Trage laptop - zowel tijdens gebruik als met het opstarten

[Nathalie336]

Beste PC-HELP-mederweker en anderen,

Ik heb sinds nu bijna 5 jaar een HP Pavilion dv5

echter merk ik dat hij (al een gehele tijd) zeer traag is

hij doet gerust een kwartier over opstarten

en na het opstarten moet ik ook nog eens wachten tot dat ik daadwerkelijk bijv. kan surfen op het internet of mijn e-mail kan checken.

Nu heb ik alvast via Speccy een overzicht gemaakt van mijn PC prestaties

http://speccy.piriform.com/results/Q7jnRGikrqysnOfIBfHqZbO - dit is de link.

Is er iemand met tips voor mij ? ( Met CC cleaner heb ik al de standaardfuncties verwijderd en de d-schijf (inhoud) gewist)

Ik doe op zich niet zoveel op mijn pc behalve

-sportify luisteren

- live mail controleerd op mail

- surfen via firefox

[Asus]

Dag Nathalie336,

welkom op PCH.

Kan je het onderstaande uitvoeren ?...

1. Download HijackThis. (klik er op)

Klik op HijackThis.msi en de download start automatisch na 5 seconden.

Bestand HijackThis.msi opslaan. Daarna kiezen voor "uitvoeren".

Hijackthis wordt nu op je PC geïnstalleerd, een snelkoppeling wordt op je bureaublad geplaatst.

Als je geen netwerkverbinding meer hebt, kan je de download doen met een andere pc en het bestand met een usb stick overbrengen

Als je enkel nog in veilige modus kan werken, moet je de executable (HijackThis.exe) downloaden.

Sla deze op in een nieuwe map op de C schijf (bvb C:\\hijackthis) en start hijackthis dan vanaf deze map.

De logjes kan je dan ook in die map terugvinden.

---

2. Klik op de snelkoppeling om HijackThis te starten. (lees eerst de rode tekst hieronder!)

Klik ofwel op "Do a systemscan and save a logfile", ofwel eerst op "Scan" en dan op "Savelog".

Er opent een kladblokvenster, hou gelijktijdig de CTRL en A-toets ingedrukt, nu is alles geselecteerd. Hou gelijktijdig de CTRL en C-toets ingedrukt, nu is alles gekopieerd. Plak nu het HJT logje in je bericht door CTRL en V-toets.

Krijg je een melding ""For some reason your system denied writing to the Host file ....", klik dan gewoon door op de OK-toets.

Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis. (Bekijk hier de afbeelding ---> Klik hier)

---

3. Na het plaatsen van je logje wordt dit door een expert nagekeken en hij begeleidt jou verder door het ganse proces.

Tip!

Wil je in woord en beeld weten hoe je een logje met HijackThis maakt en plaatst op het forum, klik dan HIER.

[Nathalie336]

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 18:24:24, on 19-2-2013

Platform: Windows Vista SP2 (WinNT 6.00.1906)

MSIE: Internet Explorer v7.00 (7.00.6002.18005)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Soluto\soluto.exe

C:\Program Files\Trusteer\Rapport\bin\RapportService.exe

C:\Windows\system32\conime.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\System32\rundll32.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\WallpaperSS\WallpaperSS.exe

C:\Users\Nathalie\AppData\Roaming\Spotify\spotify.exe

C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Nathalie\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Speccy\Speccy.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_5_502_149.exe

c:\Users\Nathalie\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1142338/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll

R3 - URLSearchHook: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo0.dll

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: uTorrentBar_NL - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo0.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Softonic English Toolbar - {930f1200-f5f1-4870-bac6-e233ec8e7023} - C:\Program Files\Softonic_English\tbSof1.dll

O3 - Toolbar: uTorrentBar_NL Toolbar - {87775fdb-6972-41f9-ae51-8326e38cb206} - C:\Program Files\uTorrentBar_NL\prxtbuTo0.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start

O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe

O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe

O4 - HKLM\..\Run: [uCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [WallpaperSS] C:\Program Files\WallpaperSS\WallpaperSS.exe

O4 - HKCU\..\Run: [spotify] "C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\RunOnce: [shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -"Mozilla/5.0 (Windows; U; Windows NT 6.0; nl; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10" -"http://tomcat.schoolsite.utwente.nl/olo/client/module/index.jsp?height=&m=1133&ttid=&volgorde=1&width=&inPopup=&"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - Startup: Dropbox.lnk = Nathalie\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{07D77970-B205-460C-84E4-263F30455597}\Installer\InstallerService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Soluto PCGenome Core Service (SolutoService) - Soluto - C:\Program Files\Soluto\SolutoService.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe

--

End of file - 13499 bytes

[Asus]

Prima !

Wordt deze laptop correct gebruikt: op een harde, gladde en stofvrije ondergrond ?...

Je logje wordt geanalyseerd door een malware-specialist.

[Nathalie336]

Ja, mijn batterij werkt niet meer dus hij staat altijd op mijn bureau met een kleine "onderzetter" (normaal gebruikt voor een pan) eronder zodat de hitte niet mijn bureau beschadigd.

Alvast bedankt voor de hulp!

[Asus]

Te hoge temperaturen van een PC / laptop worden meestal veroorzaakt door een te hoog stofgehalte. Om dit op een veilige manier te verwijderen verwijzen we graag naar deze zeer duidelijke uitleg.

Neem de tips grondig door en doe het nodige om je systeem stofvrij te (laten) maken…nadien kan je ons dan de nieuwe resultaten van Speccy bezorgen.

[juisterr]

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

   
  startupall; 
  filesrcm; 
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
  • Standard Search
    
  • Auto Clean
    
  • 
    
  • Empty All Temp
    
  • 
    
  • IE Defaults
    
  • Reset IE proxy
    
  • 
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[Nathalie336]

Zoek.exe Version 4.0.0.1 Updated 18-02-2013

Tool run by Nathalie on di 19-02-2013 at 21:32:56,64.

Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86

Running in: Normal Mode Internet Access Detected

==== Creating Sample_19-02-2013_2141.zip ======================

Process firefox.exe killed

Process rundll32.exe killed

Copied file C:\Users\Nathalie\abcnokia_setup.exe to sample

sample\abcnokia_setup.exe renamed to FB1B1EB51CA249C721CD859B00214EE3

C:\Users\Public\Desktop\sample_19-02-2013_2141.zip created successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\winlogon.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\system32\Hpservice.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Soluto\soluto.exe

C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe

C:\Program Files\BlueStacks\HD-LogRotatorService.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Windows\SMINST\BLService.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Program Files\Soluto\SolutoService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\conime.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Program Files\Alwil Software\Avast5\AvastUI.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\WindowsMobile\wmdSync.exe

C:\Program Files\BlueStacks\HD-Agent.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\WallpaperSS\WallpaperSS.exe

C:\Users\Nathalie\AppData\Roaming\Spotify\spotify.exe

C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Nathalie\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Hewlett-Packard\HP wireless Assistant\WiFiMsg.EXE

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe

C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\Windows Live\Mail\wlmail.exe

C:\Program Files\Windows Live\Contacts\wlcomm.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\CCleaner\CCleaner.exe

C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

c:\Users\Nathalie\Downloads\zoek.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k WindowsMobile

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\soluto deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\soluto deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\soluto deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\soluto deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\solutoservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\solutoservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\solutoservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\solutoservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\solutoservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\solutoservice deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default

user.js not found

---- Lines CT1142338 removed from prefs.js ----

user_pref("CT1142338.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT1142338.CTID", "CT1142338");

user_pref("CT1142338.CurrentServerDate", "1-3-2010");

user_pref("CT1142338.DialogsAlignMode", "LTR");

user_pref("CT1142338.EMailNotifierPollDate", "Mon Mar 01 2010 17:29:00 GMT+0100");

user_pref("CT1142338.FirstServerDate", "1-3-2010");

user_pref("CT1142338.FirstTime", true);

user_pref("CT1142338.FirstTimeFF3", true);

user_pref("CT1142338.FixPageNotFoundErrors", true);

user_pref("CT1142338.GroupingServerCheckInterval", 1440);

user_pref("CT1142338.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT1142338.Initialize", true);

user_pref("CT1142338.InitializeCommonPrefs", true);

user_pref("CT1142338.InstalledDate", "Mon Mar 01 2010 17:28:57 GMT+0100");

user_pref("CT1142338.InvalidateCache", false);

user_pref("CT1142338.IsGrouping", false);

user_pref("CT1142338.IsMulticommunity", false);

user_pref("CT1142338.IsOpenThankYouPage", true);

user_pref("CT1142338.IsOpenUninstallPage", true);

user_pref("CT1142338.LanguagePackLastCheckTime", "Mon Mar 01 2010 17:28:59 GMT+0100");

user_pref("CT1142338.LanguagePackReloadIntervalMM", 1440);

user_pref("CT1142338.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT1142338.LastLogin_2.5.6.0", "Mon Mar 01 2010 17:28:59 GMT+0100");

user_pref("CT1142338.LatestVersion", "2.1.0.18");

user_pref("CT1142338.Locale", "en-us");

user_pref("CT1142338.LoginCache", 4);

user_pref("CT1142338.MCDetectTooltipHeight", "83");

user_pref("CT1142338.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT1142338.MCDetectTooltipWidth", "295");

user_pref("CT1142338.RadioIsPodcast", false);

user_pref("CT1142338.RadioLastCheckTime", "Mon Mar 01 2010 17:28:58 GMT+0100");

user_pref("CT1142338.RadioLastUpdateIPServer", "3");

user_pref("CT1142338.RadioLastUpdateServer", "128929877726170000");

user_pref("CT1142338.RadioMediaID", "6866669");

user_pref("CT1142338.RadioMediaType", "Media Player");

user_pref("CT1142338.RadioMenuSelectedID", "EBRadioMenu_CT11423386866669");

user_pref("CT1142338.RadioStationName", "MTV");

user_pref("CT1142338.RadioStationURL", "http://www.radios.com.br/asx/dmtvgo-br.asx");

user_pref("CT1142338.SHRINK_TOOLBAR", 1);

user_pref("CT1142338.SavedHomepage", "chrome://speeddial/content/speeddial.xul");

user_pref("CT1142338.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT1142338&octid=EB_ORIGINAL_CTID");

user_pref("CT1142338.SearchFromAddressBarIsInit", true);

user_pref("CT1142338.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1142338&q=");

user_pref("CT1142338.SearchInNewTabEnabled", true);

user_pref("CT1142338.SearchInNewTabIntervalMM", 1440);

user_pref("CT1142338.SearchInNewTabLastCheckTime", "Mon Mar 01 2010 17:28:59 GMT+0100");

user_pref("CT1142338.SearchInNewTabServiceUrl", "http://hosting.conduit-services.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT1142338.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT1142338.SettingsCheckIntervalMin", 120);

user_pref("CT1142338.SettingsLastCheckTime", "Mon Mar 01 2010 17:28:56 GMT+0100");

user_pref("CT1142338.SettingsLastUpdate", "1267436417");

user_pref("CT1142338.ThirdPartyComponentsInterval", 504);

user_pref("CT1142338.ThirdPartyComponentsLastCheck", "Mon Mar 01 2010 17:28:56 GMT+0100");

user_pref("CT1142338.ThirdPartyComponentsLastUpdate", "1267436417");

user_pref("CT1142338.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT1142338.UserID", "UN12720440710636793");

user_pref("CT1142338.ValidationData_Toolbar", 0);

user_pref("CT1142338.WeatherNetwork", "");

