Ga naar inhoud

Oude vaste pc sloom + vol ad's


Aanbevolen berichten

Dit is de log van mijn Hijack die ik deed:

Logfile of random's system information tool 1.09 (written by random/random)

Run by Gebruiker at 2013-10-29 15:44:19

Microsoft Windows XP Professional Service Pack 3

System drive C: has 19 GB (12%) free of 153 GB

Total RAM: 3322 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 16:09:24, on 29/10/2013

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Citrix\ICA Client\ssonsvr.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

C:\WINDOWS\sttray.exe

C:\Program Files\Citrix\ICA Client\concentr.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

C:\Program Files\ExpressFiles\EFUpdater.exe

C:\Program Files\Citrix\ICA Client\WFCRUN32.EXE

C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\STacSV.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

C:\Program Files\iPod\bin\iPodService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

C:\Program Files\trend micro\Gebruiker.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Babylon Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MyHeritage.com Search

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

R3 - URLSearchHook: Spelletjes Toolbar - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spelletjes - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll

O3 - Toolbar: Spelletjes Toolbar - {2b0cf91e-63d5-4474-9229-134d0b96fb28} - C:\Program Files\Spelletjes\prxtbSpe2.dll

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Online plug-in.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: ambulantpdtb - {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files\AMIS\PdtbIePlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

--

End of file - 14231 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

C:\WINDOWS\tasks\Express FilesUpdate.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003Core.job

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003UA.job

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job

C:\WINDOWS\tasks\Norton Security Scan for Gebruiker.job

C:\WINDOWS\tasks\User_Feed_Synchronization-{CA43B98B-FEE6-480B-95E1-6E742A413AAA}.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

prefs.js - "browser.search.useDBForOrder" - true

prefs.js - "browser.startup.homepage" - "https://www.google.be/"

prefs.js - "keyword.URL" - "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=KW_ss&mntrId=f4c1ce27000000000000001cc02a6bc2&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

"belgiumeid@eid.belgium.be"=C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.117 Plugin

"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.1]

"Description"=

"Path"=C:\WINDOWS\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]

"Description"=Office Live Update v1.3

"Path"=C:\Program Files\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]

"Description"=Windows Presentation Foundation plug-in for Mozilla browsers

"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@zylom.com/ZylomGamesPlayer]

"Description"=Zylom Games Player 1.00

"Path"=C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll

C:\Program Files\Mozilla Firefox\extensions\

belgiumeid@eid.belgium.be

C:\Program Files\Mozilla Firefox\components\

IICAClient.xpt

nsIQTScriptablePlugin.xpt

nsIZylomPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\

CCMSDK.dll

cgpcfg.dll

CgpCore.dll

confmgr.dll

ctxlogging.dll

ctxmui.dll

ICAClObj.class

icafile.dll

icalogon.dll

npicaN.dll

NPOFF12.DLL

nppdf32.dll

npqtplugin.dll

npqtplugin2.dll

npqtplugin3.dll

npqtplugin4.dll

npqtplugin5.dll

npqtplugin6.dll

npqtplugin7.dll

npvsharetvplg.dll

npzylomgamesplayer.dll

QuickTimePlugin.class

sslsdk_b.dll

TcpPServ.dll

C:\Program Files\Mozilla Firefox\searchplugins\

babylon.xml

SearchquWebSearch.xml

yahoo-nl.xml

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\

df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com

en-gb@flyingtophat.co.uk

engine@conduit(2).com

firefox@diamondata.net

fr-classique@dictionaries.addons.mozilla(2).org

{20a82645-c095-46ed-80e3-08825760534b}

{2b0cf91e-63d5-4474-9229-134d0b96fb28}

{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2)

{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2)

{9494ded5-43f8-4571-bf19-fe88853faa74}(2)

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\

babylon.xml

BabylonMngr.xml

bing.xml

conduit.xml

SearchquWebSearch.xml

startsear.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]

Adobe PDF Reader Help bij koppelingen - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2011-08-30 61888]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b0cf91e-63d5-4474-9229-134d0b96fb28}]

Spelletjes Toolbar - C:\Program Files\Spelletjes\prxtbSpe2.dll [2013-10-14 226592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05 453544]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05 157616]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]

Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2010-04-16 1067872]

{4064EA35-578D-4073-A834-C96D82CBCF40} - &Save Flash - C:\Program Files\Save Flash\SaveFlash.dll [2010-06-01 1210368]

{2b0cf91e-63d5-4474-9229-134d0b96fb28} - Spelletjes Toolbar - C:\Program Files\Spelletjes\prxtbSpe2.dll [2013-10-14 226592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]

"SigmatelSysTrayApp"=C:\WINDOWS\sttray.exe [2007-09-26 303104]

"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

"ConnectionCenter"=C:\Program Files\Citrix\ICA Client\concentr.exe [2010-10-12 304568]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2011-08-31 40368]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2011-03-29 937920]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]

"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24 49208]

""= []

"beidsccertprop"=C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe [2012-02-21 31768]

"Family Tree Builder Update"=C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe [2011-12-21 229376]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-01-17 252296]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-08-27 59280]

"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2012-04-18 421888]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-09-09 421776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

"Google Update"=C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-04-13 136176]

"ares"=C:\Program Files\Ares\Ares.exe -h []

"EA Core"=C:\Program Files\Electronic Arts\EADM\Core.exe -silent []

"RGSC"=C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe [2008-12-13 306088]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten

Online plug-in.lnk - C:\WINDOWS\Installer\{0F1F7A90-E71B-4E45-A066-2891619F22E1}\pnaico.exe.20FBBF0A_A7E5_4BDE_9798_9811C3D135AC.exe

VPN Client.lnk - C:\WINDOWS\Installer\{51FB15F4-AD27-43BC-AD4B-DD0354FB6BBD}\Icon3E5562ED7.ico

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten

OneNote 2007 Schermopname en Snel starten.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 265096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"

"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java Platform SE binary"

"C:\Program Files\mIRC\mirc.exe"="C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC"

"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

"C:\Games\Worms Armageddon - New Edition\WA.exe"="C:\Games\Worms Armageddon - New Edition\WA.exe:*:Disabled:Worms Armageddon"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\FIFA_08_No_DVD_Crack-FLTSUX\FIFA08.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\FIFA_08_No_DVD_Crack-FLTSUX\FIFA08.exe:*:Enabled:FIFA08"

"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"

"C:\Program Files\Soldier of Fortune II - Double Helix\SoF2MP.exe"="C:\Program Files\Soldier of Fortune II - Double Helix\SoF2MP.exe:*:Enabled:SoF2MP"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe:*:Enabled:sof2"

"C:\Documents and Settings\Gebruiker\Bureaublad\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe"="C:\Documents and Settings\Gebruiker\Bureaublad\Soldier Of Fortune II - Double Helix (Gold Edition)\MultiPlayer (Y)\CD-Skiva\Soldier Of Fortune II Multiplayer (Irrelevant mapp)\sof2.exe:*:Enabled:sof2"

