frank12444

24 juni 2012

En hoe staat het nu met de snelheid ?

het gaat hardstikke goed! hij is weer supersnel, een enkele keer hapert hij nog, maar dat is meestal op vrij grote sites als meteotines en startpagina maar dat is ook wel het enigste, en als het zo blijft zijn we zeer tevreden!

nogmaals hardstikke bedankt voor uw supersnelle en profesionele hulp!

24 juni 2012

ComboFix 12-06-23.05 - Adrie 23-06-2012 14:59:27.2.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.545 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Adrie\Bureaublad\ComboFix.exe

gebruikte Opdracht switches :: c:\documents and settings\Adrie\Bureaublad\CFScript.txt

AV: ESET Smart Security 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

.

FILE ::

"c:\windows\System32\XDva031.sys"

"c:\windows\system32\XDva039.sys"

"c:\windows\system32\XDva068.sys"

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_XDVA031

-------\Legacy_XDVA039

-------\Legacy_XDVA068

-------\Service_mailKmd

-------\Service_XDva031

-------\Service_XDva039

-------\Service_XDva068

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))

.

2012-06-23 10:34 . 2012-06-23 10:34 -------- d-----w- c:\documents and settings\All Users\Favorieten

2012-06-22 13:36 . 2012-06-22 13:36 1409 ----a-w- c:\windows\QTFont.for

2012-06-22 12:59 . 2012-06-22 12:59 388096 ----a-r- c:\documents and settings\Adrie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-06-22 12:59 . 2012-06-22 12:59 -------- d-----w- c:\program files\Trend Micro

2012-06-20 14:31 . 2012-06-23 12:52 -------- d--h--r- c:\documents and settings\Adrie\Onlangs geopend

2012-06-09 11:29 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google

2012-06-09 11:26 . 2012-06-09 11:27 -------- d-----w- c:\program files\Defraggler

2012-06-09 11:24 . 2012-06-09 11:30 -------- d-----w- c:\documents and settings\Adrie\Local Settings\Application Data\Temp

2012-06-08 19:30 . 2012-06-08 19:30 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Search

2012-06-08 11:19 . 2012-06-08 11:19 -------- d-----w- c:\documents and settings\All Users\Application Data\IObit

2012-06-08 11:18 . 2012-06-08 18:40 -------- d-----w- c:\documents and settings\Adrie\Application Data\IObit

2012-05-31 07:20 . 2012-05-31 07:20 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-05-25 10:29 . 2012-05-25 10:29 -------- d-----w- c:\documents and settings\Adrie\Application Data\Windows Desktop Search

2012-05-25 10:28 . 2012-05-25 10:28 -------- d-----w- c:\program files\Windows Desktop Search

2012-05-25 10:25 . 2008-03-07 17:02 98304 -c----w- c:\windows\system32\dllcache\nlhtml.dll

2012-05-25 10:25 . 2008-03-07 17:02 29696 -c----w- c:\windows\system32\dllcache\mimefilt.dll

2012-05-25 10:25 . 2008-03-07 17:02 192000 -c----w- c:\windows\system32\dllcache\offfilt.dll

.

((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-06-17 09:17 . 2009-10-07 10:40 23624 ----a-w- c:\windows\system32\drivers\hitmanpro35.sys

2012-05-31 13:22 . 2003-12-29 16:10 602624 ----a-w- c:\windows\system32\crypt32.dll

2012-05-31 07:20 . 2011-05-20 08:57 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-05-22 17:05 . 2012-05-22 15:39 14664 ----a-w- c:\windows\stinger.sys

2012-05-22 15:54 . 2012-05-22 15:54 159608 ----a-w- c:\windows\system32\mfevtps.exe.c775.deleteme

2012-05-22 15:38 . 2012-05-22 15:38 159608 ----a-w- c:\windows\system32\mfevtps.exe.55ec.deleteme

2012-04-11 13:55 . 2002-09-09 13:18 2031104 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-04-11 13:55 . 2002-09-09 13:17 2152960 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-04-11 13:55 . 2003-12-28 22:02 1862400 ----a-w- c:\windows\system32\win32k.sys

2012-04-04 13:56 . 2010-08-12 11:53 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

.

((((((((((((((((((((((((((((( SnapShot@2012-06-23_11.23.20 )))))))))))))))))))))))))))))))))))))))))

.

+ 2012-06-23 13:19 . 2012-06-23 13:19 16384 c:\windows\Temp\Perflib_Perfdata_104.dat

.

((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"PRISMSTA.EXE"="PRISMSTA.EXE START" [X]

"HotkeyApp"="c:\program files\Launch Manager\HotkeyApp.exe" [2003-10-03 40960]

"Wbutton"="c:\program files\Launch Manager\Wbutton.exe" [2003-09-12 65536]

"CtrlVol"="c:\program files\Launch Manager\CtrlVol.exe" [2003-09-16 20480]

"FLMOFFICE4DMOUSE"="c:\program files\Browser MOUSE\mouse32a.exe" [2006-12-13 360448]

"LaunchAp"="c:\program files\Launch Manager\LaunchAp.exe" [2003-05-12 32768]

"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-09-11 2054360]

"QuickTime Task"="c:\program files\MpcStar\Codecs\QuickTime\qttask.exe" [2008-03-28 413696]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"RunNarrator"="Narrator.exe" [2008-04-14 54784]

.

c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\

Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2008-5-26 123904]

.

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]

"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk *\0SsiEfr.e

.

[HKLM\~\startupfolder\C:^Documents and Settings^Adrie^Menu Start^Programma's^Opstarten^MagicDisc.lnk]

backup=c:\windows\pss\MagicDisc.lnkStartup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Google Updater.lnk]

backup=c:\windows\pss\Google Updater.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^ImageFox.lnk]

backup=c:\windows\pss\ImageFox.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Microsoft Office.lnk]

backup=c:\windows\pss\Microsoft Office.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Photo Express Calendar Checker SE.lnk]

backup=c:\windows\pss\Photo Express Calendar Checker SE.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^Reality Fusion GameCam SE.lnk]

backup=c:\windows\pss\Reality Fusion GameCam SE.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^REALTEK RTL8187 Wireless LAN Utility.lnk]

backup=c:\windows\pss\REALTEK RTL8187 Wireless LAN Utility.lnkCommon Startup

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programma's^Opstarten^UltraMon.lnk]

backup=c:\windows\pss\UltraMon.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]

c:\windows\system32\dumprep 0 -k [X]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2012-01-03 07:37 843712 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]