user_pref("CT1142338.WeatherPollDate", "Mon Mar 01 2010 17:28:58 GMT+0100");

user_pref("CT1142338.WeatherUnit", "C");

user_pref("CT1142338.alertChannelId", "634");

user_pref("CT1142338.backendstorage.http://topix_cachefly_net/static.topix-localnodejson", "7B226C6F63616C6A736F6E223A207B226C6174223A202235322E31303939383135333638363532222C2022736E223A2022557472656368742C204E65746865726C616E6473222C20226C6F6E223A2022352E3038333630383836353733373932222C20226E6F6465223A20226E6C2F75747265636874222C2022706E223A2022557472656368742C204E65746865726C616E6473227D2C202274696D657374616D70223A20313236373436303934313838377D");

user_pref("CT1142338.clientLogIsEnabled", true);

user_pref("CT1142338.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT1142338.myStuffEnabled", true);

user_pref("CT1142338.myStuffPublihserMinWidth", 400);

user_pref("CT1142338.myStuffSearchUrl", "http://search.conduit.com/Results.aspx?q=SEARCH_TERM&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID&SearchType=ToolbarComponents");

user_pref("CT1142338.myStuffServiceIntervalMM", 1440);

user_pref("CT1142338.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");

user_pref("CT1142338.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CommunityToolbar.ToolbarsList", "CT1142338,CT2865317");

user_pref("CommunityToolbar.ToolbarsList2", "CT1142338,ConduitEngine,CT2865317");

user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT1142338");

user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT1142338&SearchSource=3&q={searchTerms}");

---- Lines CT1142338 modified from prefs.js ----

---- Lines CT2865317 removed from prefs.js ----

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2865317", "\"1334671211\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2865317", "\"e6715935bc61d8502735ee5f6c368a10\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2865317/CT2865317", "\"1293382732\"");

user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2865317/CT2865317", "\"61e60396742879ba382c33c0e49dad9c3\"");

user_pref("CommunityToolbar.OriginalEngineOwner", "CT2865317");

user_pref("CT2865317..clientLogIsEnabled", false);

user_pref("CT2865317..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2865317..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2865317.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2865317.alertChannelId", "1257316");

user_pref("CT2865317.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

user_pref("CT2865317.components.1000034", false);

user_pref("CT2865317.components.1000234", false);

user_pref("CT2865317.components.129363015615494356", false);

user_pref("CT2865317.components.129363015615963108", false);

user_pref("CT2865317.components.129363015616119359", false);

user_pref("CT2865317.components.129363015617994372", false);

user_pref("CT2865317.components.129363015617994373", false);

user_pref("CT2865317.components.5397019970362056034", false);

user_pref("CT2865317.CTID", "CT2865317");

user_pref("CT2865317.CurrentServerDate", "11-2-2013");

user_pref("CT2865317.DialogsAlignMode", "LTR");

user_pref("CT2865317.DialogsGetterLastCheckTime", "Sun Feb 10 2013 21:47:26 GMT+0100");

user_pref("CT2865317.DownloadReferralCookieData", "");

user_pref("CT2865317.EMailNotifierPollDate", "Fri Dec 31 2010 16:47:08 GMT+0100");

user_pref("CT2865317.EnableClickToSearchBox", false);

user_pref("CT2865317.EnableSearchHistory", false);

user_pref("CT2865317.EnableSearchSuggest", false);

user_pref("CT2865317.FeedLastCount5397019970362056034", 182);

user_pref("CT2865317.FeedPollDate129363015634713160", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713166", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713172", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713178", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713184", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713190", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713196", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713202", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713208", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713214", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.FeedPollDate129363015634713220", "Fri Dec 31 2010 16:47:10 GMT+0100");

user_pref("CT2865317.FeedTTL129363015634713160", 10);

user_pref("CT2865317.FeedTTL129363015634713184", 15);

user_pref("CT2865317.FeedTTL129363015634713196", 5);

user_pref("CT2865317.FeedTTL129363015634713208", 5);

user_pref("CT2865317.FirstServerDate", "31-12-2010");

user_pref("CT2865317.FirstTime", true);

user_pref("CT2865317.FirstTimeFF3", true);

user_pref("CT2865317.FixPageNotFoundErrors", false);

user_pref("CT2865317.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrlPattern\":\"http://appdownload.conduit.com/\",\"RevertSettingsEnabled\":\"TRUE\",\"WorkingAppsWhenHiddenList\":\"[\\\"6cfe5439-68c4-4541-859e-cf72ae454b3e\\\"]\"}");

user_pref("CT2865317.GroupingServerCheckInterval", 1440);

user_pref("CT2865317.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2865317.HasUserGlobalKeys", true);

user_pref("CT2865317.homepageProtectorEnableByLogin", true);

user_pref("CT2865317.initDone", true);

user_pref("CT2865317.Initialize", true);

user_pref("CT2865317.InitializeCommonPrefs", true);

user_pref("CT2865317.InstallationAndCookieDataSentCount", 3);

user_pref("CT2865317.InstallationType", "UnknownIntegration");

user_pref("CT2865317.InstalledDate", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.IsGrouping", false);

user_pref("CT2865317.IsMulticommunity", false);

user_pref("CT2865317.IsOpenThankYouPage", true);

user_pref("CT2865317.IsOpenUninstallPage", false);

user_pref("CT2865317.LanguagePackLastCheckTime", "Sun Feb 10 2013 21:47:26 GMT+0100");

user_pref("CT2865317.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2865317.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2865317.LastLogin_3.12.0.7", "Thu May 03 2012 09:11:34 GMT+0200");

user_pref("CT2865317.LastLogin_3.12.2.3", "Fri Jun 08 2012 21:50:02 GMT+0200");

user_pref("CT2865317.LastLogin_3.13.0.6", "Sat Jul 21 2012 10:26:18 GMT+0200");

