user_pref("CT2088433.FeedTTL128728637292250655", 15);

user_pref("CT2088433.FirstServerDate", "23-9-2010");

user_pref("CT2088433.FirstTime", true);

user_pref("CT2088433.FirstTimeFF3", true);

user_pref("CT2088433.FirstTimeSettingsDone", true);

user_pref("CT2088433.FixPageNotFoundErrors", false);

user_pref("CT2088433.GroupingServerCheckInterval", 1440);

user_pref("CT2088433.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2088433.Initialize", true);

user_pref("CT2088433.InitializeCommonPrefs", true);

user_pref("CT2088433.InstallationAndCookieDataSentCount", 3);

user_pref("CT2088433.InstalledDate", "Thu Sep 23 2010 19:56:29 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.InvalidateCache", false);

user_pref("CT2088433.IsGrouping", false);

user_pref("CT2088433.IsMulticommunity", false);

user_pref("CT2088433.IsOpenThankYouPage", true);

user_pref("CT2088433.IsOpenUninstallPage", true);

user_pref("CT2088433.LanguagePackLastCheckTime", "Sat Sep 25 2010 07:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2088433.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2088433.LastLogin_2.7.2.0", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.LatestVersion", "2.7.2.0");

user_pref("CT2088433.Locale", "nl");

user_pref("CT2088433.LoginCache", 4);

user_pref("CT2088433.MCDetectTooltipHeight", "83");

user_pref("CT2088433.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2088433.MCDetectTooltipWidth", "295");

user_pref("CT2088433.myStuffEnabled", true);

user_pref("CT2088433.myStuffPublihserMinWidth", 400);

user_pref("CT2088433.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2088433.myStuffServiceIntervalMM", 1440);

user_pref("CT2088433.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2088433.RadioIsPodcast", false);

user_pref("CT2088433.RadioLastCheckTime", "Sat Sep 25 2010 07:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.RadioLastUpdateIPServer", "3");

user_pref("CT2088433.RadioLastUpdateServer", "128929877726170000");

user_pref("CT2088433.RadioMediaID", "9446509");

user_pref("CT2088433.RadioMediaType", "Media Player");

user_pref("CT2088433.RadioMenuSelectedID", "EBRadioMenu_CT20884339446509");

user_pref("CT2088433.RadioStationName", "Radio%201%20");

user_pref("CT2088433.RadioStationURL", "http://www.omroep.nl/live/radio1-breed.asx");

user_pref("CT2088433.SearchEngine", "Zoek||Zoeken UCM_SEARCH_TERM

user_pref("CT2088433.SearchFromAddressBarIsInit", true);

user_pref("CT2088433.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2088433&q=");

user_pref("CT2088433.SearchInNewTabEnabled", true);

user_pref("CT2088433.SearchInNewTabIntervalMM", 1440);

user_pref("CT2088433.SearchInNewTabLastCheckTime", "Sat Sep 25 2010 07:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2088433.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2088433.SettingsCheckIntervalMin", 120);

user_pref("CT2088433.SettingsLastCheckTime", "Sat Sep 25 2010 13:16:22 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.SettingsLastUpdate", "1281128535");

user_pref("CT2088433.ThirdPartyComponentsInterval", 504);

user_pref("CT2088433.ThirdPartyComponentsLastCheck", "Thu Sep 23 2010 19:56:26 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ThirdPartyComponentsLastUpdate", "1256029839");

user_pref("CT2088433.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT2088433.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2088433.UserID", "UN74997904459673457");

user_pref("CT2088433.ValidationData_Toolbar", 1);

user_pref("CT2088433.WeatherNetwork", "");

user_pref("CT2088433.WeatherPollDate", "Sat Sep 25 2010 12:48:43 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.WeatherUnit", "C");

---- Lines CT2269050 removed from prefs.js ----

user_pref("CT2269050.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2269050.alertChannelId", "666138");

user_pref("CT2269050.clientLogIsEnabled", true);

user_pref("CT2269050.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2269050.CTID", "CT2269050");

user_pref("CT2269050.CurrentServerDate", "18-12-2010");

user_pref("CT2269050.DialogsAlignMode", "LTR");

user_pref("CT2269050.DownloadReferralCookieData", "");

user_pref("CT2269050.EMailNotifierPollDate", "Sat Dec 18 2010 09:49:24 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.FirstServerDate", "18-12-2010");

user_pref("CT2269050.FirstTime", true);

user_pref("CT2269050.FirstTimeFF3", true);

user_pref("CT2269050.FirstTimeSettingsDone", true);

user_pref("CT2269050.FixPageNotFoundErrors", true);

user_pref("CT2269050.GroupingServerCheckInterval", 1440);

user_pref("CT2269050.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2269050.Initialize", true);

user_pref("CT2269050.InitializeCommonPrefs", true);

user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);

user_pref("CT2269050.InstallationType", "UnknownIntegration");

user_pref("CT2269050.InstalledDate", "Fri Dec 17 2010 22:48:31 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.InvalidateCache", false);

user_pref("CT2269050.IsGrouping", false);

user_pref("CT2269050.IsMulticommunity", false);