2008-09-26 10:02 2356088 ----a-r- c:\program files\Common Files\Adobe\Updater5\AdobeUpdater.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray]

2006-09-28 19:21 57344 ----a-w- c:\program files\SlySoft\CloneCD\CloneCDTray.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]

2008-04-14 17:02 15360 ----a-w- c:\windows\system32\ctfmon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]

2008-01-03 13:54 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FLMBROWSEMOUSE2]

2006-12-13 14:48 550400 ----a-w- c:\program files\Browser MOUSE\R2M.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

2006-11-13 16:34 1289000 ----a-w- c:\program files\Microsoft ActiveSync\wcescomm.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]

2005-02-16 14:15 221184 ----a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]

2005-02-16 14:15 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LaunchAp]

2003-05-12 13:28 32768 ----a-w- c:\program files\Launch Manager\LaunchAp.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LMgrOSD]

2003-06-25 09:53 204800 ----a-w- c:\program files\Launch Manager\OSD.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]

2002-12-10 15:54 127022 -c--a-w- c:\program files\Common Files\Logitech\QCDriver3\LVComS.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 11:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]

2006-03-09 13:29 7561216 ----a-w- c:\windows\system32\nvcpl.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]

2006-03-09 13:29 86016 ----a-w- c:\windows\system32\nvmctray.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2006-03-09 13:29 1519616 ----a-w- c:\windows\system32\nwiz.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]

2004-01-29 17:12 57344 ----a-w- c:\program files\Home Cinema\PowerCinema\PCMService.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]

2003-11-10 15:06 406016 ----a-w- c:\windows\system32\PSDrvCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\powerman]

2003-12-23 19:48 126976 ----a-w- c:\windows\system32\powerman.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2008-03-28 21:37 413696 ----a-w- c:\program files\MpcStar\Codecs\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]

2007-04-16 13:28 577536 ----a-w- c:\windows\soundman.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2003-09-29 14:00 155648 -c--a-w- c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

2012-01-18 13:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]

2003-11-20 15:18 499712 -c--a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPLpr]

2003-11-20 15:19 98304 -c--a-w- c:\program files\Synaptics\SynTP\SynTPLpr.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TrayServer]

2008-02-07 10:00 90112 -c--a-w- c:\program files\MAGIX\Movie_Edit_Pro_14_PLUS_Download_version\Trayserver.exe

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\Google\\Google SketchUp 6\\SketchUp.exe"=

"c:\\Program Files\\Google\\Google SketchUp 6\\LayOut\\LayOut.exe"=

"c:\\WINDOWS\\system32\\java.exe"=

"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil_.exe"=

"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager

"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager

"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application

"c:\\Program Files\\Messenger\\msmsgs.exe"=

"h:\\program files\\redalert3\\Data\\ra3_1.0.game"=

"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=

"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\RpcAgentSrv.exe"=

"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Professional Business 2009.SP2\\WNt500x86\\RpcSandraSrv.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\GtkRadiant 1.5.0\\GtkRadiant.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=

"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"9068:TCP"= 9068:TCP:BitComet 9068 TCP

"9068:UDP"= 9068:UDP:BitComet 9068 UDP

"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

.

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [6-1-2008 13:16 715248]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11-9-2009 8:23 108792]

R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;c:\program files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe [6-12-2007 22:03 660768]

R2 EAPPkt;Realtek EAPPkt Protocol;c:\windows\system32\drivers\EAPPkt.sys [6-7-2011 15:45 38144]

R2 ekrn;ESET Service;c:\program files\ESET\ESET Smart Security\ekrn.exe [11-9-2009 8:24 735960]

R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [20-9-2002 19:29 53248]

R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [23-12-2008 17:35 50704]

R2 UltraMonUtility;UltraMon Utility Driver;c:\program files\Common Files\Realtime Soft\UltraMonMirrorDrv\x32\UltraMonUtility.sys [14-9-2008 17:32 10496]

R3 PRISM_A00;PRISM 802.11g Driver;c:\windows\system32\drivers\PRISMA00.sys [16-10-2003 2:15 364320]

S2 PIEUsb;Pacific Image Electronics USB Scanner;c:\windows\system32\drivers\usbscan.sys [30-12-2006 20:45 15104]

S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [20-9-2002 19:27 77824]

S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [20-9-2002 19:41 77824]

S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [27-5-2009 14:53 223232]

S3 cglptnt;cglptnt;c:\totalcmd\CGLPTNT.SYS [9-7-2009 12:51 7888]

S3 dump_wmimmc;dump_wmimmc;\??\c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys --> c:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [?]

S3 EverestDriver;Lavalys EVEREST Kernel Driver;\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt --> k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt [?]

S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files\MAGIX\Common\Database\bin\fbserver.exe [4-9-2009 18:56 1527900]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [4-9-2008 19:32 47360]

S3 RTLWUSB;Realtek RTL8187 Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\rtl8187.sys [6-7-2011 15:45 332928]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Professional Business 2009.SP2\RpcAgentSrv.exe [4-1-2009 18:08 98488]

S3 SRS_HDAL_Service;HD Audio Lab;c:\windows\system32\drivers\SRS_HDAL_i386.sys [25-3-2011 15:42 384752]

.

------- Bijkomende Scan -------

.

uStart Page = hxxp://www.startpagina.nl/

uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8

mStart Page = hxxp://www.google.com

uInternet Settings,ProxyOverride = localhost

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

IE: Append Link Target to Existing PDF

IE: Download All Files by HiDownload

IE: Download by HiDownload

TCP: DhcpNameServer = 192.168.178.1

DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab

DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab

FF - ProfilePath - c:\documents and settings\Adrie\Application Data\Mozilla\Firefox\Profiles\x7qbfdgj.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.startpagina.nl

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - c:\documents and settings\All Users\Application Data\Google\Toolbar for Firefox\{3112ca9c-de6d-4884-a869-9855de68056c}

FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

FF - Ext: Google Toolbar for Firefox: {3112ca9c-de6d-4884-a869-9855de68056c} - %profile%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

# Mozilla User Preferences

/* Do not edit this file.

*

* If you make changes to this file while the application is running,

* the changes will be overwritten when the application exits.