"C:\Program Files\Ares\Ares.exe"="C:\Program Files\Ares\Ares.exe:*:Disabled:Ares p2p for windows"

"C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe"="C:\Program Files\EA Sports\FIFA 11\Game\fifa.exe:*:Enabled:FIFA 11"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX00.938\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX00.938\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX01.047\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX01.047\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.094\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.094\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.938\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX08.938\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX09.329\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\Rar$EX09.329\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\NBA 2K12\packages\directx\nba2k12.exe"="C:\Documents and Settings\Gebruiker\Mijn documenten\Downloads\NBA 2K12\packages\directx\nba2k12.exe:*:Enabled:2K Sports NBA 2K12"

"C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe"="C:\Program Files\Codemasters\DiRT 3\dirt3_game.exe:*:Enabled:DiRT 3"

"C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe"="C:\Program Files\Electronic Arts\Battlefield Bad Company 2\BFBC2Updater.exe:*:Enabled:Battlefield: Bad Company™ 2"

"C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe"="C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe:*:Enabled:Daemonu.exe"

"C:\Documents and Settings\Gebruiker\Local Settings\Temp\7zS1.tmp\SymNRT.exe"="C:\Documents and Settings\Gebruiker\Local Settings\Temp\7zS1.tmp\SymNRT.exe:*:Enabled:Norton Removal Tool"

"C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe"="C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe:LocalSubNet:Enabled:HP-apparaatinstellingen (HP Officejet Pro 8600)"

"C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe"="C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe:LocalSubNet:Enabled:HP Netwerk communicator (HP Officejet Pro 8600)"

"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"

"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour-service"

"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"

"C:\Program Files\FIFA 13\Game\fifa13.exe"="C:\Program Files\FIFA 13\Game\fifa13.exe:*:Enabled:FIFA 13"

"C:\Program Files\Grand Theft Auto IV\GTAIV.exe"="C:\Program Files\Grand Theft Auto IV\GTAIV.exe:*:Enabled:Grand Theft Auto IV"

"C:\Program Files\ExpressFiles\expressdl.exe"="C:\Program Files\ExpressFiles\expressdl.exe:*:Enabled:Express Files"

"C:\Program Files\ExpressFiles\ExpressFiles.exe"="C:\Program Files\ExpressFiles\ExpressFiles.exe:*:Enabled:Express Files"

"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"

"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe"="C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.trspch"=tssoft32.acm

"vidc.cvid"=iccvid.dll

"vidc.I420"=msh263.drv

"vidc.iv31"=ir32_32.dll

"vidc.iv32"=ir32_32.dll

"vidc.iv41"=ir41_32.ax

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"msacm.msg723"=msg723.acm

"vidc.M263"=msh263.drv

"vidc.M261"=msh261.drv

"msacm.msaudio1"=msaud32.acm

"msacm.sl_anet"=sl_anet.acm

"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax

"vidc.iv50"=ir50_32.dll

"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

======List of files/folders created in the last 2 months======

2013-10-29 15:44:19 ----D---- C:\rsit

2013-10-29 15:44:19 ----D---- C:\Program Files\trend micro

2013-10-23 11:36:06 ----D---- C:\Documents and Settings\Gebruiker\Application Data\Malwarebytes

2013-10-23 11:35:50 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2013-10-23 11:35:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2013-10-23 11:35:48 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2013-10-10 02:08:37 ----HDC---- C:\WINDOWS\$NtUninstallKB2847311$

2013-10-10 02:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB2862335$

2013-10-10 02:03:40 ----HDC---- C:\WINDOWS\$NtUninstallKB2868038$

2013-10-10 02:02:18 ----HDC---- C:\WINDOWS\$NtUninstallKB2883150$

2013-10-10 02:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB2862330$

2013-10-02 17:39:21 ----D---- C:\Program Files\Common Files\Skype

2013-09-14 18:23:06 ----D---- C:\Documents and Settings\All Users\Application Data\BitGuard

2013-09-13 02:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB2876315$

2013-09-13 02:04:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2876217$

2013-09-13 02:04:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2864063$

======List of files/folders modified in the last 2 months======

2013-10-29 15:44:30 ----D---- C:\WINDOWS\Prefetch

2013-10-29 15:44:19 ----RD---- C:\Program Files

2013-10-29 14:35:28 ----D---- C:\WINDOWS\Temp

2013-10-29 14:29:21 ----D---- C:\WINDOWS\system32

2013-10-29 13:11:57 ----A---- C:\WINDOWS\MyHeritage.INI

2013-10-29 13:11:46 ----SD---- C:\WINDOWS\Tasks

2013-10-29 13:06:13 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2013-10-29 13:03:30 ----A---- C:\WINDOWS\SchedLgU.Txt

2013-10-29 13:03:01 ----D---- C:\WINDOWS\system32\CatRoot2

2013-10-29 13:01:22 ----D---- C:\WINDOWS\system32\drivers

2013-10-29 12:58:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2633171$

2013-10-28 19:34:51 ----D---- C:\Program Files\Common Files\Symantec Shared

2013-10-24 20:48:38 ----D---- C:\Program Files\Spelletjes

2013-10-23 13:13:18 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe

2013-10-23 12:31:05 ----D---- C:\WINDOWS

2013-10-23 12:17:53 ----HDC---- C:\WINDOWS\$NtUninstallKB979687$

2013-10-23 12:15:17 ----D---- C:\Documents and Settings\Gebruiker\Application Data\Skype

2013-10-20 05:54:58 ----A---- C:\WINDOWS\NeroDigital.ini

2013-10-14 02:02:59 ----D---- C:\WINDOWS\Microsoft.NET

2013-10-14 02:00:31 ----SHD---- C:\WINDOWS\Installer

2013-10-14 02:00:31 ----SHD---- C:\Config.Msi

2013-10-13 13:18:31 ----D---- C:\Documents and Settings\All Users\Application Data\Skype

2013-10-13 13:18:28 ----RD---- C:\Program Files\Skype

2013-10-13 11:40:09 ----D---- C:\Program Files\ExpressFiles

2013-10-10 02:27:51 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-10 02:14:54 ----RSD---- C:\WINDOWS\assembly

2013-10-10 02:11:20 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help

2013-10-10 02:10:22 ----D---- C:\WINDOWS\WinSxS

2013-10-10 02:08:40 ----HD---- C:\WINDOWS\inf

2013-10-10 02:08:40 ----A---- C:\WINDOWS\imsins.BAK

2013-10-10 02:08:39 ----RSHDC---- C:\WINDOWS\system32\dllcache

2013-10-10 02:07:51 ----D---- C:\WINDOWS\system32\MRT

2013-10-10 02:05:39 ----A---- C:\WINDOWS\system32\MRT.exe

2013-10-10 02:02:43 ----D---- C:\Program Files\Internet Explorer

2013-10-10 02:00:47 ----D---- C:\Program Files\Microsoft Security Client

2013-10-03 19:53:28 ----D---- C:\Program Files\Mozilla Firefox

2013-10-03 19:53:06 ----D---- C:\Program Files\Mozilla Maintenance Service

2013-10-02 17:39:21 ----D---- C:\Program Files\Common Files

2013-09-23 22:55:12 ----A---- C:\WINDOWS\system32\ieframe.dll

2013-09-23 19:25:15 ----A---- C:\WINDOWS\system32\wininet.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\urlmon.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\url.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\occache.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mstime.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mshtmled.dll