user_pref("CT2269050.IsOpenThankYouPage", false);

user_pref("CT2269050.IsOpenUninstallPage", false);

user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Dec 17 2010 22:48:34 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2269050.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2269050.LastLogin_2.7.2.0", "Sat Dec 18 2010 09:49:25 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.LatestVersion", "3.2.5.2");

user_pref("CT2269050.Locale", "en");

user_pref("CT2269050.LoginCache", 4);

user_pref("CT2269050.MCDetectTooltipHeight", "83");

user_pref("CT2269050.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2269050.MCDetectTooltipWidth", "295");

user_pref("CT2269050.myStuffEnabled", true);

user_pref("CT2269050.myStuffPublihserMinWidth", 400);

user_pref("CT2269050.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2269050.myStuffServiceIntervalMM", 1440);

user_pref("CT2269050.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2269050.RadioIsPodcast", false);

user_pref("CT2269050.RadioLastCheckTime", "Fri Dec 17 2010 22:48:32 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.RadioLastUpdateIPServer", "3");

user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");

user_pref("CT2269050.RadioMediaID", "12473383");

user_pref("CT2269050.RadioMediaType", "Media Player");

user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");

user_pref("CT2269050.RadioStationName", "Hotmix%20108");

user_pref("CT2269050.RadioStationURL", "http://67.202.67.18:8082");

user_pref("CT2269050.SearchEngine", "Search||Zoeken UCM_SEARCH_TERM

user_pref("CT2269050.SearchFromAddressBarIsInit", true);

user_pref("CT2269050.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");

user_pref("CT2269050.SearchInNewTabEnabled", true);

user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);

user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Dec 17 2010 22:48:32 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SettingsCheckIntervalMin", 120);

user_pref("CT2269050.SettingsLastCheckTime", "Sat Dec 18 2010 08:57:04 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.SettingsLastUpdate", "1292581440");

user_pref("CT2269050.ThirdPartyComponentsInterval", 504);

user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Dec 17 2010 22:48:31 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");

user_pref("CT2269050.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT2269050.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2269050.UserID", "UN97155355317133530");

user_pref("CT2269050.WeatherNetwork", "");

user_pref("CT2269050.WeatherPollDate", "Sat Dec 18 2010 09:49:26 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.WeatherUnit", "C");

---- Lines CT2661040 removed from prefs.js ----

user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2661040");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2661040", "\"1300282998\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2661040/CT2661040", "\"1301829146\"");

user_pref("CT2661040..clientLogIsEnabled", true);

user_pref("CT2661040..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2661040..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2661040.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2661040.alertChannelId", "1053590");

user_pref("CT2661040.backendstorage.gs_dailyactivity", "31333034323632383631393031");

user_pref("CT2661040.backendstorage.gs_lifetimesent", "54525545");

user_pref("CT2661040.CTID", "CT2661040");

user_pref("CT2661040.CurrentServerDate", "1-5-2011");

user_pref("CT2661040.DialogsAlignMode", "LTR");

user_pref("CT2661040.DialogsGetterLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.DownloadReferralCookieData", "");

user_pref("CT2661040.ExternalComponentPollDate129285126639444459", "Sun May 01 2011 19:30:44 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.ExternalComponentPollDate129285126779288061", "Sun May 01 2011 19:30:44 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.FirstServerDate", "1-5-2011");

user_pref("CT2661040.FirstTime", true);

user_pref("CT2661040.FirstTimeFF3", true);

user_pref("CT2661040.FixPageNotFoundErrors", true);

user_pref("CT2661040.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrl

user_pref("CT2661040.globalFirstTimeInfoLastCheckTime", "Sun May 01 2011 21:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.GroupingServerCheckInterval", 1440);

user_pref("CT2661040.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2661040.HasUserGlobalKeys", true);

user_pref("CT2661040.Initialize", true);

user_pref("CT2661040.InitializeCommonPrefs", true);

user_pref("CT2661040.InstallationAndCookieDataSentCount", 1);

user_pref("CT2661040.InstallationId", "Spill_gamesgames_CT2661040.exe");

user_pref("CT2661040.InstallationType", "ConduitIntegration");

user_pref("CT2661040.InstalledDate", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.InvalidateCache", false);

user_pref("CT2661040.isAppTrackingManagerOn", true);

user_pref("CT2661040.IsGrouping", false);

user_pref("CT2661040.IsMulticommunity", false);

user_pref("CT2661040.IsOpenThankYouPage", false);

user_pref("CT2661040.IsOpenUninstallPage", true);

user_pref("CT2661040.LanguagePackLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2661040.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2661040.LastLogin_3.3.2.1", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.LatestVersion", "3.2.5.2");

user_pref("CT2661040.Locale", "en-us");

user_pref("CT2661040.MCDetectTooltipHeight", "83");

user_pref("CT2661040.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2661040.MCDetectTooltipWidth", "295");

user_pref("CT2661040.myStuffEnabled", true);

user_pref("CT2661040.myStuffPublihserMinWidth", 400);

user_pref("CT2661040.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2661040.myStuffServiceIntervalMM", 1440);