*

* To make a manual change to preferences, you can visit the URL about:config

* For more information, see hxxp://www.mozilla.org/unix/customizing.html#prefs

*/

FF - user.js: accessibility.typeaheadfind.flashBar - 0

FF - user.js: app.update.lastUpdateTime.addon-background-update-timer - 1339045178

FF - user.js: app.update.lastUpdateTime.background-update-timer - 1339045178

FF - user.js: app.update.lastUpdateTime.blocklist-background-update-timer - 1339045178

FF - user.js: app.update.lastUpdateTime.microsummary-generator-update-timer - 1338454994

FF - user.js: app.update.lastUpdateTime.restart-nag-timer - 1225570569

FF - user.js: app.update.lastUpdateTime.search-engine-update-timer - 1339045179

FF - user.js: browser.anchor_color - #0000FF

FF - user.js: browser.display.background_color - #C0C0C0

FF - user.js: browser.display.use_system_colors - true

FF - user.js: browser.download.lastDir - c:\\Documents and Settings\\Adrie\\Mijn documenten\\Mijn afbeeldingen

FF - user.js: browser.download.manager.alertOnEXEOpen - true

FF - user.js: browser.download.save_converter_index - 0

FF - user.js: browser.fixup.alternate.enabled - false

FF - user.js: browser.history_expire_days - 20

FF - user.js: browser.migration.version - 1

FF - user.js: browser.places.importBookmarksHTML - false

FF - user.js: browser.places.importDefaults - false

FF - user.js: browser.places.leftPaneFolderId - -1

FF - user.js: browser.places.migratePostDataAnnotations - false

FF - user.js: browser.places.smartBookmarksVersion - 1

FF - user.js: browser.places.updateRecentTagsUri - false

FF - user.js: browser.preferences.advanced.selectedTabIndex - 0

FF - user.js: browser.rights.3.shown - true

FF - user.js: browser.search.defaultenginename - Google

FF - user.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=

FF - user.js: browser.search.selectedEngine - Google

FF - user.js: browser.shell.checkDefaultBrowser - false

FF - user.js: browser.startup.homepage - hxxp://www.startpagina.nl

FF - user.js: browser.startup.homepage_override.mstone - rv:1.9.0.14

FF - user.js: browser.visited_color - #800080

FF - user.js: distribution.google-cjk.bookmarksProcessed - true

FF - user.js: extensions.enabledItems - {3112ca9c-de6d-4884-a869-9855de68056c}:7.1.20110512W,{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}:6.0.02,{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11,jqs@sun.com:1.0,{20a82645-c095-46ed-80e3-08825760534b}:1.1,{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}:6.0.31,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.0.14

FF - user.js: extensions.lastAppVersion - 3.0.14

FF - user.js: extensions.mozilla.metrics.event-count - 0

FF - user.js: extensions.update.notifyUser - false

FF - user.js: flashgot.custom.Retriever.maxLinks - 10

FF - user.js: flashgot.defaultDM - BitComet

FF - user.js: flashgot.detect.cache - (Interne downloadbeheerder),HiDownload,BitComet

FF - user.js: flashgot.dmchoice - false

FF - user.js: flashgot.version - 1.1.8.7

FF - user.js: general.useragent.extra.microsoftdotnet - (.NET CLR 3.5.30729)

FF - user.js: google.toolbar.auto_page_translate.rules.blacklist - nl

FF - user.js: google.toolbar.auto_page_translate.rules.whitelist -

FF - user.js: google.toolbar.button_option.cached.gtbCountrySearch - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbCountrySearch\ tooltip=\gtbMultilineTooltip\ label=\Nederland\ fullText=\Nederland\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbFeelingLucky - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbFeelingLucky\ tooltip=\gtbMultilineTooltip\ label=\Ik doe een gok\ fullText=\Ik doe een gok\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchBlogs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBlogs\ tooltip=\gtbMultilineTooltip\ label=\Zoeken in blogs met Google\ fullText=\Zoeken in blogs met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAYBJREFUeNqUkjtOA0EMhr1LRDYUtCCliKiQ4AB0CIkLQIkENHCgiAMgIeAAiANQ86iQoEcUqSkSsrvjMX7MLLME8bBi2Zkdf/49MxkRwcndMU0QYeLYMXH97yH9Ng756PAmA7Z8eHtEpfdQewIkc07NQSKZg0X+cQaweLopATpClaKKKyry4Dh3lMJmgaKaFBMA8rFmFaKkUjWmyPk2DIMS5P1o9QLwSnVBQYUJiMRJYwS5ZFQDODRA8CpRImNFNRKjItcCoAGwAVAzTonfQHSfqVbAmBUQRABwFyuKSspUUVAosHAEpkBOFQGaGWvdLOdBbUBy3dE6ktpVQjNGPNB0lAiSNbEizzVm+f4a7e6t6gMZTafwVjuFSKflogvzeWY3odfqG+mP16+A509ZJvLnDtZ1fWNnwJBSFfR7BdxfvYD0kZ72Aj+l08WzPmUFRFu53KZ3ljtY6MEDF0sH+MXyrwv9XvfPxTO2dLZFciYU3jvnP+5P1ZucfxRHwIcAAwAX2fYcgJ+EGwAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchBooks - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchBooks\ tooltip=\gtbMultilineTooltip\ label=\Zoeken naar boeken met Google\ fullText=\Zoeken naar boeken met Google\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAiNJREFUeNp0kztvE0EUhc/Ya5uEFCsiiJQiwjJIiAaLAkSFRUPrAgpqfgBQUSL/gkBBDRJFCpB4SBFNikAVCRE5giISTmQkjCP8iNfG6915MjO7fuKMdKTdO3O/e+beXXJzSxXWs/U8gAda57VKWk+v5lY7mFi7B7/N3hOt4iBkL299WHsfPMY20QB1xhG4d7aDC6fo8LxJfmZA8ftDU4AL6W5WM3jxLYUjL0BYWiGO2W3zJJ7Xl5HLUNx2e7i4SN242hWtgpTK/dpI4tX+Asq1EIzqQioiO8OSSgf2+2l895ZxbWmAG66PS0u0uNdO4u2hg51fCjTwIQVGyRYgRPQuJWCeOQc+Nxew8amOQesYK+kuFnOXIZiwRZScykeCMWhLWiySAXANCrwuglYDYevIwodSk9nGAWVR0EiYQyICKGNHMhDJpwByHsB4MhvDQyYXgoMIaiE2Fmt2OSxuqJoBKE5BeADi0Cgu/rc/vkIMUEOAqcRDENbXgMAC51WfuoKauQaoD0J7IKnIwUnLCX3dKCc1auQY0Eci9EAyBGpepm6uHWN752PHr/20I6TxKBmPHUg2t6r0/oAe7Np/JaGblfV/fCn9LW+BHjfsCE+yrPwuWHUPvF4p6SllTYyMdu+8Nn/besJdLTpreSTLG0CzgnNuGvL6fdQqh5C95jt95hHe3K1Gn7+aAIxBBQvig7y5ZzqVQEBOl+PE7SlHGvBPgAEAhIhYJbvKryMAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchCalendar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchCalendar\ tooltip=\gtbMultilineTooltip\ label=\Google Agenda\ fullText=\Google Agenda\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAldJREFUeNp8U01oU0EQ/t4zeU00iWLxr2nFXlSohyCkrTcv6kH0VAVPiiBeBfHmoUfBn4NHEQTxZKugN0FQNFiEgBfbElQkmor2x6bv2TQvb3fH2d2X0ODPwDCbt/N9M9/sxCEipK4pgpIgdsiIXYBky5xJcBQhR+uImiB2df+YAzbXgElBfXsLURqH+l4Gf4Ax0tE6LVdAlQeglQ/myjnzxCS5ujKUwoa5F1CLM5xQhSbUboiYRHeJxg9QUIW39tkSky2SMG1zcqZ4Ef37D+JnuoAgVIbUkJO9zw2OonfPdiyG29DyQ1tEExjNXCmQPfCTh4CWYCDPQAPj7nQMGoAv8ka/BVObQMStKgz1ClwoNJHPCLypEm6VWAaTjfYrDPc5mHynUFtSdtgdCXraZmAKp/f+wtHdLdQbLVwa8fCFk7NJhauHHUjpYuojobYgbGexuUYCPxVxvPEqwsjtOm5yVJyUz0hMfQowUa7zb9sNccdt/bYD/c7xtH1KoHo5Z6au/dl0gJl5F5PTCZw4oCyYSdYbdxB2LcqpO1XcLS2ZiueKPXaZ2IWUJra1dwgoCjvbdmQwgu/uwMRsmjUr7Mooc0ci4lnrTe0GxxLC+EUUzhaSGB5wjURd8d7rBT7omTlQ9CfYbKR7/iW11za/cRXFnWvIplw8n13FXCNnNGc9iX2b66isbOElcztgejjmJBB6INc3BLW6g9pyyr6z2sTfIpOoQeX5rd2VKW0l9PmP4Q2NQbaXY92W/cuSSQ/N94/4dJyJGDRw8sr/EX+xr0+vm7/zbwEGAAc7ldeFiLAmAAAAAElFTkSuQmCC\ hassend=\true\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>