user_pref("CT2865317.LastLogin_3.14.1.0", "Thu Sep 20 2012 16:34:17 GMT+0200");

user_pref("CT2865317.LastLogin_3.15.1.0", "Wed Nov 07 2012 12:09:35 GMT+0100");

user_pref("CT2865317.LastLogin_3.16.0.3", "Mon Feb 11 2013 18:17:54 GMT+0100");

user_pref("CT2865317.LastLogin_3.2.5.2", "Fri Jan 14 2011 10:02:54 GMT+0100");

user_pref("CT2865317.LatestVersion", "3.18.0.7");

user_pref("CT2865317.Locale", "nl");

user_pref("CT2865317.MCDetectTooltipHeight", "83");

user_pref("CT2865317.MCDetectTooltipShow", false);

user_pref("CT2865317.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2865317.MCDetectTooltipWidth", "295");

user_pref("CT2865317.myStuffEnabled", true);

user_pref("CT2865317.MyStuffEnabledAtInstallation", true);

user_pref("CT2865317.myStuffPublihserMinWidth", 400);

user_pref("CT2865317.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");

user_pref("CT2865317.myStuffServiceIntervalMM", 1440);

user_pref("CT2865317.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");

user_pref("CT2865317.revertSettingsEnabled", true);

user_pref("CT2865317.SearchBackToDefaultEngine", false);

user_pref("CT2865317.SearchFromAddressBarIsInit", true);

user_pref("CT2865317.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2865317&q=");

user_pref("CT2865317.SearchInNewTabEnabled", true);

user_pref("CT2865317.SearchInNewTabIntervalMM", 1440);

user_pref("CT2865317.SearchInNewTabLastCheckTime", "Sun Feb 10 2013 21:47:20 GMT+0100");

user_pref("CT2865317.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");

user_pref("CT2865317.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2865317.SearchInNewTabUserEnabled", false);

user_pref("CT2865317.searchProtectorDialogDelayInSec", 10);

user_pref("CT2865317.searchProtectorEnableByLogin", true);

user_pref("CT2865317.SearchProtectorToolbarDisabled", true);

user_pref("CT2865317.ServiceMapLastCheckTime", "Sun Feb 10 2013 21:47:29 GMT+0100");

user_pref("CT2865317.SettingsLastCheckTime", "Mon Feb 11 2013 19:09:05 GMT+0100");

user_pref("CT2865317.SettingsLastUpdate", "1360591919");

user_pref("CT2865317.testingCtid", "");

user_pref("CT2865317.ThirdPartyComponentsInterval", 504);

user_pref("CT2865317.ThirdPartyComponentsLastCheck", "Fri Dec 31 2010 16:47:08 GMT+0100");

user_pref("CT2865317.ThirdPartyComponentsLastUpdate", "1256029839");

user_pref("CT2865317.toolbarAppMetaDataLastCheckTime", "Sun Feb 10 2013 21:47:26 GMT+0100");

user_pref("CT2865317.toolbarContextMenuLastCheckTime", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.ToolbarDisabled", true);

user_pref("CT2865317.ToolbarShrinkedFromSetup", false);

user_pref("CT2865317.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCityToolbar.com,MyCollegeToolbar.com,MyFamilyToolbar.com,MyForumToolbar.com,MyLibraryToolbar.com,MyRadioToolbar.com,MyStoreToolbar.com,MyTownToolbar.com,MyUniversityToolbar.com,OurChurchToolbar.com,MyXangaToolbar.com,Media-Toolbar.com,LoyaltyToolbar.com,MyTeamToolbar.com,GreatToolbars.com,OurOrganizationToolbar.com,OurBusinessToolbar.com,Toolbar.fm");

user_pref("CT2865317.TrusteLinkUrl", "http://trust.conduit.com/CT2865317");

user_pref("CT2865317.usageEnabled", false);

user_pref("CT2865317.usagesFlag", 2);

user_pref("CT2865317.UserID", "UN70251556363789050");

user_pref("CT2865317.ValidationData_Toolbar", 2);

user_pref("CT2865317.WeatherNetwork", "");

user_pref("CT2865317.WeatherPollDate", "Fri Dec 31 2010 16:47:09 GMT+0100");

user_pref("CT2865317.WeatherUnit", "C");

---- Lines CT2865317 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1257316/1252989/NL", "\"0\"");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/NL", "\"0\"");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=nl", "Zee/agZSWJctT5JcsQKOQQ==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=nl", "WK0kB9I0mEKrgXzRSucZOg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=nl", "a47lyj7cLWBfKLgeVP5JNA==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=nl", "usxMmzQB3nBBrW02oMMibw==");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"01ffa8b1cc6cb1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.3.2", "\"807dc126dd28cc1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.0.7", "\"4ead38b3e6bcd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"4ead38b3e6bcd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13.0.6", "\"0d648794549cd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14.1.0", "\"0e0a4327275cd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15.1.0", "\"0343677cfb1cd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16.0.3", "\"0343677cfb1cd1:0\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/toolbar/", "\"634289840782570000\"");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=1/11/2011 5:25:10 PM", "634356118310000000");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2010 4:33:06 PM", "634303635100000000");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=EB_LOCALE", "\"88eef6610905598e4cdef3edc77d8f2b\"");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=nl", "\"737257451ba8c987652359f56171f7aa\"");

---- Lines conduit modified from prefs.js ----

user_pref("extensions.enabledItems", "{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54,piclens@cooliris.com:1.12.2.44172,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26,{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8,en-US@dictionaries.addons.mozilla.org:5.0.1,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,engine@conduit.com:3.3.3.2,{87775fdb-6972-41f9-ae51-8326e38cb206}:3.3.3.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

user_pref("extensions.toolbar@ask.com.install-event-fired", true);

---- Lines ask.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultthis.engineName", "Softonic English Customized Web Search");