user_pref("CT2661040.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2661040.RadioIsPodcast", false);

user_pref("CT2661040.RadioLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.RadioLastUpdateIPServer", "3");

user_pref("CT2661040.RadioLastUpdateServer", "3");

user_pref("CT2661040.RadioMediaID", "9962");

user_pref("CT2661040.RadioMediaType", "Media Player");

user_pref("CT2661040.RadioMenuSelectedID", "EBRadioMenu_CT26610409962");

user_pref("CT2661040.RadioStationName", "California%20Rock");

user_pref("CT2661040.RadioStationURL", "http://feedlive.net/california.asx");

user_pref("CT2661040.SavedHomepage", "http://www.google.be/");

user_pref("CT2661040.SearchFromAddressBarIsInit", true);

user_pref("CT2661040.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2661040&SearchSource=2&q=");

user_pref("CT2661040.SearchInNewTabEnabled", true);

user_pref("CT2661040.SearchInNewTabIntervalMM", 1440);

user_pref("CT2661040.SearchInNewTabLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2661040.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2661040.SearchInNewTabUserEnabled", false);

user_pref("CT2661040.ServiceMapLastCheckTime", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SettingsLastCheckTime", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SettingsLastUpdate", "1301829146");

user_pref("CT2661040.testingCtid", "");

user_pref("CT2661040.ThirdPartyComponentsInterval", 504);

user_pref("CT2661040.ThirdPartyComponentsLastCheck", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.ThirdPartyComponentsLastUpdate", "1246786978");

user_pref("CT2661040.toolbarAppMetaDataLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.toolbarContextMenuLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.TrusteLinkUrl", "http://trust.conduit.com/CT2661040");

user_pref("CT2661040.usagesFlag", 1);

user_pref("CT2661040.UserID", "UN99038172216644458");

user_pref("CT2661040.WeatherNetwork", "");

user_pref("CT2661040.WeatherPollDate", "Sun May 01 2011 19:44:45 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.WeatherUnit", "C");

---- Lines CT2928232 removed from prefs.js ----

user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2928232&SearchSource=13");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2928232", "\"1298556922\"");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=ct2928232", "\"1298556922\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2928232", "\"634485749189530000\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2928232&octid=CT2928232", "\"1312118247\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=ct2928232&octid=CT2928232", "\"1312118247\"");

user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2928232");

user_pref("CommunityToolbar.ToolbarsList4", "CT2928232");

user_pref("CT2928232..clientLogIsEnabled", true);

user_pref("CT2928232..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2928232..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2928232.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2928232.alertChannelId", "1320116");

user_pref("CT2928232.ct2928232.DialogsAlignMode", "LTR");

user_pref("CT2928232.ct2928232.globalFirstTimeInfoLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.InvalidateCache", false);

user_pref("CT2928232.ct2928232.LanguagePackLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.Locale", "nl");

user_pref("CT2928232.ct2928232.RadioLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.RadioLastUpdateIPServer", "3");

user_pref("CT2928232.ct2928232.RadioLastUpdateServer", "3");

user_pref("CT2928232.ct2928232.SearchInNewTabLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.SettingsLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.SettingsLastUpdate", "1312118247");

user_pref("CT2928232.ct2928232.ThirdPartyComponentsLastCheck", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.ThirdPartyComponentsLastUpdate", "1256026239");

user_pref("CT2928232.ct2928232.toolbarAppMetaDataLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.toolbarContextMenuLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.CTID", "ct2928232");

user_pref("CT2928232.CurrentServerDate", "20-8-2011");

user_pref("CT2928232.DialogsAlignMode", "LTR");

user_pref("CT2928232.DialogsGetterLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.DownloadReferralCookieData", "");

user_pref("CT2928232.ExternalComponentPollDate129430338421937992", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ExternalComponentPollDate129430338591468879", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.FirstServerDate", "20-8-2011");

user_pref("CT2928232.FirstTime", true);

user_pref("CT2928232.FirstTimeFF3", true);

user_pref("CT2928232.FixPageNotFoundErrors", true);

user_pref("CT2928232.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.

user_pref("CT2928232.globalFirstTimeInfoLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.GroupingServerCheckInterval", 1440);

user_pref("CT2928232.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2928232.HasUserGlobalKeys", true);

user_pref("CT2928232.homepageProtectorEnableByLogin", true);

user_pref("CT2928232.initDone", true);

user_pref("CT2928232.Initialize", true);

user_pref("CT2928232.InitializeCommonPrefs", true);

user_pref("CT2928232.InstallationAndCookieDataSentCount", 2);

user_pref("CT2928232.InstallationType", "ConduitIntegration");

user_pref("CT2928232.InstalledDate", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.InvalidateCache", false);

user_pref("CT2928232.IsAlertDBUpdated", true);

user_pref("CT2928232.isAppTrackingManagerOn", true);

user_pref("CT2928232.isFirstRadioInstallation", false);

user_pref("CT2928232.IsGrouping", false);

user_pref("CT2928232.IsInitSetupIni", true);

user_pref("CT2928232.IsMulticommunity", false);