2013-09-23 19:25:14 ----A---- C:\WINDOWS\system32\mshtml.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\msfeedsbs.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\msfeeds.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\licmgr10.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\jsproxy.dll

2013-09-23 19:25:12 ----A---- C:\WINDOWS\system32\iertutil.dll

2013-09-23 19:25:11 ----A---- C:\WINDOWS\system32\iepeers.dll

2013-09-23 19:25:08 ----A---- C:\WINDOWS\system32\iedkcs32.dll

2013-09-23 19:25:08 ----A---- C:\WINDOWS\system32\corpol.dll

2013-09-23 19:07:19 ----A---- C:\WINDOWS\system32\ie4uinit.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel RAID Controller; C:\WINDOWS\system32\drivers\iaStor.sys [2007-03-21 304920]

R0 MpFilter;Microsoft Malware Protection Driver; C:\WINDOWS\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 ohci1394;Texas Instruments OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2010-04-15 691696]

R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2011-02-26 82380]

R1 ctxusbm;Citrix USB Monitor Driver; C:\WINDOWS\system32\DRIVERS\ctxusbm.sys [2010-07-14 65584]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys [2012-04-04 242240]

R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]

R1 kbdhid;Stuurprogramma voor toetsenbord-HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14720]

R2 CVPNDRVA;Cisco Systems Inc. IPSec Driver; \??\C:\WINDOWS\system32\Drivers\CVPNDRVA.sys []

R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 DNE;Deterministic Network Enhancer Miniport; C:\WINDOWS\system32\DRIVERS\dne2000.sys [2008-03-29 125328]

R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-09-26 254872]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2012-08-21 26840]

R3 HDAudBus;Microsoft UAA-busstuurprogramma voor High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 HECI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-03-13 44672]

R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]

R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-10-29 12288]

R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2012-02-09 13415040]

R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda32.sys [2011-05-25 119528]

R3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2007-09-26 54272]

R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-09-26 1184168]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\WINDOWS\system32\DRIVERS\serscan.sys [2001-09-06 6912]

R3 usbccgp;Microsoft generiek hoofd-USB-stuurprogramma; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]

S3 a3o9h6uf;a3o9h6uf; C:\WINDOWS\system32\drivers\a3o9h6uf.sys []

S3 aibpzjc9;aibpzjc9; C:\WINDOWS\system32\drivers\aibpzjc9.sys []

S3 CVirtA;Cisco Systems VPN Adapter; C:\WINDOWS\system32\DRIVERS\CVirtA.sys [2007-01-18 5275]

S3 se58bus;Sony Ericsson Device 088 driver (WDM); C:\WINDOWS\system32\DRIVERS\se58bus.sys [2006-09-05 61536]

S3 SONYPVU1;Sony USB-filterstuurrapparaat (SONYPVU1); C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS [2001-08-17 7552]

S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2010-09-28 41984]

S3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2012-07-19 29184]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]

S3 usbstor;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

S3 vsdatant;vsdatant; \??\C:\WINDOWS\system32\vsdatant.sys []

S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]

S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-08-11 55184]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 CVPND;Cisco Systems, Inc. VPN Service; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [2008-08-29 1528608]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe [2012-07-05 161704]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]

R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-25 2214504]

R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe [2011-10-25 793048]

R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]

R2 STacSV;SigmaTel Audio Service; C:\WINDOWS\system32\STacSV.exe [2007-09-26 90112]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

R3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-09-09 821648]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-08 136176]

S2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]

S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-09-05 171680]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-23 257416]

S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]

S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-08 136176]

S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]

S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-10-03 118680]

S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-01 271920]

S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

S3 WMPNetworkSvc;Windows Media Player Network Sharing-service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-11-02 917504]

S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

Bij voorbaat dank!

Link naar reactie
Delen op andere sites

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook; 
 {2b0cf91e-63d5-4474-9229-134d0b96fb28};c
 C:\Program Files\Spelletjes\prxtbSpe2.dll;f
 {5C255C8A-E604-49b4-9D64-90988571CECB};c
 C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml;f
 C:\Program Files\Mozilla Firefox\searchplugins\yahoo-nl.xml;f
 C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml;f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e...6207813324.com;fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\engine@conduit(2).com;fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\[email="firefox@diamondata.net"]firefox@diamondata.net[/email];f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\babylon.xml;f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\BabylonMngr.xml;f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\conduit.xml;f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\SearchquWebSearch.xml;f
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\startsear.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b0cf91e-63d5-4474-9229-134d0b96fb28}];r
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1};fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{2b0cf91e-63d5-4474-9229-134d0b96fb28};fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5};fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions {9494ded5-43f8-4571-bf19-fe88853faa74};fs
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 ""=-;r
 C:\Documents and Settings\All Users\Application Data\BitGuard;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Dag kape,

Bedankt voor je antwoord. Ik krijg het zoek.exe bestand echter niet open.

Wanneer ik de zipfile download en uitpak op het bureaublad zie ik 3 icoontjes. Wanneer ik er dubbelklik lijkt er wel iets open te gaan, maar dat verdwijnt onmiddellijk. Hoe kan ik dit voorkomen of doe ik iets fouts?

Tranqer

- - - Updated - - -

Laat maar, het is plots opgestart :)

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Gebruiker on do 31/10/2013 at 17:39:56,04.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Gebruiker\Bureaublad\zoek.exe [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-10-31-163948.log 20044 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{8A96AF9E-4074-43b7-BEA3-87217BDA7406} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{D73E11CB-F204-4E65-B08C-0A1B87F75CC1} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\prefs.js:

Added to C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\prefs.js:

user_pref("browser.startup.homepage", "https://www.google.be/");

user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2928232&SearchSource=3&q={searchTerms}");

user_pref("browser.newtab.url", "about:home");

user_pref("browser.search.defaultengine", "Web Search");

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "Search the web (Babylon)");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Search the web (Babylon)");

user_pref("keyword.URL", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=KW_ss&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("browser.search.useDBForOrder", true);

Added to C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\prefs.js:

user_pref("browser.startup.homepage", "http://www.google.com");

user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "http://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20133110_1746_.backup

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar.admin", false);

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.id", "f4c1ce27000000000000001cc02a6bc2");

user_pref("extensions.BabylonToolbar.instlDay", "15613");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");

user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "about:home");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:06:35");

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=f4c1ce27000000000000001cc02a6bc2&q=");

user_pref("extensions.BabylonToolbar.id", "f4c1ce27000000000000001cc02a6bc2");

user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");

user_pref("extensions.BabylonToolbar.instlDay", "15613");

user_pref("extensions.BabylonToolbar.vrsn", "1.8.0.7");

user_pref("extensions.BabylonToolbar.vrsni", "1.8.0.7");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.0.718:06:35");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar.tlbrId", "base");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.admin", false);