FF - user.js: google.toolbar.button_option.cached.gtbSearchDocs - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchDocs\ tooltip=\gtbMultilineTooltip\ label=\Google Documenten\ fullText=\Google Documenten\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAfxJREFUeNqEU8tOFEEUPcXMIII6gisxkogkGk0gceUs3bHgB4wkfAD/IIlbl/yBBj/ApTEhIS5MXBAzhhiBlTIsZoQZm+7pqdf1VlV3T08YY3Vu30pVnXNPnaoSRIS8vW6CzhRwJkP0uD93BVi7Dazfh8jXCRG6DlvNB7cPQJK5tAWMyxwp95s9oMLzFQI9XwokDpiTTOQEkQaOv+3jYPc94iSBZLDKwqlppcC7IwzlZq0gcHK/f97F8dcvqHZb6JugYMDRVYGgTJJvvSA450X1Rw3MP1xBdOMOYiaIWZUj6rGcVn9IslNSUnjgZFYfNCCXgFMG/WHCCyaQ2uBXfIFuPIGalRwKkzrBUfsWbTXqQuRSnn0EObmpq8wRMUGfHTVawqoBrB74bFTIc5NAe/OxKBR0BmwYBYLEhMrWKAbKLGvOGpRFx+2vvIWODEeorYW1AUweJD0JcSbNY26c5y95kEieIMuTHMZwVr6S9SCZKZFeBUqnWRAYmWLqpIna+QmixaewlZqv5mVrlSlhY7jI2HtgZR/Xfuyh3mpiWbTZqDSYlxs4BjyqgAG9hSdYnJY4pBnvtjfMar8lXL6EowRXSSKaXcCe8yF2fphgFo0H3pyqjRJc//QG91Y3PMB9/yhYtN8f3vJ/GaL8nO++ePkf2LD93Hnln+NfAQYAumFzRInKlVsAAAAASUVORK5CYII=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchGroups - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchGroups\ tooltip=\gtbMultilineTooltip\ label=\Google Discussiegroepen\ fullText=\Google Discussiegroepen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchImages - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchImages\ tooltip=\gtbMultilineTooltip\ label=\Google Afbeeldingen\ fullText=\Google Afbeeldingen\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchLocal - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchLocal\ tooltip=\gtbMultilineTooltip\ label=\Google Maps\ fullText=\Google Maps\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchNews - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchNews\ tooltip=\gtbMultilineTooltip\ label=\Google Nieuws\ fullText=\Google Nieuws\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbGadgetButtonWithSeparateMenu\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchPhotos - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchPhotos\ tooltip=\gtbMultilineTooltip\ label=\Picasa Webalbums\ fullText=\Picasa Webalbums\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAt9JREFUeNpcU01ME0EU/rbdtvzTghWKFCPhRyQShaiRHz2YeECTwsnEgx48wQkTMJwkHIwHOaAXPBhvJkZjQAU5eCLBkyYmBYuJRiihECgtULptd2d3xzdbStCXvMzs5H0/782shCORTsXcnPMRnWkD+C90XR3nJh8tP167mzujWki5j0w63sM0dVLspcVvMKKbYEuL4P5a8NaLQFmZVSdB6vVW1k/9Q3AITnJoW8twvH4GlspAVzJglGrnNfh6KqHKzWCSVwB7K3yNU4LAlla23QLM4xyxl2vYeW9D6spdGDYZpm6CGyZJAQ4WROn+Y8j6CiRJmtyIhNxC3CZ6Fpv42wipaqSoIT5fAPN6H4yiEpjMADeJiG1AyiyhZHc4NwALZzMMfSC9kIQaI8tUbBiGRbL50wbnENX4TmRd6FHKCOxqEPLeG9hlhzVo2ZrBugLGmKVkUDH3SzgWqIBcXIjC4YfgUQIbnykZKUvQk6tAadaILAaRXlNIncE0qdk6O6punYTT6SSXpFxQgMIaP3gkH1wrBkw7SpxhJA5uzyYm5KhxkQMdyoV8fOlqIrDDAgvywzXtgZmspPRhR20lp3rWQWI/Aaffhc3LxRh1n4MzrOB2jUq0/ICAW60lHR2QmFPcADL5TTBT6SzBysofNJ85i/FYNULbHC0uDV9jQUyvzyFFA02Ssz2dIanRbbA8NLh8eFTRiuVwGLV1RBBc+IH6ugYMnOKYX8+jFlWE9sKYi4ag6AYSOhFoDEwjOVXCvfNXIUYlcB2d3bD19Q1J7yYn0e7leNW2g2pysE+gjYyKLVWlfrPgIjMPT1vuoLvxEj7OfILAWU9b9ChiYuIJ7w0E6G1zfN/+jee/ZrGqxFDl8KC9/DS6/W3wFnnwYXrGAlO9WLPvQMTBocUWuHkDL7rui9dm3YKqaaQ6e1h39C+VxVRzLhQl5RkcHNnNER0NARwbG3UfuEV//wPLwV8BBgAilqQLWMIqvAAAAABJRU5ErkJggg==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchScholar - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchScholar\ tooltip=\gtbMultilineTooltip\ label=\Wetenschap\ fullText=\Wetenschap\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAD//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////4yMjP9OV1r/PktM/7W1tf////////////////////////////////////////////////////////////////8hJCj/ZL72/1Oezf9ra2v/////////////////////////////////////////////////////////////////SkpK/1Oi1f9Dhqz/lJSU/////////////////97e3v/39/f//////////////////////////////////////4yMjP9Lkrz/MmqM/+fn5////////////56Zl/+QQTD/bktF/8bHxv////////////////////////////////+cnJz/Q4a0/ylVa//Nzc3/kIyM/3dHPv/eXDn//2xC//9sQv+tTDH/hGRb/5eXl/+1tbX/3t7e////////////ra2t/0OGrP9LboT/lC8h/95UMf/3XDn//2xC//9sQv//bEL//2xC//dgOf/GRDH/czAh/5SUlP///////////97e3v9Afpj/X3mH/3ssGP/nUDH/91g5/7VMMf+cQCn/nDsp/61IKf/3WDH/71Ax/0oYEP/n5+f////////////39/f/GDhS/21vcv8wHxf/nDMh/5wzIf/eTDH//1Q5//9UOf/nTDH/pTch/4wrGP9EJh//////////////////jIyM/zFJWv9SLCn/zkQx//9UOf//VDn//1Q5//9UOf//VDn//1Q5//9UOf//VDn/pTMh/0w3Mf+xsLH//v7+/z4fF//GQCn/xkxC/71QSv+cREL/pURC/3swMf9rJBj/vUAp//9UOf//VDn//1Q5//9UOf//UDn/ShgQ/zAzMP/v7+//jIyM/2ZBN/+MKyH/70wx//9UOf//VDn/xkAp/85EMf//VDn//1Q5/95IMf97KBj/Nh8Y/4SGhP/n5+f/////////////////xsbG/1dVUv9wJx//xkAp//9QOf/GOyn/cyQY/1IzMP9zc3P/xsbG////////////////////////////////////////////5+fn/4SEhP82LCn/e3t7/97e3v//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchSite - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchSite\ tooltip=\gtbMultilineTooltip\ label=\Site doorzoeken\ fullText=\Site doorzoeken\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbSearchVideo - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchVideo\ tooltip=\gtbMultilineTooltip\ label=\Google Video\ fullText=\Google Video\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAghJREFUeNpsksFrE0EUxr83M7ubpkK0tLYB9VArUolHvfUgvXn3Ih79Q/wL/AMURNSrQs8eBEF67E3sIbSUpralIDQsscnOjO/NzCZd6ZKXmd2d7zff93bIe4/tr8f+sF/i90GJvKXRe7QAbQhyfdsaYH93iLVeBxtPu+HZqKzw4fUu3n/fJPr8tu/zQoUX5bDCYL+EQNcedKaQnR9n2Ps1xK3VeTx+cjM8G/+1+PJuD3p9+cWrG4sFslxBQNoonByOcHo0wlK3BaUJ3TvtAO//PMf5nzFu370W1t172AE9v//Ri7g9b1BfsngydijmNObaevr8ZDAK7hYWWxw1ujbLvdWwuxG7RHDWoc3iauK5XCiBTXgsVuL87ILHIb/juZEFznlMSACA57nc20rKwVq+ryu986kcuzFC1JyTYr/YIuJCFohYNqgh9j8Q+Bcd2CZActYCcVKJEx5d1QQpRdGBUhKfmoDaRTWDXAbJuoy/2hUA34hxGRJANkaSMxKaL52k8EVijBowbaaNO4Z+iAP+OnI25MTm0YFlQNxd/n0dw/mmi+REcou44DJZikDpE14JSBDvEGznRRRnWTpI7oLzKhfVwKwPLkIEJhGlYSIOtpMYrDVHfgvr158F0QwQR4mmpUxdKkSQzTS73j7+BBJhb+XlTJ2aQampYc4TcUFoXjsHb+ifAAMAoBeO3DWt6ZQAAAAASUVORK5CYII=\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>