user_pref("CT2928232.IsOpenThankYouPage", false);

user_pref("CT2928232.IsOpenUninstallPage", true);

user_pref("CT2928232.LanguagePackLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2928232.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2928232.LastLogin_3.6.0.10", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.LatestVersion", "3.5.0.12");

user_pref("CT2928232.Locale", "nl");

user_pref("CT2928232.MCDetectTooltipHeight", "83");

user_pref("CT2928232.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2928232.MCDetectTooltipWidth", "295");

user_pref("CT2928232.myStuffEnabled", true);

user_pref("CT2928232.MyStuffEnabledAtInstallation", true);

user_pref("CT2928232.myStuffPublihserMinWidth", 400);

user_pref("CT2928232.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2928232.myStuffServiceIntervalMM", 1440);

user_pref("CT2928232.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2928232.OriginalFirstVersion", "3.6.0.10");

user_pref("CT2928232.RadioIsPodcast", false);

user_pref("CT2928232.RadioLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.RadioLastUpdateIPServer", "0");

user_pref("CT2928232.RadioMediaID", "9962");

user_pref("CT2928232.RadioMediaType", "Media Player");

user_pref("CT2928232.RadioMenuSelectedID", "EBRadioMenu_CT29282329962");

user_pref("CT2928232.RadioShrinkedFromSetup", false);

user_pref("CT2928232.RadioStationName", "California%20Rock");

user_pref("CT2928232.RadioStationURL", "http://feedlive.net/california.asx");

user_pref("CT2928232.SavedHomepage", "http://www.google.be/");

user_pref("CT2928232.SearchFromAddressBarIsInit", true);

user_pref("CT2928232.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2928232&SearchSource=2&q=");

user_pref("CT2928232.SearchInNewTabEnabled", true);

user_pref("CT2928232.SearchInNewTabIntervalMM", 1440);

user_pref("CT2928232.SearchInNewTabLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2928232.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2928232.SearchInNewTabUserEnabled", false);

user_pref("CT2928232.searchProtectorDialogDelayInSec", 10);

user_pref("CT2928232.searchProtectorEnableByLogin", true);

user_pref("CT2928232.ServiceMapLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SettingsLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SettingsLastUpdate", "1312118247");

user_pref("CT2928232.testingCtid", "");

user_pref("CT2928232.ThirdPartyComponentsInterval", 504);

user_pref("CT2928232.ThirdPartyComponentsLastCheck", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ThirdPartyComponentsLastUpdate", "1256026239");

user_pref("CT2928232.toolbarAppMetaDataLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.toolbarContextMenuLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ToolbarShrinkedFromSetup", false);

user_pref("CT2928232.TrusteLinkUrl", "http://trust.conduit.com/CT2928232");

user_pref("CT2928232.usagesFlag", 1);

user_pref("CT2928232.UserID", "UN13860167750765553");

user_pref("CT2928232.WeatherNetwork", "");

user_pref("CT2928232.WeatherPollDate", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.WeatherUnit", "C");

---- Lines conduit removed from prefs.js ----

user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.ConduitSearchList", "Spelletjes Customized Web Search");

user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");

user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");

user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1053590/1049301/BE", "\"0\"");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/BE", "\"0\"");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "L+tncv4eqt6Qm5T3dzChdA==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=nl", "zEXb2Fmcj/HVsqTQpIjULw==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=nl", "TW6pbvEhvglk5DM313wISg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "QmycQXJXVyFVAzIiNllWhQ==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=nl", "GAox/hnZ01AfFOF7PUvloQ==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=nl", "59UMFEXbxdbjS3gnY6/qrA==");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.2.5.2", "\"07b2625f8cb1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:0\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/toolbar/", "\"634394076199470000\"");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"634351849102130000\"");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=nl", "\"634492029952000000\"");

user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Gebruiker\\Application Data\\Mozilla\\Firefox\\Profiles\\5m7taeif.de

user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");

user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");

user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");

user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue May 10 2011 19:46:50 GMT+0200 (Romance (zomertijd))");

user_pref("ConduitEngine.componentAlertEnabled", false);

user_pref("ConduitEngine.CTID", "ConduitEngine");

user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.engineLocale", "nl");

user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.FirstServerDate", "01/07/2011 16");

user_pref("ConduitEngine.FirstTime", true);

user_pref("ConduitEngine.FirstTimeFF3", true);

user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Mar 21 2011 07:26:59 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.HasUserGlobalKeys", true);

user_pref("ConduitEngine.initDone", true);

user_pref("ConduitEngine.Initialize", true);

user_pref("ConduitEngine.InitializeCommonPrefs", true);

user_pref("ConduitEngine.InstalledDate", "Fri Jan 07 2011 14:54:25 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.isAppTrackingManagerOn", true);

user_pref("ConduitEngine.isDetectionEnabled", false);

user_pref("ConduitEngine.IsMulticommunity", false);

user_pref("ConduitEngine.IsOpenThankYouPage", false);

user_pref("ConduitEngine.IsOpenUninstallPage", true);

user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Jan 07 2011 17:54:25 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.LastLogin_3.3.2.1", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.usageEnabled", false);

user_pref("ConduitEngine.usagesFlag", 2);

user_pref("ConduitEngine.UserID", "UN99619194929425947");