---- Lines CT2088433 removed from prefs.js ----

user_pref("CommunityToolbar.ToolbarsList", "CT2088433,CT2269050,ConduitEngine,CT2661040,CT2928232");

user_pref("CommunityToolbar.ToolbarsList2", "CT2088433,CT2269050,CT2661040,CT2928232");

user_pref("CT2088433.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2088433.alertChannelId", "514448");

user_pref("CT2088433.backendstorage.http://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");

user_pref("CT2088433.clientLogIsEnabled", true);

user_pref("CT2088433.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2088433.CTID", "CT2088433");

user_pref("CT2088433.CurrentServerDate", "25-9-2010");

user_pref("CT2088433.DialogsAlignMode", "LTR");

user_pref("CT2088433.DownloadReferralCookieData", "");

user_pref("CT2088433.EMailNotifierPollDate", "Sat Sep 25 2010 13:13:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate128987942421563064", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate129235006468118858", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ExternalComponentPollDate129237589749795253", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedLastCount128728594662093846", 365);

user_pref("CT2088433.FeedPollDate128728593579282204", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728593868969193", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728594303656973", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728594641156345", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728605119906817", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728620224750982", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728621999281513", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728624614438005", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728631330531749", "Sat Sep 25 2010 11:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637292250655", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637427719582", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedPollDate128728637736781257", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.FeedTTL128728593579282204", 5);

user_pref("CT2088433.FeedTTL128728624614438005", 30);

user_pref("CT2088433.FeedTTL128728637292250655", 15);

user_pref("CT2088433.FirstServerDate", "23-9-2010");

user_pref("CT2088433.FirstTime", true);

user_pref("CT2088433.FirstTimeFF3", true);

user_pref("CT2088433.FirstTimeSettingsDone", true);

user_pref("CT2088433.FixPageNotFoundErrors", false);

user_pref("CT2088433.GroupingServerCheckInterval", 1440);

user_pref("CT2088433.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2088433.Initialize", true);

user_pref("CT2088433.InitializeCommonPrefs", true);

user_pref("CT2088433.InstallationAndCookieDataSentCount", 3);

user_pref("CT2088433.InstalledDate", "Thu Sep 23 2010 19:56:29 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.InvalidateCache", false);

user_pref("CT2088433.IsGrouping", false);

user_pref("CT2088433.IsMulticommunity", false);

user_pref("CT2088433.IsOpenThankYouPage", true);

user_pref("CT2088433.IsOpenUninstallPage", true);

user_pref("CT2088433.LanguagePackLastCheckTime", "Sat Sep 25 2010 07:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2088433.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2088433.LastLogin_2.7.2.0", "Sat Sep 25 2010 11:18:42 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.LatestVersion", "2.7.2.0");

user_pref("CT2088433.Locale", "nl");

user_pref("CT2088433.LoginCache", 4);

user_pref("CT2088433.MCDetectTooltipHeight", "83");

user_pref("CT2088433.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2088433.MCDetectTooltipWidth", "295");

user_pref("CT2088433.myStuffEnabled", true);

user_pref("CT2088433.myStuffPublihserMinWidth", 400);

user_pref("CT2088433.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2088433.myStuffServiceIntervalMM", 1440);

user_pref("CT2088433.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2088433.RadioIsPodcast", false);

user_pref("CT2088433.RadioLastCheckTime", "Sat Sep 25 2010 07:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.RadioLastUpdateIPServer", "3");

user_pref("CT2088433.RadioLastUpdateServer", "128929877726170000");

user_pref("CT2088433.RadioMediaID", "9446509");

user_pref("CT2088433.RadioMediaType", "Media Player");

user_pref("CT2088433.RadioMenuSelectedID", "EBRadioMenu_CT20884339446509");

user_pref("CT2088433.RadioStationName", "Radio%201%20");

user_pref("CT2088433.RadioStationURL", "http://www.omroep.nl/live/radio1-breed.asx");

user_pref("CT2088433.SearchEngine", "Zoek||Zoeken UCM_SEARCH_TERM

user_pref("CT2088433.SearchFromAddressBarIsInit", true);

user_pref("CT2088433.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2088433&q=");

user_pref("CT2088433.SearchInNewTabEnabled", true);

user_pref("CT2088433.SearchInNewTabIntervalMM", 1440);

user_pref("CT2088433.SearchInNewTabLastCheckTime", "Sat Sep 25 2010 07:18:41 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2088433.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2088433.SettingsCheckIntervalMin", 120);

user_pref("CT2088433.SettingsLastCheckTime", "Sat Sep 25 2010 13:16:22 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.SettingsLastUpdate", "1281128535");

user_pref("CT2088433.ThirdPartyComponentsInterval", 504);

user_pref("CT2088433.ThirdPartyComponentsLastCheck", "Thu Sep 23 2010 19:56:26 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.ThirdPartyComponentsLastUpdate", "1256029839");

user_pref("CT2088433.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT2088433.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2088433.UserID", "UN74997904459673457");

user_pref("CT2088433.ValidationData_Toolbar", 1);

user_pref("CT2088433.WeatherNetwork", "");

user_pref("CT2088433.WeatherPollDate", "Sat Sep 25 2010 12:48:43 GMT+0200 (Romance (zomertijd))");

user_pref("CT2088433.WeatherUnit", "C");

---- Lines CT2269050 removed from prefs.js ----

user_pref("CT2269050.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2269050.alertChannelId", "666138");

user_pref("CT2269050.clientLogIsEnabled", true);

user_pref("CT2269050.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2269050.CTID", "CT2269050");

user_pref("CT2269050.CurrentServerDate", "18-12-2010");

user_pref("CT2269050.DialogsAlignMode", "LTR");

user_pref("CT2269050.DownloadReferralCookieData", "");

user_pref("CT2269050.EMailNotifierPollDate", "Sat Dec 18 2010 09:49:24 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.FirstServerDate", "18-12-2010");

user_pref("CT2269050.FirstTime", true);

user_pref("CT2269050.FirstTimeFF3", true);

user_pref("CT2269050.FirstTimeSettingsDone", true);

user_pref("CT2269050.FixPageNotFoundErrors", true);

user_pref("CT2269050.GroupingServerCheckInterval", 1440);

user_pref("CT2269050.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2269050.Initialize", true);

user_pref("CT2269050.InitializeCommonPrefs", true);

user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);

user_pref("CT2269050.InstallationType", "UnknownIntegration");

user_pref("CT2269050.InstalledDate", "Fri Dec 17 2010 22:48:31 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.InvalidateCache", false);

user_pref("CT2269050.IsGrouping", false);

user_pref("CT2269050.IsMulticommunity", false);

user_pref("CT2269050.IsOpenThankYouPage", false);

user_pref("CT2269050.IsOpenUninstallPage", false);