FF - user.js: google.toolbar.button_option.cached.gtbSearchWebhistory - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbSearchWebhistory\ tooltip=\gtbMultilineTooltip\ label=\Webgeschiedenis\ fullText=\Webgeschiedenis\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml\ tooltip=\gtbMultilineTooltip\ label=\Gmail\ fullText=\Gmail\ image=\data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg42v84ONr/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+np/n/ODja/zg42v84ONr/ODja/+Li////////////////////////////////////////////////////////4uL//zg42v84ONr/ODja/zg42v+np/n/4uL/////////////////////////////////////////////4uL//6en+f84ONr/ODja/zg42v84ONr/4uL//6en+f/i4v////////////+BgfL/gYHy////////////4uL//6en+f/i4v//ODja/zg42v84ONr/ODja///////i4v//p6f5/7a2//+BgfL/Wlrp/1pa6f+BgfL/trb//6en+f/i4v///////zg42v84ONr/ODja/zg42v///////////7a2//+BgfL/Wlrp/zg42v84ONr/Wlrp/4GB8v+2tv////////////84ONr/ODja/zg42v84ONr///////////+BgfL/Wlrp/zg42v+2tv//trb//zg42v9aWun/gYHy////////////ODja/zg42v84ONr/ODja//////+BgfL/Wlrp/zg42v+2tv////////////+2tv//ODja/1pa6f+BgfL//////zg42v84ONr/ODja/zg42v+BgfL/Wlrp/zg42v+2tv///////////////////////7a2//84ONr/Wlrp/4GB8v84ONr/ODja/zg42v84ONr/ODja/zg42v+2tv//////////////////////////////////trb//zg42v84ONr/ODja/zg42v84ONr/ODja/zg42v+BgfL/p6f5/6en+f+np/n/p6f5/6en+f+np/n/p6f5/6en+f+BgfL/ODja/zg42v84ONr/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA//8AAP//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAD//wAA//8AAA==\ hassearch=\true\ type=\menu-button\ class=\gtb-custombutton gtbHelperIcon gtbButtonWithSeparateMenu\><menupopup class=\gtbButtonFeedMenupopup\/></toolbarbutton>