---- Lines Search removed from prefs.js ----

user_pref("avg.install.userSPSettings", "Search the web (Babylon)");

---- Lines babsrc removed from prefs.js ----

user_pref("avg.install.userHPSettings", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001cc0

user_pref("sweetim.toolbar.urls.homepage", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001

---- Lines Lyric removed from prefs.js ----

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.description", "LyricsMonkey will allow you to di

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.name", "LyricsMonkey-15");

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultthis.engineName", "Spelletjes Customized Web Search");

---- Lines CommunityToolbar removed from prefs.js ----

user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 21 2011 07:26:59 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed May 11 2011 19:46:47 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.alert.locale", "en");

user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri May 13 2011 18:49:45 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");

user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

user_pref("CommunityToolbar.alert.showTrayIcon", false);

user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.alert.userId", "16f75fb9-6a44-44a6-be87-0119d275482f");

user_pref("CommunityToolbar.EngineHiddenByUser", true);

user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.globalUserId", "8c715a11-fd6d-4067-97ef-7dfedf5018f6");

user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

user_pref("CommunityToolbar.IsEngineShown", false);

user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");

user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.notifications.locale", "en");

user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

user_pref("CommunityToolbar.notifications.showTrayIcon", false);

user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.notifications.userId", "7fabb1d9-0d8c-4637-9ab0-2b4c6af4fcb9");

user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www.bing.com/search?FORM=IEFM1&q=");

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "141e76dd4d52d48174ad0668f9321fbf");

---- FireFox user.js and prefs.js backups ----

user_20133110_1746_.backup

prefs_20133110_1746_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b0cf91e-63d5-4474-9229-134d0b96fb28}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"BrowserMngr Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"BrowserMngrDefaultScope"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Deleting Files \ Folders ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e...6207813324.com not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\engine@conduit(2).com not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{2b0cf91e-63d5-4474-9229-134d0b96fb28} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions {9494ded5-43f8-4571-bf19-fe88853faa74} not found

C:\Documents and Settings\All Users\Application Data\BitGuard not found

"C:\Program Files\Spelletjes\prxtbSpe2.dll" not found

"C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml" not found

"C:\Program Files\Mozilla Firefox\searchplugins\yahoo-nl.xml" not found

"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\firefox@diamondata.net" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\babylon.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\BabylonMngr.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\conduit.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\SearchquWebSearch.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\startsear.xml" not found

C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\StartSearch plugin deleted

C:\Program Files\Conduit deleted

C:\Documents and Settings\Gebruiker\Application Data\Uniblue deleted

C:\Documents and Settings\Gebruiker\Application Data\ExpressFiles deleted

C:\Documents and Settings\Gebruiker\Application Data\DVDVideoSoftIEHelpers deleted

C:\Documents and Settings\Gebruiker\Application Data\Registry Mechanic deleted

C:\Documents and Settings\All Users\Application Data\AlawarWrapper deleted

C:\Documents and Settings\All Users\Application Data\Trymedia deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Ilivid Player deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\avgchrome deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\BitGuard deleted

C:\WINDOWS\002707_.tmp deleted

C:\WINDOWS\SET25.tmp deleted

C:\WINDOWS\SET3.tmp deleted

C:\WINDOWS\SET4.tmp deleted

C:\WINDOWS\SET8.tmp deleted

C:\WINDOWS\Tasks\Express FilesUpdate.job deleted

C:\WINDOWS\System32\ConduitEngine.tmp deleted

C:\WINDOWS\System32\SET104.tmp deleted

C:\WINDOWS\System32\SET106.tmp deleted

C:\WINDOWS\System32\SETF6.tmp deleted

C:\WINDOWS\System32\SETF7.tmp deleted

C:\WINDOWS\System32\SETF8.tmp deleted

C:\WINDOWS\System32\SETFD.tmp deleted

C:\WINDOWS\System32\tmp8C9.tmp deleted

C:\WINDOWS\System32\tmp8CA.tmp deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bProtector_extensions.rdf deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bprotector_extensions.sqlite deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bprotector_prefs.js deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2088433 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2269050 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2661040 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2928232 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\conduit deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\conduitCommon deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\ConduitEngine deleted

"C:\Program Files\ExpressFiles\EFUpdater.exe" deleted

"C:\Program Files\ExpressFiles\htmlayout.dll" deleted

"C:\Program Files\ExpressFiles" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

2013-10-23 10:35:48 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

====== C:\WINDOWS\Tasks ======

2013-10-23 11:22:22 68C9120CB9A9604C40C046C4FC790AAF 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-10-10 01:10:58 4C7DCA89F950FF5742448601123277EC 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-10-29 14:44:19 -------- d-----w- C:\Program Files\trend micro

2013-10-02 16:39:21 -------- d-----w- C:\Program Files\Common Files\Skype

======= C: =====

====== C:\Documents and Settings\Gebruiker\Application Data ======

2013-10-15 05:42:34 1F2A8C0F17F3324432AF0F551616DC36 491320 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