user_pref("CT2269050.LanguagePackLastCheckTime", "Fri Dec 17 2010 22:48:34 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2269050.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2269050.LastLogin_2.7.2.0", "Sat Dec 18 2010 09:49:25 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.LatestVersion", "3.2.5.2");

user_pref("CT2269050.Locale", "en");

user_pref("CT2269050.LoginCache", 4);

user_pref("CT2269050.MCDetectTooltipHeight", "83");

user_pref("CT2269050.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2269050.MCDetectTooltipWidth", "295");

user_pref("CT2269050.myStuffEnabled", true);

user_pref("CT2269050.myStuffPublihserMinWidth", 400);

user_pref("CT2269050.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2269050.myStuffServiceIntervalMM", 1440);

user_pref("CT2269050.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2269050.RadioIsPodcast", false);

user_pref("CT2269050.RadioLastCheckTime", "Fri Dec 17 2010 22:48:32 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.RadioLastUpdateIPServer", "3");

user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");

user_pref("CT2269050.RadioMediaID", "12473383");

user_pref("CT2269050.RadioMediaType", "Media Player");

user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");

user_pref("CT2269050.RadioStationName", "Hotmix%20108");

user_pref("CT2269050.RadioStationURL", "http://67.202.67.18:8082");

user_pref("CT2269050.SearchEngine", "Search||Zoeken UCM_SEARCH_TERM

user_pref("CT2269050.SearchFromAddressBarIsInit", true);

user_pref("CT2269050.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&q=");

user_pref("CT2269050.SearchInNewTabEnabled", true);

user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);

user_pref("CT2269050.SearchInNewTabLastCheckTime", "Fri Dec 17 2010 22:48:32 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2269050.SettingsCheckIntervalMin", 120);

user_pref("CT2269050.SettingsLastCheckTime", "Sat Dec 18 2010 08:57:04 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.SettingsLastUpdate", "1292581440");

user_pref("CT2269050.ThirdPartyComponentsInterval", 504);

user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Dec 17 2010 22:48:31 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");

user_pref("CT2269050.TrusteLinkUrl", "http://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");

user_pref("CT2269050.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2269050.UserID", "UN97155355317133530");

user_pref("CT2269050.WeatherNetwork", "");

user_pref("CT2269050.WeatherPollDate", "Sat Dec 18 2010 09:49:26 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2269050.WeatherUnit", "C");

---- Lines CT2661040 removed from prefs.js ----

user_pref("CommunityToolbar.CantToolbarBeEngineOwner", "CT2661040");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2661040", "\"1300282998\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2661040/CT2661040", "\"1301829146\"");

user_pref("CT2661040..clientLogIsEnabled", true);

user_pref("CT2661040..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2661040..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2661040.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2661040.alertChannelId", "1053590");

user_pref("CT2661040.backendstorage.gs_dailyactivity", "31333034323632383631393031");

user_pref("CT2661040.backendstorage.gs_lifetimesent", "54525545");

user_pref("CT2661040.CTID", "CT2661040");

user_pref("CT2661040.CurrentServerDate", "1-5-2011");

user_pref("CT2661040.DialogsAlignMode", "LTR");

user_pref("CT2661040.DialogsGetterLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.DownloadReferralCookieData", "");

user_pref("CT2661040.ExternalComponentPollDate129285126639444459", "Sun May 01 2011 19:30:44 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.ExternalComponentPollDate129285126779288061", "Sun May 01 2011 19:30:44 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.FirstServerDate", "1-5-2011");

user_pref("CT2661040.FirstTime", true);

user_pref("CT2661040.FirstTimeFF3", true);

user_pref("CT2661040.FixPageNotFoundErrors", true);

user_pref("CT2661040.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.com\",\"AppsDetectionUrl

user_pref("CT2661040.globalFirstTimeInfoLastCheckTime", "Sun May 01 2011 21:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.GroupingServerCheckInterval", 1440);

user_pref("CT2661040.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2661040.HasUserGlobalKeys", true);

user_pref("CT2661040.Initialize", true);

user_pref("CT2661040.InitializeCommonPrefs", true);

user_pref("CT2661040.InstallationAndCookieDataSentCount", 1);

user_pref("CT2661040.InstallationId", "Spill_gamesgames_CT2661040.exe");

user_pref("CT2661040.InstallationType", "ConduitIntegration");

user_pref("CT2661040.InstalledDate", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.InvalidateCache", false);

user_pref("CT2661040.isAppTrackingManagerOn", true);

user_pref("CT2661040.IsGrouping", false);

user_pref("CT2661040.IsMulticommunity", false);

user_pref("CT2661040.IsOpenThankYouPage", false);

user_pref("CT2661040.IsOpenUninstallPage", true);

user_pref("CT2661040.LanguagePackLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2661040.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2661040.LastLogin_3.3.2.1", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.LatestVersion", "3.2.5.2");

user_pref("CT2661040.Locale", "en-us");

user_pref("CT2661040.MCDetectTooltipHeight", "83");

user_pref("CT2661040.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2661040.MCDetectTooltipWidth", "295");

user_pref("CT2661040.myStuffEnabled", true);

user_pref("CT2661040.myStuffPublihserMinWidth", 400);

user_pref("CT2661040.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2661040.myStuffServiceIntervalMM", 1440);

user_pref("CT2661040.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2661040.RadioIsPodcast", false);

user_pref("CT2661040.RadioLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.RadioLastUpdateIPServer", "3");

user_pref("CT2661040.RadioLastUpdateServer", "3");

user_pref("CT2661040.RadioMediaID", "9962");

user_pref("CT2661040.RadioMediaType", "Media Player");

user_pref("CT2661040.RadioMenuSelectedID", "EBRadioMenu_CT26610409962");

user_pref("CT2661040.RadioStationName", "California%20Rock");

user_pref("CT2661040.RadioStationURL", "http://feedlive.net/california.asx");

user_pref("CT2661040.SavedHomepage", "http://www.google.be/");

user_pref("CT2661040.SearchFromAddressBarIsInit", true);

user_pref("CT2661040.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2661040&SearchSource=2&q=");

user_pref("CT2661040.SearchInNewTabEnabled", true);

user_pref("CT2661040.SearchInNewTabIntervalMM", 1440);

user_pref("CT2661040.SearchInNewTabLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2661040.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2661040.SearchInNewTabUserEnabled", false);

user_pref("CT2661040.ServiceMapLastCheckTime", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SettingsLastCheckTime", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.SettingsLastUpdate", "1301829146");

user_pref("CT2661040.testingCtid", "");

user_pref("CT2661040.ThirdPartyComponentsInterval", 504);

user_pref("CT2661040.ThirdPartyComponentsLastCheck", "Sun May 01 2011 17:14:19 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.ThirdPartyComponentsLastUpdate", "1246786978");

user_pref("CT2661040.toolbarAppMetaDataLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.toolbarContextMenuLastCheckTime", "Sun May 01 2011 17:14:21 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.TrusteLinkUrl", "http://trust.conduit.com/CT2661040");

user_pref("CT2661040.usagesFlag", 1);

user_pref("CT2661040.UserID", "UN99038172216644458");

user_pref("CT2661040.WeatherNetwork", "");

user_pref("CT2661040.WeatherPollDate", "Sun May 01 2011 19:44:45 GMT+0200 (Romance (zomertijd))");

user_pref("CT2661040.WeatherUnit", "C");