FF - user.js: google.toolbar.button_option.cached.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml\ tooltip=\gtbMultilineTooltip\ label=\Knoppenlijstj\ fullText=\Knoppenlijstj\ image=\data:image/x-icon;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAcNJREFUeNpsU7tOAzEQXF8uCgLCQ+IHkICa74ACISEaOh4SNeIXqGmgA0o+AAlqhBDiG6CkoQHEI+Tu/FhmbcdJjlia2+TsnZ0d7ykaWMzs49Y98XtFJHgDPiqmtw2lZE+FkM5ngwSyuf9IbMBje8B7B7QvuzyY3FtZ/UWB02UECpNGdM5JORq1Mq5tdAxR1waiArGSXBAwWxrVbi6P3QdmqfiLMz8m4DcSVVYkGGJraezslZ0uyOnSd+wfm3fg5lBJEoTkG8nfmugLZmitkV8iqfKJnsD/Bw6XVS5O29hrEVV0ogpjLCqbCI1WEJ0NYBdakGtyQsDBOFHRRWULyc5UHmz0MAl+90xNBCaqMJIoFaxI1yFGJDXOJTPz6aajT5A0ieGopR9fuS/bJ0NFA5XHc4eZQKU8o5lWHq6xON2jSSqprQqgosyWwSSPfgsZa5oGwUwrJDevjsPwyX0ure6kYXhZPwomeakmSDdBzcLtSZL+dH2u0hz07lQWromT07Fn55Jp/2Y5q8/3/ATTbG5pKjM01UBsMs2NNWhhtjV0DqppJOPiyjabtQOqj3jsWT3fXAyNsxo134Oe1Huuf85/AgwABNSAmdF/QsEAAAAASUVORK5CYII=\ type=\menu\ class=\gtb-custombutton gtbHelperIcon gtbWholeMenuGadgetButton\/>

FF - user.js: google.toolbar.button_option.cached.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - <toolbarbutton xmlns=\hxxp://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul\ id=\gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml\ tooltip=\gtbMultilineTooltip\ label=\Google Earth\ fullText=\Google Earth\ image=\data:image/x-icon;base64,R0lGODlhEAAQAPfDAA40ViRReM7q/c7h8hA6XxM/ZjpUbDpVbgUrTB88VqSuuBJNgQw5YRVOgS+BwlNpfQ8yUhhJdRxMdgkvUqy7ytHd59Xe5Nfe5UZjfiZoojlad0FhfvD095umsSNln32SpU9meytzsCJzummCmCZmnUqp7CBWh7S+x6S+1RY8X3SJm0FedzqGxp2tupams2d5iRYzTRRYlD6V1i54uKSwuxw7V2F1hkRbb4merx5SgImaqU1tih08WV638vv7/Mzd66i1wZKjsiJAWwcpRwc3YwAkSDJijEODvG+ZvszU3AYqSqS1xNHo94Cqzm6p2hpFbDuX2yiByV1/nVN0kVOGsmOBmwYpSCJai2at41mv6nWv4B1ioSRnoqvM6O/y9dzs+dzi6DRcfjWS1xMzUCdqpVBpgCpyrypspn6QnxVQhg8zVF6HrIOVpTxbdx5RfWqJpqu8zC+CxCVkm/Hz9Qo0WSZWgRQ6Wyt5uziR05mxxz1cdx9dlTJzrk5pgDWFyh5Jb5Souc3b5vn6+3ms2TZXdFt3j4mZp0qBswErUFam4aazvoGmxdDb5GuBlR5vt4+hsGCUwiNglhI/aS9kk3mRpp650B1OelBofaexvPX4/JilsGeIpEVccFd+oZ2uvofM9hhBZR5VhxhQgqvA0tHZ36G91wsqR/z8/C9/wCZtrGyFmwsqRihspxE5XKne/TthgqOzwaa0waKywdDi8wkrSltugTVfhHqYtBdQhOfs70llfXKGl+34/pajryx2tT9ffS58vBIvSf///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAMMALAAAAAAQABAAAAj8AIcJFDjq1psqqoAMXDgMxZZUkEoFshBrhSKGSI4McuLH0Zk1jASpQDOwUpNMwoR90SIihhsKwnbREEhlFhNeKYV14bPgTxIfBoblOcQi0SdXAlL+mESE0JwTmDp5uCMjS48SWAYIqxAGkS5DNupEMhMHDxQxUWYs4pBLQxFanAKYIBECmANUvriksSWLVCMhN6ZEaLAnAysycq5YKkCnjY4HtQC92mREFK5QOSQ8AZVCjZVVCobtEOYFjpQAkhgQaAUAwphgAnF4SnnqwhJKhTD0OQCjw8ARsMBs+PWhRRA2lxK8YPhIjx0AExAoGWJKE8OBLsrwqAGiF8OAADs=\ hassearch=\true\ class=\gtb-custombutton gtbHelperIcon gtbSimpleCustomButton\/>

FF - user.js: google.toolbar.button_option.gtbAutoFill - true

FF - user.js: google.toolbar.button_option.gtbBookmarks - true

FF - user.js: google.toolbar.button_option.gtbSearchBookmarks - true

FF - user.js: google.toolbar.button_option.gtbSearchGoogle - true

FF - user.js: google.toolbar.button_option.gtbSidewiki - false

FF - user.js: google.toolbar.button_option.gtbSpellCheck - false

FF - user.js: google.toolbar.button_option.gtbTranslate - true

FF - user.js: google.toolbar.button_option.gtbTranslateMenu - false

FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml - true

FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml.feedUpdate - 1339045199

FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml - true

FF - user.js: google.toolbar.button_option.gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml.feedUpdate - 1339054058

FF - user.js: google.toolbar.button_option.gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml - true

FF - user.js: google.toolbar.component.bundled.dictionaries_config.json - 7.1.20110512

FF - user.js: google.toolbar.component.bundled.share_providers.json - 7.1.20110512