---- Lines Web Search modified from prefs.js ----

---- Lines Customized removed from prefs.js ----

---- Lines Customized modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 28 2011 16:26:19 GMT+0200");

user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jun 27 2011 13:07:56 GMT+0200");

user_pref("CommunityToolbar.alert.locale", "en");

user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jun 27 2011 13:06:58 GMT+0200");

user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");

user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

user_pref("CommunityToolbar.alert.showTrayIcon", false);

user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.alert.userId", "fa34ea65-1608-4e8f-8bfd-49743bf7d28c");

user_pref("CommunityToolbar.EngineOwner", "");

user_pref("CommunityToolbar.EngineOwnerGuid", "{87775fdb-6972-41f9-ae51-8326e38cb206}");

user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar_nl");

user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jan 13 2011 17:02:05 GMT+0100");

user_pref("CommunityToolbar.globalUserId", "71e272a4-6d05-4d45-bb79-8a46e03147f7");

user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

user_pref("CommunityToolbar.IsEngineShown", true);

user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

user_pref("CommunityToolbar.killedEngine", true);

user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{87775fdb-6972-41f9-ae51-8326e38cb206}");

user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar_nl");

user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.properties");

user_pref("CommunityToolbar.undefined", "");

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ----

---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ----

user_pref("extensions.enabledItems", "{C0D0F6D1-9FC9-4b0a-B485-D5E13AF40D51}:2.3.54,piclens@cooliris.com:1.12.2.44172,{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.2.26,{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}:6.0.12,{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13,{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15,{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17,{20a82645-c095-46ed-80e3-08825760534b}:1.2.1,{64161300-e22b-11db-8314-0800200c9a66}:0.9.5.8,en-US@dictionaries.addons.mozilla.org:5.0.1,{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19,{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,engine@disabled.com:3.3.3.2,{87775fdb-6972-41f9-ae51-8326e38cb206}:3.3.3.2,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17");

---- FireFox user.js and prefs.js backups ----

prefs_19-02-2013_2142_.backup

==== Deleting Files \ Folders ======================

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\searchplugins\conduit.xml" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\searchplugins\isohunt---bt-search.xml" deleted

"C:\Users\Nathalie\abcnokia_setup.exe" deleted

"C:\Program Files\Softonic_English" deleted

"C:\Program Files\uTorrentBar_NL" deleted

"C:\Program Files\Conduit" deleted

"C:\Users\Nathalie\AppData\Local\Conduit" deleted

"C:\Users\Nathalie\AppData\LocalLow\uTorrentBar_NL" deleted

"C:\Users\Nathalie\AppData\LocalLow\PriceGong" deleted

"C:\Users\Nathalie\AppData\LocalLow\Conduit" deleted

"C:\Users\Nathalie\AppData\LocalLow\conduitEngine" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\CT1142338" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\CT2865317" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\CT1142338" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\CT2865317" deleted

"C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default\conduit" deleted

==== System Specs ======================

Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002)

Internet Explorer: 7.0.6002.18005

Memory (RAM): 3069 MB

CPU Info: Intel® Core2 Duo CPU T5800 @ 2.00GHz

CPU Speed: 917,7 MHz

Sound Card: Luidsprekers en Dual koptelefoo |

SPDIF (Digitaal Uit via HP Dock |

Onafhankelijke Dual koptelefoon |

Display Adapters: NVIDIA GeForce 9200M GS | NVIDIA GeForce 9200M GS | RDPDD Chained DD | RDP Encoder Mirror Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1280 X 800 - 32 bit

Network: Network Present

Network Adapters: Broadcom 802.11g-netwerkadapter | Realtek RTL8168C(P)/8111C(P) Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)

CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T50L

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 9 Button Wheel Mouse Present

Hard Disks: C: 289,0GB | D: 9,1GB

Hard Disks - Free: C: 9,1GB | D: 9,0GB

Manufacturer *: Hewlett-Packard

BIOS Info: AT/AT COMPATIBLE | 09/18/08 | HPQOEM - 1

Time Zone: West-Europa (standaardtijd)

Motherboard *: Quanta 3603

Sun Java version: 1.6.0_21

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Nathalie\AppData\Local\Temp ====

====== C:\Windows\system32 =====

2013-02-18 20:13:42 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\Windows\System32\jmcricon.dll

2013-02-18 15:01:47 868E35B13F37C454C17202845C94E5D3 3621376 ----a-w- C:\Windows\System32\mshtml.dll

2013-02-18 15:01:44 4579402A30CD556DA922FE5B6C9E2FB9 479232 ----a-w- C:\Windows\System32\mshtmled.dll

2013-02-18 15:01:28 03E311EA12D55A34A88CD03C66DA8934 1176576 ----a-w- C:\Windows\System32\urlmon.dll

2013-02-18 15:01:27 B65E1638542D3DE5EAEE8F1BA044DA76 6118400 ----a-w- C:\Windows\System32\ieframe.dll

2013-02-18 15:01:26 D727A93888943CD2191DF60D521D45F1 834048 ----a-w- C:\Windows\System32\wininet.dll

2013-02-18 15:01:25 92AECF9392029E3FABD49BB0528D88E5 389632 ----a-w- C:\Windows\System32\html.iec

2013-02-18 15:01:25 4579326FE26B48249A63CE19CAF67CCB 671232 ----a-w- C:\Windows\System32\mstime.dll

2013-02-18 15:01:23 8B0921EE820C720522128806B8C135C4 498688 ----a-w- C:\Windows\System32\msfeeds.dll

2013-02-18 15:01:22 B63E487BE17DACEC5904681914F88B0C 180736 ----a-w- C:\Windows\System32\ieui.dll

2013-02-18 15:01:22 47A236D3351856BCD98CA9A90FEB4C10 193024 ----a-w- C:\Windows\System32\iepeers.dll