---- Lines CT2928232 removed from prefs.js ----

user_pref("CommunityToolbar.ConduitHomepagesList", "http://search.conduit.com/?ctid=CT2928232&SearchSource=13");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2928232", "\"1298556922\"");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=ct2928232", "\"1298556922\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2928232", "\"634485749189530000\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=CT2928232&octid=CT2928232", "\"1312118247\"");

user_pref("CommunityToolbar.ETag.http://settings.toolbar.conduit-services.com/?ctid=ct2928232&octid=CT2928232", "\"1312118247\"");

user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2928232");

user_pref("CommunityToolbar.ToolbarsList4", "CT2928232");

user_pref("CT2928232..clientLogIsEnabled", true);

user_pref("CT2928232..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2928232..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2928232.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2928232.alertChannelId", "1320116");

user_pref("CT2928232.ct2928232.DialogsAlignMode", "LTR");

user_pref("CT2928232.ct2928232.globalFirstTimeInfoLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.InvalidateCache", false);

user_pref("CT2928232.ct2928232.LanguagePackLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.Locale", "nl");

user_pref("CT2928232.ct2928232.RadioLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.RadioLastUpdateIPServer", "3");

user_pref("CT2928232.ct2928232.RadioLastUpdateServer", "3");

user_pref("CT2928232.ct2928232.SearchInNewTabLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.SettingsLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.SettingsLastUpdate", "1312118247");

user_pref("CT2928232.ct2928232.ThirdPartyComponentsLastCheck", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.ThirdPartyComponentsLastUpdate", "1256026239");

user_pref("CT2928232.ct2928232.toolbarAppMetaDataLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ct2928232.toolbarContextMenuLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.CTID", "ct2928232");

user_pref("CT2928232.CurrentServerDate", "20-8-2011");

user_pref("CT2928232.DialogsAlignMode", "LTR");

user_pref("CT2928232.DialogsGetterLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.DownloadReferralCookieData", "");

user_pref("CT2928232.ExternalComponentPollDate129430338421937992", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ExternalComponentPollDate129430338591468879", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.FirstServerDate", "20-8-2011");

user_pref("CT2928232.FirstTime", true);

user_pref("CT2928232.FirstTimeFF3", true);

user_pref("CT2928232.FixPageNotFoundErrors", true);

user_pref("CT2928232.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.

user_pref("CT2928232.globalFirstTimeInfoLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.GroupingServerCheckInterval", 1440);

user_pref("CT2928232.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2928232.HasUserGlobalKeys", true);

user_pref("CT2928232.homepageProtectorEnableByLogin", true);

user_pref("CT2928232.initDone", true);

user_pref("CT2928232.Initialize", true);

user_pref("CT2928232.InitializeCommonPrefs", true);

user_pref("CT2928232.InstallationAndCookieDataSentCount", 2);

user_pref("CT2928232.InstallationType", "ConduitIntegration");

user_pref("CT2928232.InstalledDate", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.InvalidateCache", false);

user_pref("CT2928232.IsAlertDBUpdated", true);

user_pref("CT2928232.isAppTrackingManagerOn", true);

user_pref("CT2928232.isFirstRadioInstallation", false);

user_pref("CT2928232.IsGrouping", false);

user_pref("CT2928232.IsInitSetupIni", true);

user_pref("CT2928232.IsMulticommunity", false);

user_pref("CT2928232.IsOpenThankYouPage", false);

user_pref("CT2928232.IsOpenUninstallPage", true);

user_pref("CT2928232.LanguagePackLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2928232.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2928232.LastLogin_3.6.0.10", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.LatestVersion", "3.5.0.12");

user_pref("CT2928232.Locale", "nl");

user_pref("CT2928232.MCDetectTooltipHeight", "83");

user_pref("CT2928232.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2928232.MCDetectTooltipWidth", "295");

user_pref("CT2928232.myStuffEnabled", true);

user_pref("CT2928232.MyStuffEnabledAtInstallation", true);

user_pref("CT2928232.myStuffPublihserMinWidth", 400);

user_pref("CT2928232.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2928232.myStuffServiceIntervalMM", 1440);

user_pref("CT2928232.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2928232.OriginalFirstVersion", "3.6.0.10");

user_pref("CT2928232.RadioIsPodcast", false);

user_pref("CT2928232.RadioLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.RadioLastUpdateIPServer", "0");

user_pref("CT2928232.RadioMediaID", "9962");

user_pref("CT2928232.RadioMediaType", "Media Player");

user_pref("CT2928232.RadioMenuSelectedID", "EBRadioMenu_CT29282329962");

user_pref("CT2928232.RadioShrinkedFromSetup", false);

user_pref("CT2928232.RadioStationName", "California%20Rock");

user_pref("CT2928232.RadioStationURL", "http://feedlive.net/california.asx");

user_pref("CT2928232.SavedHomepage", "http://www.google.be/");

user_pref("CT2928232.SearchFromAddressBarIsInit", true);

user_pref("CT2928232.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2928232&SearchSource=2&q=");

user_pref("CT2928232.SearchInNewTabEnabled", true);

user_pref("CT2928232.SearchInNewTabIntervalMM", 1440);

user_pref("CT2928232.SearchInNewTabLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2928232.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");

user_pref("CT2928232.SearchInNewTabUserEnabled", false);

user_pref("CT2928232.searchProtectorDialogDelayInSec", 10);

user_pref("CT2928232.searchProtectorEnableByLogin", true);

user_pref("CT2928232.ServiceMapLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SettingsLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.SettingsLastUpdate", "1312118247");

user_pref("CT2928232.testingCtid", "");

user_pref("CT2928232.ThirdPartyComponentsInterval", 504);

user_pref("CT2928232.ThirdPartyComponentsLastCheck", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ThirdPartyComponentsLastUpdate", "1256026239");

user_pref("CT2928232.toolbarAppMetaDataLastCheckTime", "Sat Aug 20 2011 21:16:37 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.toolbarContextMenuLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.ToolbarShrinkedFromSetup", false);

user_pref("CT2928232.TrusteLinkUrl", "http://trust.conduit.com/CT2928232");

user_pref("CT2928232.usagesFlag", 1);

user_pref("CT2928232.UserID", "UN13860167750765553");

user_pref("CT2928232.WeatherNetwork", "");

user_pref("CT2928232.WeatherPollDate", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CT2928232.WeatherUnit", "C");

---- Lines conduit removed from prefs.js ----

user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.ConduitSearchList", "Spelletjes Customized Web Search");

user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");

user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");

user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1053590/1049301/BE", "\"0\"");