FF - user.js: google.toolbar.component.bundled.suggest_window.html - 7.1.20110512

FF - user.js: google.toolbar.custombuttons.list - gtbSearchImages,gtbCountrySearch,gtbSearchLocal,gtbSearchSite,gtbSearchNews,gtbSearchVideo,gtbSearchWebhistory,gtbFeelingLucky,gtbSearchGroups,gtbSearchBlogs,gtbSearchBooks,gtbSearchCalendar,gtbSearchDocs,gtbSearchPhotos,gtbSearchScholar,gtbstoolbar-google-com_O8Y91YHB24Z6SR0SGYSK-xml,gtbstoolbar-google-com_J66T77NJDBMW4FEUU7FA-xml,gtbutoolbar-google-com_MXE8GT6B9RBHXCGLZ06L-xml

FF - user.js: google.toolbar.custombuttons.migrated - true

FF - user.js: google.toolbar.custombuttons.order.migrated.to.v6 - false

FF - user.js: google.toolbar.custombuttons.version - 1

FF - user.js: google.toolbar.done_page_shown - AU_3.1.20081010

FF - user.js: google.toolbar.enhanced_features.week - -1

FF - user.js: google.toolbar.firstrun.done - true

FF - user.js: google.toolbar.google_home - www.google.nl

FF - user.js: google.toolbar.google_home.default - www.google.nl

FF - user.js: google.toolbar.install_id - qeoEXlA1Y819UJ5vx9pOZH7VzwuiGy5koK1eMpyEoHPs

FF - user.js: google.toolbar.install_ping_acked - true

FF - user.js: google.toolbar.last_ping_attempt - 1338967666101

FF - user.js: google.toolbar.never_show_done_page - false

FF - user.js: google.toolbar.opted_into_advanced_features_1 - true

FF - user.js: google.toolbar.rlz - 1B3GGGL_nlNL247NL255

FF - user.js: google.toolbar.safebrowsing.keyupdatetime - 1339130996

FF - user.js: google.toolbar.search-icon - data:image/x-icon;base64,AAABAAEAEBAAAAEAIABoBAAAFgAAACgAAAAQAAAAIAAAAAEAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7PT7/3zF6/9Ptu//RbHx/0227/+Tzvb/9vv5/97h0f9JeBz/NHoA/z98Av9AfAD/PHsA/0F6AP8AAAAA/vz7/1+33/8Mp+z/FrHw/xWy8f8bs/T/Hqrx/3zE7v////7/t8qp/zF2A/87gwH/P4ID/z59AP8+egD/Q3kA/97s8v8botj/ELn3/wy58f8PtfL/D7Lw/xuz9P8vq+f/8/n///779v9KhR3/OYYA/0GFAv88hgD/QIAC/z17AP/0+/j/N6bM/wC07/8Cxf7/CsP7/wm+9v8Aqur/SrDb//7+/v///P7/VZEl/zSJAP87jQD/PYYA/0OBBf8+fQH///3//9Dp8/84sM7/CrDf/wC14/8CruL/KqnW/9ns8f/8/v//4OjX/z+GDf85kAD/PIwD/z2JAv8+hQD/PoEA/9C7pv/97uv////+/9Xw+v+w3ej/ls/e/+rz9///////+/z6/22mSf8qjQH/OJMA/zuQAP85iwL/PIgA/zyFAP+OSSL/nV44/7J+Vv/AkG7/7trP//7//f/9//7/6/Lr/2uoRv8tjQH/PJYA/zuTAP87kwD/PY8A/z2KAP89hAD/olkn/6RVHP+eSgj/mEgR//Ho3//+/v7/5Ozh/1GaJv8tlAD/OZcC/zuXAv84lAD/O5IC/z2PAf89iwL/OIkA/6hWFf+cTxD/pm9C/76ihP/8/v//+////8nav/8fdwL/NZsA/zeZAP83mgD/PJQB/zyUAf84jwD/PYsB/z6HAf+fXif/1r6s//79///58u//3r+g/+3i2v/+//3/mbiF/yyCAP87mgP/OpgD/zeWAP85lgD/OpEB/z+TAP9ChwH/7eHb/////v/28ej/tWwo/7tUAP+5XQ7/5M+5/////v+bsZn/IHAd/zeVAP89lgP/O5MA/zaJCf8tZTr/DyuK//3////9////0qmC/7lTAP/KZAT/vVgC/8iQWf/+//3///j//ygpx/8GGcL/ESax/xEgtv8FEMz/AALh/wAB1f///f7///z//758O//GXQL/yGYC/8RaAv/Ojlf/+/////////9QU93/BAD0/wAB//8DAP3/AAHz/wAA5f8DAtr///////v7+/+2bCT/yGMA/89mAP/BWQD/0q+D///+/////P7/Rkbg/wEA+f8AA/z/AQH5/wMA8P8AAev/AADf///7/P////7/uINQ/7lXAP/MYwL/vGIO//Lm3P/8/v//1dT2/woM5/8AAP3/AwH+/wAB/f8AAfb/BADs/wAC4P8AAAAA//z7/+LbzP+mXyD/oUwE/9Gshv/8//3/7/H5/zo/w/8AAdX/AgL6/wAA/f8CAP3/AAH2/wAA7v8AAAAAgAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAEAAA==

FF - user.js: google.toolbar.searchdomaincheck.done - true

FF - user.js: google.toolbar.spell_check.dictionary.words2 -

FF - user.js: google.toolbar.spell_check.lang - nl

FF - user.js: google.toolbar.spell_check.last_lang - nl

FF - user.js: google.toolbar.translate.target_lang - nl

FF - user.js: google.toolbar.translate.updateFlag - true

FF - user.js: google.toolbar.usage_stats.default - false

FF - user.js: intl.accept_languages - nl

FF - user.js: intl.charsetmenu.browser.cache - us-ascii, windows-1252, ISO-8859-9, UTF-8, ISO-8859-15

FF - user.js: metrics.event-count - 0

FF - user.js: microsoft.CLR.auto_install - false

FF - user.js: network.cookie.prefsMigrated - true

FF - user.js: network.http.proxy.version - 1.0

FF - user.js: pref.advanced.javascript.disable_button.advanced - false

FF - user.js: pref.browser.homepage.disable_button.bookmark_page - false

FF - user.js: pref.browser.homepage.disable_button.current_page - false

FF - user.js: security.warn_viewing_mixed - false

FF - user.js: spellchecker.dictionary - nl

FF - user.js: urlclassifier.keyupdatetime.hxxps://sb-ssl.google.com/safebrowsing/newkey - 1339166194

FF - user.js: urlclassifier.tableversion.goog-black-enchash - 1.62997

FF - user.js: urlclassifier.tableversion.goog-black-url - 1.25401

FF - user.js: urlclassifier.tableversion.goog-white-domain - 1.493

FF - user.js: urlclassifier.tableversion.goog-white-url - 1.371

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-06-23 15:21

Windows 5.1.2600 Service Pack 3 NTFS

.

scannen van verborgen processen ...