2013-02-18 15:01:21 D2459072EA207FF0D7165DDAA5954DF9 270336 ----a-w- C:\Windows\System32\iertutil.dll

2013-02-18 15:01:18 F2B79411CCCE7BE739455A4D29CB3B6D 106496 ----a-w- C:\Windows\System32\url.dll

2013-02-18 15:01:18 6ADDF74BEE13CB32D9F38429838D1419 27648 ----a-w- C:\Windows\System32\jsproxy.dll

2013-02-18 15:01:16 DF649DF15F343622F98F5C19371D8B99 380928 ----a-w- C:\Windows\System32\ieapfltr.dll

2013-02-18 15:01:16 4B0060836FEEAC79DAD1EB6C1732861D 1383424 ----a-w- C:\Windows\System32\mshtml.tlb

2013-02-18 14:57:51 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys

2013-02-18 14:57:46 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2013-02-18 14:46:43 691F1612558BF6B27F952C4B1073B0D1 3550072 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-02-18 14:46:32 E185428925DBC53CE59B2A5CBA64B837 3602808 ----a-w- C:\Windows\System32\ntkrnlpa.exe

====== C:\Windows\system32\drivers =====

2013-02-18 20:13:42 8BBE388234C79E51EBB091EDBFA77EA7 144472 ----a-w- C:\Windows\System32\drivers\jmcr.sys

2013-02-18 14:57:39 74E2D020C47BB2B2FCCBA29A518A7EB4 905576 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-04 14:29:18 088FE7E158E8074FBA435DEC93449759 102008 ----a-w- C:\Windows\System32\drivers\RapportKELL.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-02-19 15:48:48 -------- d-----w- C:\Program Files\Speccy

2013-02-18 20:15:01 -------- d-----w- C:\Program Files\JMicron

2013-01-21 14:01:35 -------- d-----w- C:\Program Files\iPod

2013-01-21 14:01:31 -------- d-----w- C:\Program Files\iTunes

======= C: =====

====== C:\Users\Nathalie\AppData\Roaming ======

====== C:\Users\Nathalie ======

2013-01-21 14:01:31 -------- d-----w- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1

====== C: exe-files ==

2013-02-19 14:34:59 8F96C0195246108C914E97EBF177C781 311296 ----a-w- C:\Program Files\InstallShield Installation Information\{CDD849CF-7442-466F-B026-8C93990A7C3C}\Setup.exe

2013-02-19 14:29:33 42969C5B94F7544513252941B9DA2121 49696 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_d3ee5689-eeaf-4900-b968-7ecd411bfe75\PCGAppControlPluginLoader.exe

2013-02-19 14:29:27 42969C5B94F7544513252941B9DA2121 49696 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_a0fe50d4-6d1f-488c-bbef-d87ed1568cf2\PCGAppControlPluginLoader.exe

2013-02-19 14:24:23 1EF788F187FEC8D4F38D7BF6681B01A8 36864 ----a-w- C:\ProgramData\Temp\{CDD849CF-7442-466F-B026-8C93990A7C3C}\PostBuild.exe

2013-02-18 20:15:01 A8EDF3036ACF0F72F6708FC13C0D3684 1202776 ----a-w- C:\Program Files\JMicron\JMCR_DIR\setup.exe

2013-02-18 20:13:41 A8EDF3036ACF0F72F6708FC13C0D3684 1202776 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Setup.exe

2013-02-18 10:39:53 42969C5B94F7544513252941B9DA2121 49696 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_a5c303b1-2c85-4fd5-aac2-88455e370e44\PCGAppControlPluginLoader.exe

2013-02-18 10:39:30 42969C5B94F7544513252941B9DA2121 49696 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_bbe54b7d-4eaa-45cc-9cc9-39c5a9ee128a\PCGAppControlPluginLoader.exe

=== C: other files ==

2013-02-19 20:41:11 002150EAB8531B302AF209F7068D3FBE 1872766 ----a-w- C:\Users\Public\Desktop\sample_19-02-2013_2141.zip

2013-02-19 14:34:59 D02B453C9B91D48897CBB02F93C16BAA 4192762 ----a-w- C:\Program Files\InstallShield Installation Information\{CDD849CF-7442-466F-B026-8C93990A7C3C}\ISSetup.dll

2013-02-19 14:29:33 50D989B62637D3D1D1108AEC46D60E60 96824 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_d3ee5689-eeaf-4900-b968-7ecd411bfe75\SkypeAppControlPlugin_1.0.0.57.dll

2013-02-19 14:29:32 50D989B62637D3D1D1108AEC46D60E60 96824 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControlPlugin_1.0.0.57.dll

2013-02-19 14:29:27 AF5A9F3DC35506B3426B0F0663774902 49720 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_a0fe50d4-6d1f-488c-bbef-d87ed1568cf2\DropboxAppControlPlugin_1.0.0.57.dll

2013-02-19 14:29:26 AF5A9F3DC35506B3426B0F0663774902 49720 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControlPlugin_1.0.0.57.dll

2013-02-18 20:15:01 E9798FB8361DE1A098CB9BDEDFD5F0F6 80472 ----a-w- C:\Program Files\JMicron\JMCR_DIR\setup.dll

2013-02-18 20:15:01 1BD976DD77B31FE0F25708AD5C1351AE 319456 ----a-w- C:\Program Files\JMicron\JMCR_DIR\DIFxAPI.dll

2013-02-18 20:13:42 E56417C56B6A7316B6F527C890A1860D 174168 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Driver\x64\JmCR.sys

2013-02-18 20:13:42 B5C8373EDE5767C3DF16E238AE290986 80472 ----a-w- C:\DRIVERS\WIN\MULTISLOT\SDSecureDLL\SdJmPCIE.dll

2013-02-18 20:13:42 8BBE388234C79E51EBB091EDBFA77EA7 144472 ----a-w- C:\Windows\System32\drivers\jmcr.sys