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/BE", "\"0\"");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en-us", "L+tncv4eqt6Qm5T3dzChdA==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=nl", "zEXb2Fmcj/HVsqTQpIjULw==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en-us", "0uSPYx+Kl2jpu8sJZMeHjw==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=nl", "TW6pbvEhvglk5DM313wISg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en-us", "QmycQXJXVyFVAzIiNllWhQ==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=nl", "GAox/hnZ01AfFOF7PUvloQ==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en-us", "K4Vqu91uAzWURlxJRdXJOg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=nl", "59UMFEXbxdbjS3gnY6/qrA==");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"07879643d3acc1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.2.1", "\"0652eeacc6cb1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.2.5.2", "\"07b2625f8cb1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.0.10", "\"80ee9485875dcc1:0\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/toolbar/", "\"634394076199470000\"");

user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634293235860000000");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en-us", "\"634351849102130000\"");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=nl", "\"634492029952000000\"");

user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Gebruiker\\Application Data\\Mozilla\\Firefox\\Profiles\\5m7taeif.de

user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");

user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");

user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");

user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");

user_pref("ConduitEngine.AppTrackingLastCheckTime", "Tue May 10 2011 19:46:50 GMT+0200 (Romance (zomertijd))");

user_pref("ConduitEngine.componentAlertEnabled", false);

user_pref("ConduitEngine.CTID", "ConduitEngine");

user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.engineLocale", "nl");

user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.FirstServerDate", "01/07/2011 16");

user_pref("ConduitEngine.FirstTime", true);

user_pref("ConduitEngine.FirstTimeFF3", true);

user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Mar 21 2011 07:26:59 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.HasUserGlobalKeys", true);

user_pref("ConduitEngine.initDone", true);

user_pref("ConduitEngine.Initialize", true);

user_pref("ConduitEngine.InitializeCommonPrefs", true);

user_pref("ConduitEngine.InstalledDate", "Fri Jan 07 2011 14:54:25 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.isAppTrackingManagerOn", true);

user_pref("ConduitEngine.isDetectionEnabled", false);

user_pref("ConduitEngine.IsMulticommunity", false);

user_pref("ConduitEngine.IsOpenThankYouPage", false);

user_pref("ConduitEngine.IsOpenUninstallPage", true);

user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.LastLogin_3.2.5.2", "Fri Jan 07 2011 17:54:25 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.LastLogin_3.3.2.1", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);

user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Mar 21 2011 07:26:58 GMT+0100 (Romance (standaardtijd))");

user_pref("ConduitEngine.usageEnabled", false);

user_pref("ConduitEngine.usagesFlag", 2);

user_pref("ConduitEngine.UserID", "UN99619194929425947");

---- Lines Search removed from prefs.js ----

user_pref("avg.install.userSPSettings", "Search the web (Babylon)");

---- Lines babsrc removed from prefs.js ----

user_pref("avg.install.userHPSettings", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001cc0

user_pref("sweetim.toolbar.urls.homepage", "http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001

---- Lines Lyric removed from prefs.js ----

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.description", "LyricsMonkey will allow you to di

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.name", "LyricsMonkey-15");

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultthis.engineName", "Spelletjes Customized Web Search");

---- Lines CommunityToolbar removed from prefs.js ----

user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Mon Mar 21 2011 07:26:59 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);

user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed May 11 2011 19:46:47 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.alert.locale", "en");

user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);

user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri May 13 2011 18:49:45 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1303303927");

user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);

user_pref("CommunityToolbar.alert.showTrayIcon", false);

user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.alert.userId", "16f75fb9-6a44-44a6-be87-0119d275482f");

user_pref("CommunityToolbar.EngineHiddenByUser", true);

user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sun May 01 2011 17:14:20 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.globalUserId", "8c715a11-fd6d-4067-97ef-7dfedf5018f6");

user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

user_pref("CommunityToolbar.IsEngineShown", false);

user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);

user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.6.0.10");

user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.notifications.locale", "en");

user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 20 2011 21:16:38 GMT+0200 (Romance (zomertijd))");

user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

user_pref("CommunityToolbar.notifications.showTrayIcon", false);

user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.notifications.userId", "7fabb1d9-0d8c-4637-9ab0-2b4c6af4fcb9");

user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://www.bing.com/search?FORM=IEFM1&q=");

---- Lines crossrider removed from prefs.js ----

user_pref("extensions.crossrider.bic", "141e76dd4d52d48174ad0668f9321fbf");

---- FireFox user.js and prefs.js backups ----

user_20133110_1746_.backup

prefs_20133110_1746_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2b0cf91e-63d5-4474-9229-134d0b96fb28}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"BrowserMngr Start Page"=-

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"BrowserMngrDefaultScope"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"bProtectTabs"=-

==== Deleting Files \ Folders ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e...6207813324.com not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\engine@conduit(2).com not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{2b0cf91e-63d5-4474-9229-134d0b96fb28} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} not found

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions {9494ded5-43f8-4571-bf19-fe88853faa74} not found

C:\Documents and Settings\All Users\Application Data\BitGuard not found

"C:\Program Files\Spelletjes\prxtbSpe2.dll" not found

"C:\Program Files\Mozilla Firefox\searchplugins\SearchquWebSearch.xml" not found

"C:\Program Files\Mozilla Firefox\searchplugins\yahoo-nl.xml" not found

"C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\firefox@diamondata.net" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\babylon.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\BabylonMngr.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\conduit.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\SearchquWebSearch.xml" not found

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\searchplugins\startsear.xml" not found

C:\Program Files\Mozilla Firefox\Plugins\npvsharetvplg.dll deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\StartSearch plugin deleted

C:\Program Files\Conduit deleted

C:\Documents and Settings\Gebruiker\Application Data\Uniblue deleted

C:\Documents and Settings\Gebruiker\Application Data\ExpressFiles deleted

C:\Documents and Settings\Gebruiker\Application Data\DVDVideoSoftIEHelpers deleted

C:\Documents and Settings\Gebruiker\Application Data\Registry Mechanic deleted

C:\Documents and Settings\All Users\Application Data\AlawarWrapper deleted

C:\Documents and Settings\All Users\Application Data\Trymedia deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Ilivid Player deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\avgchrome deleted

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Conduit deleted

C:\Documents and Settings\Gebruiker\Menu Start\Programma's\BitGuard deleted

C:\WINDOWS\002707_.tmp deleted

C:\WINDOWS\SET25.tmp deleted

C:\WINDOWS\SET3.tmp deleted

C:\WINDOWS\SET4.tmp deleted

C:\WINDOWS\SET8.tmp deleted

C:\WINDOWS\Tasks\Express FilesUpdate.job deleted

C:\WINDOWS\System32\ConduitEngine.tmp deleted

C:\WINDOWS\System32\SET104.tmp deleted

C:\WINDOWS\System32\SET106.tmp deleted

C:\WINDOWS\System32\SETF6.tmp deleted

C:\WINDOWS\System32\SETF7.tmp deleted

C:\WINDOWS\System32\SETF8.tmp deleted

C:\WINDOWS\System32\SETFD.tmp deleted

C:\WINDOWS\System32\tmp8C9.tmp deleted

C:\WINDOWS\System32\tmp8CA.tmp deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bProtector_extensions.rdf deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bprotector_extensions.sqlite deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\bprotector_prefs.js deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2088433 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2269050 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2661040 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\CT2928232 deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\conduit deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\conduitCommon deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\ConduitEngine deleted