====== C:\Documents and Settings\Gebruiker ======

2013-10-29 14:42:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

====== C: exe-files ==

2013-10-29 14:44:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe

2013-10-29 14:43:28 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Mijn documenten\adriaan\scouts\Zaterdag 4 mei foto's\RSIT(1).exe

2013-10-29 14:42:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Google Update"="C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"ares"="C:\Program Files\Ares\Ares.exe -h"

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"RGSC"="C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NeroHomeFirstStart"="C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

"SigmatelSysTrayApp"="sttray.exe"

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"

"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"

"Family Tree Builder Update"="C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Google Update"="C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"ares"="C:\Program Files\Ares\Ares.exe -h"

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"RGSC"="C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent"

==== Startup Folders ======================

2011-03-30 20:06:10 958 ----a-w- C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23/10/2013 13:13]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ :C:\Program Files\Apple Software Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2011 14:01]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2011 14:01]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003Core.job --a------ [undetermined Task]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003UA.job --a------ C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [13/04/2011 07:26]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [12/08/2013 09:12]

C:\WINDOWS\tasks\Norton Security Scan for Gebruiker.job --ah----- [undetermined Task]

C:\WINDOWS\tasks\User_Feed_Synchronization-{CA43B98B-FEE6-480B-95E1-6E742A413AAA}.job --ah----- C:\WINDOWS\system32\msfeedssynC:.exe []

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [08/09/2012 11:00]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

- LyricsMonkey-15 - %ProfilePath%\extensions\df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com

- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk

- Dictionnaire franais Classique - %ProfilePath%\extensions\fr-classique@dictionaries.addons.mozilla(2).org

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

- ToggleDU Community Toolbar - %ProfilePath%\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2)

- DVDVideoSoftTB Community Toolbar - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2)

- gamesgames- Community Toolbar - %ProfilePath%\extensions\{9494ded5-43f8-4571-bf19-fe88853faa74}(2)

- diamondata - %ProfilePath%\extensions\firefox@diamondata.net.xpi

- PsicoTSI - %ProfilePath%\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

4AE054AAF74F93566720766CBC9A0E64 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

2F4781F84C92E8C4B1586E47A78E8A61 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255

18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

81D388824634378A37765FD943FB3144 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Deleted Firefox Extensions ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\firefox@diamondata.net.xpi deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2) deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cdjfkejjfbnnahgfabnehkfkhpfghoak - C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\tbch.crx[28/09/2011 20:18]

hendmekoldfacfhlojkjcnbjegkahclb - C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx[]

pbiamblgmkgbcgbcgejjgebalncpmhnp - C:\Program Files\StartSearch plugin\vshareplg.crx[]

Spelletjes - Gebruiker - Default\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak

LyricsMonkey-15 - Gebruiker - Default\Extensions\khmbajnfeegpfichienonefldpjedofp

Chrome In-App Payments service - Gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

LiveVDO plugin - Gebruiker - Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp

==== Chrome Fix ======================

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\tbch.crx deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdjfkejjfbnnahgfabnehkfkhpfghoak_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdjfkejjfbnnahgfabnehkfkhpfghoak_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001cc02a6bc2"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.myheritage.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="about:home"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{73178189-D9FF-43C6-B712-83A791CA53A2} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF"

==== Reset Google Chrome ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hendmekoldfacfhlojkjcnbjegkahclb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak deleted successfully

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Online plug-in.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: ambulantpdtb - {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files\AMIS\PdtbIePlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator.WIT\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\N0ZCEDYH will be deleted at reboot

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\RRX5LR5Z will be deleted at reboot

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator.WIT\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\Cache emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files\ExpressFiles" not found

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\N0ZCEDYH" not found

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\RRX5LR5Z" not found

==== EOF on do 31/10/2013 at 17:55:40,68 ======================

Dag kape,

Bedankt voor je antwoord. Ik krijg het zoek.exe bestand echter niet open.

Wanneer ik de zipfile download en uitpak op het bureaublad zie ik 3 icoontjes. Wanneer ik er dubbelklik lijkt er wel iets open te gaan, maar dat verdwijnt onmiddellijk. Hoe kan ik dit voorkomen of doe ik iets fouts?

Tranqer

- - - Updated - - -

Laat maar, het is plots opgestart

Dit is de log van mijn Hijack die ik deed:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-10-29 15:44:19

Microsoft Windows XP Professional Service Pack 3

System drive C: has 19 GB (12%) free of 153 GB

Total RAM: 3322 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:09:24, on 29/10/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Citrix\ICA Client\ssonsvr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\WINDOWS\sttray.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\ExpressFiles\EFUpdater.exe

C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE

C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\STacSV.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

C:\Program Files\trend micro\Gebruiker.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: Spelletjes Toolbar - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spelletjes - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll

O3 - Toolbar: Spelletjes Toolbar - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Online plug-in.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: ambulantpdtb - {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files\AMIS\PdtbIePlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