2013-02-18 20:13:42 8BBE388234C79E51EBB091EDBFA77EA7 144472 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Driver\x32\JmCR.sys

2013-02-18 20:13:42 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\Windows\System32\jmcricon.dll

2013-02-18 20:13:42 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Driver\x64\JmCrIcon.dll

2013-02-18 20:13:42 289BD7053FE907BD5059AEF4694D334C 203352 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Driver\x32\JmCrIcon.dll

2013-02-18 20:13:41 F5558C67A3ADB662D43D40A1CBDE4160 525792 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Application\x64\DIFxAPI.dll

2013-02-18 20:13:41 E9798FB8361DE1A098CB9BDEDFD5F0F6 80472 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Application\setup.dll

2013-02-18 20:13:41 A7288CE9D6F19098BD71A2682DE1165C 31 ----a-w- C:\DRIVERS\WIN\MULTISLOT\silentsetup.bat

2013-02-18 20:13:41 1BD976DD77B31FE0F25708AD5C1351AE 319456 ----a-w- C:\DRIVERS\WIN\MULTISLOT\Application\DIFxAPI.dll

2013-02-18 15:01:47 868E35B13F37C454C17202845C94E5D3 3621376 ----a-w- C:\Windows\System32\mshtml.dll

2013-02-18 15:01:44 4579402A30CD556DA922FE5B6C9E2FB9 479232 ----a-w- C:\Windows\System32\mshtmled.dll

2013-02-18 15:01:28 03E311EA12D55A34A88CD03C66DA8934 1176576 ----a-w- C:\Windows\System32\urlmon.dll

2013-02-18 15:01:27 B65E1638542D3DE5EAEE8F1BA044DA76 6118400 ----a-w- C:\Windows\System32\ieframe.dll

2013-02-18 15:01:26 D727A93888943CD2191DF60D521D45F1 834048 ----a-w- C:\Windows\System32\wininet.dll

2013-02-18 15:01:25 4579326FE26B48249A63CE19CAF67CCB 671232 ----a-w- C:\Windows\System32\mstime.dll

2013-02-18 15:01:23 8B0921EE820C720522128806B8C135C4 498688 ----a-w- C:\Windows\System32\msfeeds.dll

2013-02-18 15:01:22 B63E487BE17DACEC5904681914F88B0C 180736 ----a-w- C:\Windows\System32\ieui.dll

2013-02-18 15:01:22 47A236D3351856BCD98CA9A90FEB4C10 193024 ----a-w- C:\Windows\System32\iepeers.dll

2013-02-18 15:01:21 D2459072EA207FF0D7165DDAA5954DF9 270336 ----a-w- C:\Windows\System32\iertutil.dll

2013-02-18 15:01:20 ED48496157BC35E13E2840A69AD2B9C0 129024 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll

2013-02-18 15:01:18 F2B79411CCCE7BE739455A4D29CB3B6D 106496 ----a-w- C:\Windows\System32\url.dll

2013-02-18 15:01:18 6ADDF74BEE13CB32D9F38429838D1419 27648 ----a-w- C:\Windows\System32\jsproxy.dll

2013-02-18 15:01:16 DF649DF15F343622F98F5C19371D8B99 380928 ----a-w- C:\Windows\System32\ieapfltr.dll

2013-02-18 15:01:07 000944786DCB386CD90DA6277BC1B7D3 766976 ----a-w- C:\Program Files\Common Files\microsoft shared\vgx\VGX.dll

2013-02-18 14:57:51 1C1F3014453865E805A8708751743A48 2048512 ----a-w- C:\Windows\System32\win32k.sys

2013-02-18 14:57:46 C43DECDAC58C0A43E0376A216590F40A 1314816 ----a-w- C:\Windows\System32\quartz.dll

2013-02-18 14:57:39 74E2D020C47BB2B2FCCBA29A518A7EB4 905576 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-02-18 10:39:54 50D989B62637D3D1D1108AEC46D60E60 96824 ----a-w- C:\ProgramData\Soluto\Temp\SkypeAppControl_a5c303b1-2c85-4fd5-aac2-88455e370e44\SkypeAppControlPlugin_1.0.0.57.dll

2013-02-18 10:39:31 AF5A9F3DC35506B3426B0F0663774902 49720 ----a-w- C:\ProgramData\Soluto\Temp\DropboxAppControl_bbe54b7d-4eaa-45cc-9cc9-39c5a9ee128a\DropboxAppControlPlugin_1.0.0.57.dll

2013-02-18 10:15:30 E3AE78C0F00A5E3792A1A3BCA33B6DF3 585944 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_50414.sys

2013-02-18 10:15:30 CD55DB50735961FF8046AD3160E900A6 316984 ----a-w- C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_50414.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"WallpaperSS"="C:\Program Files\WallpaperSS\WallpaperSS.exe"

"Spotify"="C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla/5.0 (Windows; U; Windows NT 6.0; nl; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 -http://tomcat.schoolsite.utwente.nl/olo/client/module/index.jsp?height=&m=1133&ttid=&volgorde=1&width=&inPopup=&"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"

"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"avast5"="C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui"

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"

"Windows Mobile-based device management"="C:\Windows\WindowsMobile\wmdSync.exe"

"BlueStacks Agent"="C:\Program Files\BlueStacks\HD-Agent.exe"

"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0"

"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"WallpaperSS"="C:\Program Files\WallpaperSS\WallpaperSS.exe"

"Spotify"="C:\Users\Nathalie\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Nathalie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Shockwave Updater"="C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103472 -Mozilla/5.0 (Windows; U; Windows NT 6.0; nl; rv:1.9.0.10) Gecko/2009042316 Firefox/3.0.10 -http://tomcat.schoolsite.utwente.nl/olo/client/module/index.jsp?height=&m=1133&ttid=&volgorde=1&width=&inPopup=&"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Adobe Reader Speed Launcher"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleSyncNotifier]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AppleSyncNotifier"