.

scannen van verborgen autostart items ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

CtrlVol = c:\program files\Launch Manager\CtrlVol.exe???????@?`??????w???w???????w???w;??w?r@????? ???????????????d???????????????????????4????????$?w???????????sI??s???s@????????????a?wx??st???????B-?s???????????????s???s?????n?w????Y??sL;??D??s??@??4@?X;?????????

LaunchAp = c:\program files\Launch Manager\LaunchAp.exe????\??? ??|h??|????a??|Nj?w?j?w????????0??? ???????????????d??????|????????p????u@????????????????s???????s???sx??s@?????????????}|h??st??????????s?????????????????C?sc"?sx??s??????:~??@?N'?s?;???4@? ;?????????

.

scannen van verborgen bestanden ...

.

Scan succesvol afgerond

verborgen bestanden: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\EverestDriver]

"ImagePath"="\??\k:\program files\everest\EVEREST Corporate + Ultimate Edition\kerneld.wnt"

.

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\npggsvc]

"ImagePath"="c:\windows\system32\GameMon.des -service"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\Microsoft\SystemCertificates\AddressBook*]

@Allowed: (Read) (RestrictedCode)

.

[HKEY_USERS\S-1-5-21-484882791-4059793202-3278696200-1007\Software\SecuROM\License information*]

"datasecu"=hex:02,bd,4e,ee,17,04,52,9b,f9,e0,34,2e,47,f2,ac,2b,be,74,fc,78,f1,

0f,68,25,1f,74,40,11,98,ab,a4,9b,a0,e2,aa,62,4b,e1,0d,6a,c8,ae,af,6e,45,70,\

"rkeysecu"=hex:67,68,7a,37,96,63,29,84,de,3d,d0,37,0e,0f,6d,63

.

--------------------- DLLs Geladen Onder Lopende Processen ---------------------

.

- - - - - - - > 'explorer.exe'(1516)

c:\program files\Windows Desktop Search\deskbar.dll

c:\program files\Windows Desktop Search\nl-nl\dbres.dll.mui

c:\program files\Windows Desktop Search\dbres.dll

c:\program files\Windows Desktop Search\wordwheel.dll

c:\program files\Windows Desktop Search\nl-nl\msnlExtRes.dll.mui

c:\program files\Windows Desktop Search\msnlExtRes.dll

c:\windows\system32\msi.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

c:\program files\Browser MOUSE\MOUDL32A.DLL

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

c:\windows\system32\SearchIndexer.exe

c:\windows\system32\wscntfy.exe

c:\windows\system32\PRISMSTA.EXE

c:\progra~1\MI3AA1~1\rapimgr.exe

.

**************************************************************************

.

Voltooingstijd: 2012-06-23 15:32:23 - machine werd herstart

ComboFix-quarantined-files.txt 2012-06-23 13:32

ComboFix2.txt 2012-06-23 11:36

.

Pre-Run: 5.903.589.376 bytes beschikbaar

Post-Run: 5.891.608.576 bytes beschikbaar

.

- - End Of File - - C8FAFD7A9CCA32FEF51D0322B87D6F65

23 juni 2012

het lijkt vooralsnog dat hij een heel stuk sneller is (heb 2 webpaginas bekeken binnen 10seconde!!!).

ComboFix 12-06-23.05 - Adrie 23-06-2012 12:58:43.1.2 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.31.1043.18.1023.468 [GMT 2:00]

Gestart vanuit: c:\documents and settings\Adrie\Bureaublad\ComboFix.exe

AV: ESET Smart Security 4.0 *Disabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

FW: ESET Personal firewall *Enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}

.

ADS - system32: deleted 12 bytes in 1 streams.

.

(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\documents and settings\Adrie\Application Data\ACD Systems\ACDSee\ImageDB.ddf

c:\documents and settings\Adrie\Application Data\inst.exe

c:\documents and settings\Adrie\Application Data\SQLite3.dll

c:\documents and settings\Adrie\Application Data\vso_ts_preview.xml

c:\documents and settings\Adrie\WINDOWS

c:\documents and settings\All Users\Application Data\TEMP

C:\Documents

C:\option.ini

c:\windows\CRES1100.EXE

c:\windows\help\wmplayer.bak

c:\windows\IsUn0413.exe

c:\windows\pkunzip.pif

c:\windows\pkzip.pif

c:\windows\SwSys1.bmp

c:\windows\SwSys2.bmp

c:\windows\system32\dllcache\dlimport.exe

c:\windows\system32\dllcache\wmpvis.dll

c:\windows\system32\install

c:\windows\system32\SET5C.tmp

c:\windows\system32\SET61.tmp

c:\windows\system32\SET68.tmp

c:\windows\system32\SET71.tmp

c:\windows\system32\SET72.tmp

c:\windows\system32\SET73.tmp

c:\windows\system32\SET76.tmp

c:\windows\system32\Thumbs.db

c:\windows\unin0407.exe

c:\windows\unin0413.exe

.

((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.

-------\Legacy_FCI

-------\Legacy_ICF

-------\Legacy_ILVMONEYDRIVER53

-------\Legacy_WINRING0_1_0_1

-------\Service_IlvMoneyDRIVER53

-------\Service_WinRing0_1_0_1

.

(((((((((((((((((((( Bestanden Gemaakt van 2012-05-23 to 2012-06-23 ))))))))))))))))))))))))))))))

.

2012-06-23 10:34 . 2012-06-23 10:34 -------- d-----w- c:\documents and settings\All Users\Favorieten

2012-06-22 13:36 . 2012-06-22 13:36 1409 ----a-w- c:\windows\QTFont.for

2012-06-22 12:59 . 2012-06-22 12:59 388096 ----a-r- c:\documents and settings\Adrie\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2012-06-22 12:59 . 2012-06-22 12:59 -------- d-----w- c:\program files\Trend Micro

2012-06-20 14:31 . 2012-06-20 14:31 -------- d--h--r- c:\documents and settings\Adrie\Onlangs geopend