--

End of file - 14231 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Express FilesUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003Core.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003UA.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\Norton Security Scan for Gebruiker.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{CA43B98B-FEE6-480B-95E1-6E742A413AAA}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "https://www.google.be/"

prefs.js - "keyword.URL" - "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=KW_ss&mntrId=f4c1ce27000000000000001cc02a6bc2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]

"Description"=

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]

"Description"=Office Live Update v1.3

"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]

"Description"=Zylom Games Player 1.00

"Path"=C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

C:\Program Files\Mozilla Firefox\components\

IICAClient.xpt

nsIQTScriptablePlugin.xpt

nsIZylomPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

CCMSDK.dll

cgpcfg.dll

CgpCore.dll

confmgr.dll

ctxlogging.dll

ctxmui.dll

ICAClObj.class

icafile.dll

icalogon.dll

npicaN.dll

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

npvsharetvplg.dll

npzylomgamesplayer.dll

QuickTimePlugin.class

sslsdk_b.dll

TcpPServ.dll

C:\Program Files\Mozilla Firefox\searchplugins\

babylon.xml

SearchquWebSearch.xml

yahoo-nl.xml

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\

df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com

en-gb@flyingtophat.co.uk

engine@conduit(2).com

firefox@diamondata.net

fr-classique@dictionaries.addons.mozilla(2).org

{20a82645-c095-46ed-80e3-08825760534b}

{2b0cf91e-63d5-4474-9229-134d0b96fb28}

{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2)

{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2)

{9494ded5-43f8-4571-bf19-fe88853faa74}(2)

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\

babylon.xml

BabylonMngr.xml

bing.xml

conduit.xml

SearchquWebSearch.xml

startsear.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b0cf91e-63d5-4474-9229-134d0b96fb28}]

Spelletjes Toolbar - C:\Program Files\Spelletjes\prxtbSpe2.dll [2013-10-14 226592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

{4064EA35-578D-4073-A834-C96D82CBCF40} - &Save Flash - C:\Program Files\Save Flash\SaveFlash.dll [2010-06-01 1210368]

{2b0cf91e-63d5-4474-9229-134d0b96fb28} - Spelletjes Toolbar - C:\Program Files\Spelletjes\prxtbSpe2.dll [2013-10-14 226592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]

"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2007-09-26 303104]

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

"ConnectionCenter"=C:\Program Files\Citrix\ICA Client\concentr.exe [2010-10-12 304568]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24 49208]

""= []

"beidsccertprop"=C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768]

"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-04-18 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

"Google Update"=C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-13 136176]

"ares"=C:\Program Files\Ares\Ares.exe -h []

"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

"RGSC"=C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

Online plug-in.lnk - C:\WINDOWS\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe

VPN Client.lnk - C:\WINDOWS\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"

"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Games\Worms Armageddon - New Edition\WA.exe"="C:\Games\Worms Armageddon - New Edition\WA.exe:*:Disabled:Worms Armageddon"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\FIFA_08_No_DVD_Crack-FLTSUX\FIFA08.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\FIFA_08_No_DVD_Crack-FLTSUX\FIFA08.exe:*:Enabled:FIFA08"

"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

"C:\Program Files\Soldier of Fortune II - Double Helix\SoF2MP.exe"="C:\Program Files\Soldier of Fortune II - Double Helix\SoF2MP.exe:*:Enabled:SoF2MP"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe:*:Enabled:sof2"

"C:\Documents and Settings\Gebruiker\Bureaublad\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe"="C:\Documents and Settings\Gebruiker\Bureaublad\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe:*:Enabled:sof2"

"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows"

"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX00.938\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX00.938\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX01.047\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX01.047\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.094\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.094\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.938\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.938\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX09.329\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX09.329\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\NBA 2K12\packages\directx\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\NBA 2K12\packages\directx\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe"="C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe:*:Enabled:DiRT 3"

"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"

"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\7zS1.tmp\SymNRT.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\7zS1.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

"C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP-apparaatinstellingen (HP Officejet Pro 8600)"

"C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerk communicator (HP Officejet Pro 8600)"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\FIFA 13\Game\fifa13.exe"="C:\Program Files\FIFA 13\Game\fifa13.exe:*:Enabled:FIFA 13"

"C:\Program Files\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"

"C:\Program Files\ExpressFiles\expressdl.exe"="C:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files"

"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

======List of files/folders created in the last 2 months======

2013-10-29 15:44:19 ----D---- C:\rsit

2013-10-29 15:44:19 ----D---- C:\Program Files\trend micro

2013-10-23 11:36:06 ----D---- C:\Documents and Settings\Gebruiker\Application Data\Malwarebytes

2013-10-23 11:35:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-10-23 11:35:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-10-23 11:35:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2013-10-10 02:08:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$

2013-10-10 02:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$

2013-10-10 02:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$

2013-10-10 02:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$

2013-10-10 02:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$

2013-10-02 17:39:21 ----D---- C:\Program Files\Common Files\Skype

2013-09-14 18:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\BitGuard

2013-09-13 02:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$

2013-09-13 02:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$

2013-09-13 02:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 2 months======