"hkey"="HKLM"

"command"="C:\\Program Files\\Common Files\\Apple\\Mobile Device Support\\AppleSyncNotifier.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="APSDaemon"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="GrooveMonitor"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HP Software Update"

"hkey"="HKLM"

"command"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="iTunesHelper"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="LightScribe Control Panel"

"hkey"="HKCU"

"command"="C:\\Program Files\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaMServer]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NokiaMServer"

"hkey"="HKLM"

"command"="C:\\Program Files\\Common Files\\Nokia\\MPlatform\\NokiaMServer /watchfiles startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QPService]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QPService"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="QuickTime Task"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UCam_Menu]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UCam_Menu"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\YouCam\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\YouCam\" UpdateWithCreateOnce \"Software\\CyberLink\\YouCam\\2.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePDRShortCut]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="UpdatePDRShortCut"

"hkey"="HKLM"

"command"="\"C:\\Program Files\\CyberLink\\PowerDirector\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\PowerDirector\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerDirector\\8.0\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="uTorrent"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\uTorrent\\uTorrent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\BTTray.lnk"

"backup"="C:\\Windows\\pss\\BTTray.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe "

"item"="BTTray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"item"="McAfee Security Scan Plus"

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\20DEB9~1.181\\SSSCHE~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AeLookupSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GameConsoleService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\IDriverT]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LightScribeService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Nero BackItUp Scheduler 4.0]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QPCapSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\QPSched]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo]

==== Startup Folders ======================

2013-01-07 13:57:12 999 ----a-w- C:\users\Nathalie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [10-02-2013 22:09]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default

- Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- Speed Dial - %ProfilePath%\extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Skype extension for Firefox - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}

- Skype extension for Firefox - %AppDir%\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}(67)

==== Firefox Plugins ======================

Profilepath: C:\Users\Nathalie\AppData\Roaming\Mozilla\Firefox\Profiles\v6u5wlxi.default

F733C59712465B0BD2130BB7C1A6D6E3 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_149.dll - Shockwave Flash

69505F9C479C4FF95621C3E1A7B6E5CE - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

D1CC5365F151777DF447242E476796BA - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

D1CC5365F151777DF447242E476796BA - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat

AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3

AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3

2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3

2034E977759F4EB2226914BFC58F2758 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3

B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3

B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3

3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3

3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3

C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3

C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3

45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3

45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3

9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3

9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3

3FCF47BD73094FA62D81373515F46110 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

1BFD18699636B8F1AA26675BA43D2F8F - C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll - Shockwave for Director / Shockwave for Director

9013599B12923A45C029C34E8D2211AC - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll - Silverlight Plug-In

54BC55D3D9BD33A6CE38F811CF836794 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa

C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery

26A69DB65300B7D98BCA9678BBB0C87E - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll - Java Deployment Toolkit 6.0.210.7

26A69DB65300B7D98BCA9678BBB0C87E - C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll - Java Deployment Toolkit 6.0.210.7

2D5394FF0E31FFEFB5049F0911E91D89 - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll - Java Platform SE 6 U21

24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

53BA26B071D0B83BD16E3F21C9DF6497 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Multimedia Plug-in

9317118077072C08CD84597D2925249A - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

BCDFF548F7D31A2BCF1CF98DA7EB5445 - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll - MetaStream 3 Plugin

BF2AD333C79072EEBE5AE0D72670E64E - c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrlui.dll - Microsoft® Silverlight

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com?SearchSource=10&ctid=CT1142338/"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb"

"Default_Page_URL"="http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=nl_nl&c=83&bd=Pavilion&pf=cnnb"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{02CACCBE-FA6D-4135-9F9A-A044E3DB93E7} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1172&query={searchTerms}&invocationType=tb50hpcnnbie7-nl-nl"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{EFF898FC-63E5-4A10-8DC0-C3C92D446EDF} Kelkoo Url="http://nl.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913935"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_USERS\S-1-5-21-2375630481-354926249-1345960425-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{930f1200-f5f1-4870-bac6-e233ec8e7023} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyOverride.Bonjour.bak"="*.local"

"ProxyOverride.Bonjour"=""

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyOverride.Bonjour.bak"="*.local"

"ProxyOverride.Bonjour"=""

"ProxyEnable"=dword:00000000

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe,C:\Program Files\Soluto\soluto.exe /userinit

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - (no file)

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: @C:\Program Files\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Ad-Aware Service - Lavasoft Limited - C:\Program Files\Ad-Aware Antivirus\AdAwareService.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\aestsrv.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: HP Service (hpsrv) - Hewlett-Packard Corporation - C:\Windows\system32\Hpservice.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: Installer Service - Unknown owner - C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{07D77970-B205-460C-84E4-263F30455597}\Installer\InstallerService.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: Rapport Management Service (RapportMgmtService) - Trusteer Ltd. - C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

O23 - Service: Recovery Service for Windows - Unknown owner - C:\Windows\SMINST\BLService.exe

O23 - Service: Ad-Aware (SBAMSvc) - GFI Software - C:\Program Files\Ad-Aware Antivirus\SBAMSvc.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_030ac640\STacSV.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Nathalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Nathalie\AppData\Local\Mozilla\Firefox\Profiles\v6u5wlxi.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Nathalie\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Nathalie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

- - - Updated - - -

Ik ga a.s. donderdag - met hulp van een huisgenoot- mijn laptop eens stofvrij maken! Mocht dat (geen) resultaat opleveren dan laat ik dat donderdag even weten!

- - - Updated - - -

Ik ga a.s. donderdag - met hulp van een huisgenoot- mijn laptop eens stofvrij maken! Mocht dat (geen) resultaat opleveren dan laat ik dat donderdag even weten!

[juisterr]

Is goed hoor.