2013-10-29 15:44:30 ----D---- C:\WINDOWS\Prefetch

2013-10-29 15:44:19 ----RD---- C:\Program Files

2013-10-29 14:35:28 ----D---- C:\WINDOWS\Temp

2013-10-29 14:29:21 ----D---- C:\WINDOWS\system32

2013-10-29 13:11:57 ----A---- C:\WINDOWS\MyHeritage.INI

2013-10-29 13:11:46 ----SD---- C:\WINDOWS\Tasks

2013-10-29 13:06:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-10-29 13:03:30 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-10-29 13:03:01 ----D---- C:\WINDOWS\system32\CatRoot2

2013-10-29 13:01:22 ----D---- C:\WINDOWS\system32\drivers

2013-10-29 12:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

2013-10-28 19:34:51 ----D---- C:\Program Files\Common Files\Symantec Shared

2013-10-24 20:48:38 ----D---- C:\Program Files\Spelletjes

2013-10-23 13:13:18 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-10-23 12:31:05 ----D---- C:\WINDOWS

2013-10-23 12:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$

2013-10-23 12:15:17 ----D---- C:\Documents and Settings\Gebruiker\Application Data\Skype

2013-10-20 05:54:58 ----A---- C:\WINDOWS\NeroDigital.ini

2013-10-14 02:02:59 ----D---- C:\WINDOWS\Microsoft.NET

2013-10-14 02:00:31 ----SHD---- C:\WINDOWS\Installer

2013-10-14 02:00:31 ----SHD---- C:\Config.Msi

2013-10-13 13:18:31 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2013-10-13 13:18:28 ----RD---- C:\Program Files\Skype

2013-10-13 11:40:09 ----D---- C:\Program Files\ExpressFiles

2013-10-10 02:27:51 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-10 02:14:54 ----RSD---- C:\WINDOWS\assembly

2013-10-10 02:11:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-10-10 02:10:22 ----D---- C:\WINDOWS\WinSxS

2013-10-10 02:08:40 ----HD---- C:\WINDOWS\inf

2013-10-10 02:08:40 ----A---- C:\WINDOWS\imsins.BAK

2013-10-10 02:08:39 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-10-10 02:07:51 ----D---- C:\WINDOWS\system32\MRT

2013-10-10 02:05:39 ----A---- C:\WINDOWS\system32\MRT.exe

2013-10-10 02:02:43 ----D---- C:\Program Files\Internet Explorer

2013-10-10 02:00:47 ----D---- C:\Program Files\Microsoft Security Client

2013-10-03 19:53:28 ----D---- C:\Program Files\Mozilla Firefox

2013-10-03 19:53:06 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-10-02 17:39:21 ----D---- C:\Program Files\Common Files

2013-09-23 22:55:12 ----A---- C:\WINDOWS\system32\ieframe.dll

2013-09-23 19:25:15 ----A---- C:\WINDOWS\system32\wininet.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\urlmon.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\url.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\occache.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mstime.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mshtmled.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mshtml.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\msfeeds.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\licmgr10.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\jsproxy.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\iertutil.dll

2013-09-23 19:25:11 ----A---- C:\WINDOWS\system32\iepeers.dll

2013-09-23 19:25:08 ----A---- C:\WINDOWS\system32\iedkcs32.dll

2013-09-23 19:25:08 ----A---- C:\WINDOWS\system32\corpol.dll

2013-09-23 19:07:19 ----A---- C:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2007-03-21 304920]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-15 691696]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2011-02-26 82380]

R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2010-07-14 65584]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-04 242240]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []

R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-03-29 125328]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-09-26 254872]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HECI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12288]

R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-02-09 13415040]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2011-05-25 119528]

R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2007-09-26 54272]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-09-26 1184168]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 a3o9h6uf;a3o9h6uf; C:\WINDOWS\system32\drivers\a3o9h6uf.sys []

S3 aibpzjc9;aibpzjc9; C:\WINDOWS\system32\drivers\aibpzjc9.sys []

S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]

S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]

S3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2012-07-19 29184]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-08-29 1528608]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\STacSV.exe [2007-09-26 90112]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-08 136176]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-23 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-08 136176]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-03 118680]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Bij voorbaat dank!

Beste,

voorlopig niets, heb onvoldoende kennis om er al wat aan te sleutelen.

Heb ook al gedacht dat het aan de verbinding zelf kan liggen, maar ik weet niet hoe je dat kan checken. Omdat ook andere laptops er soms last van hebben, maar in veel mindere mate dan mijn laptop.

Ik wil gerust eens stappen doorlopen die op deze pagina, maar weet niet als dit veralgemeend werkt.

http://www.pc-helpforum.be/f168/internet-laptop-valt-regelmatig-weg-40854/

Alvast bedankt bij elke hulp,

Tranqer

Ik zit met hetzelfde probleem. Anderen kunnen op kot met hun laptop wel constant verbinding maken, maar mijne valt vaak uit en soms geraak ik er dan weer niet op.

Hij zit wel aan een eenzelfde leeftijd, is van packar Bell. en wordt vaak warm. Daarom werk ik met zo'n externe koeler onder.