"C:\Program Files\ExpressFiles\EFUpdater.exe" deleted

"C:\Program Files\ExpressFiles\htmlayout.dll" deleted

"C:\Program Files\ExpressFiles" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

====== C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp ====

====== Java Cache =====

====== C:\WINDOWS\system32 =====

====== C:\WINDOWS\system32\drivers =====

2013-10-23 10:35:48 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

====== C:\WINDOWS\Tasks ======

2013-10-23 11:22:22 68C9120CB9A9604C40C046C4FC790AAF 940 ----a-w- C:\WINDOWS\Tasks\Adobe Flash Player Updater.job

2013-10-10 01:10:58 4C7DCA89F950FF5742448601123277EC 386 ---ha-w- C:\WINDOWS\Tasks\Microsoft Antimalware Scheduled Scan.job

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2013-10-29 14:44:19 -------- d-----w- C:\Program Files\trend micro

2013-10-02 16:39:21 -------- d-----w- C:\Program Files\Common Files\Skype

======= C: =====

====== C:\Documents and Settings\Gebruiker\Application Data ======

2013-10-15 05:42:34 1F2A8C0F17F3324432AF0F551616DC36 491320 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat

====== C:\Documents and Settings\Gebruiker ======

2013-10-29 14:42:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

====== C: exe-files ==

2013-10-29 14:44:20 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe

2013-10-29 14:43:28 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Mijn documenten\adriaan\scouts\Zaterdag 4 mei foto's\RSIT(1).exe

2013-10-29 14:42:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Google Update"="C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"ares"="C:\Program Files\Ares\Ares.exe -h"

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"RGSC"="C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE"

[HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"NeroHomeFirstStart"="C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

"SigmatelSysTrayApp"="sttray.exe"

"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe"

"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"

"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

"beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe"

"Family Tree Builder Update"="C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Google Update"="C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"

"ares"="C:\Program Files\Ares\Ares.exe -h"

"EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent"

"RGSC"="C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent"

==== Startup Folders ======================

2011-03-30 20:06:10 958 ----a-w- C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23/10/2013 13:13]

C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ :C:\Program Files\Apple Software Update\SoftwareUpdate.exe []

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2011 14:01]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [08/09/2011 14:01]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003Core.job --a------ [undetermined Task]

C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2141008374-820851572-692919399-1003UA.job --a------ C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [13/04/2011 07:26]

C:\WINDOWS\tasks\Microsoft Antimalware Scheduled Scan.job --ah----- C:\Program Files\Microsoft Security Client\MpCmdRun.exe [12/08/2013 09:12]

C:\WINDOWS\tasks\Norton Security Scan for Gebruiker.job --ah----- [undetermined Task]

C:\WINDOWS\tasks\User_Feed_Synchronization-{CA43B98B-FEE6-480B-95E1-6E742A413AAA}.job --ah----- C:\WINDOWS\system32\msfeedssynC:.exe []

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [08/09/2012 11:00]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

- LyricsMonkey-15 - %ProfilePath%\extensions\df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com

- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk

- Dictionnaire franais Classique - %ProfilePath%\extensions\fr-classique@dictionaries.addons.mozilla(2).org

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

- ToggleDU Community Toolbar - %ProfilePath%\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2)

- DVDVideoSoftTB Community Toolbar - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2)

- gamesgames- Community Toolbar - %ProfilePath%\extensions\{9494ded5-43f8-4571-bf19-fe88853faa74}(2)

- diamondata - %ProfilePath%\extensions\firefox@diamondata.net.xpi

- PsicoTSI - %ProfilePath%\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

4AE054AAF74F93566720766CBC9A0E64 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

2F4781F84C92E8C4B1586E47A78E8A61 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255

18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

81D388824634378A37765FD943FB3144 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Deleted Firefox Extensions ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\firefox@diamondata.net.xpi deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{3ad798d0-4642-4c55-bc14-cfe7dd19e0d1}(2) deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cdjfkejjfbnnahgfabnehkfkhpfghoak - C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\tbch.crx[28/09/2011 20:18]

hendmekoldfacfhlojkjcnbjegkahclb - C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx[]

pbiamblgmkgbcgbcgejjgebalncpmhnp - C:\Program Files\StartSearch plugin\vshareplg.crx[]

Spelletjes - Gebruiker - Default\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak

LyricsMonkey-15 - Gebruiker - Default\Extensions\khmbajnfeegpfichienonefldpjedofp

Chrome In-App Payments service - Gebruiker - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

LiveVDO plugin - Gebruiker - Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp

==== Chrome Fix ======================

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp\tbch.crx deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_apps.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_facebook.conduitapps.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_pricegong.conduitapps.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_storage.conduit.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdjfkejjfbnnahgfabnehkfkhpfghoak_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cdjfkejjfbnnahgfabnehkfkhpfghoak_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\khmbajnfeegpfichienonefldpjedofp deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0.localstorage-journal deleted successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_khmbajnfeegpfichienonefldpjedofp_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://isearch.babylon.com/?affID=116424&tt=300912_TORP_3912_1&babsrc=HP_ss&mntrId=f4c1ce27000000000000001cc02a6bc2"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.myheritage.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="about:home"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{afdbddaa-5d3f-42ee-b79c-185a7020515b}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="res://ieframe.dll/tabswelcome.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{73178189-D9FF-43C6-B712-83A791CA53A2} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF"

==== Reset Google Chrome ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2141008374-820851572-692919399-1003\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hendmekoldfacfhlojkjcnbjegkahclb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cdjfkejjfbnnahgfabnehkfkhpfghoak deleted successfully

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen

O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [beidsccertprop] C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe

O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [RGSC] C:\Program Files\Rockstar Games Social Club\RGSCLauncher.exe /silent

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-2141008374-820851572-692919399-1005\..\RunOnce: [NeroHomeFirstStart] C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe (User 'UpdatusUser')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O4 - Global Startup: Online plug-in.lnk = ?

O4 - Global Startup: VPN Client.lnk = ?

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab

O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://express.foto.com/ImageUploader5.cab

O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - http://ccff02.minfin.fgov.be/diagnosis/static/app-layout/js/capicom.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - MSN Games - Free Online Games

O18 - Protocol: ambulantpdtb - {183A003A-3D01-4E94-A2C5-AD0108C68370} - C:\Program Files\AMIS\PdtbIePlugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll

O22 - SharedTaskScheduler: Preloader van browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Cache-daemon voor onderdeelcategorieën - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\WINDOWS\system32\STacSV.exe

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator.WIT\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\N0ZCEDYH will be deleted at reboot

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\RRX5LR5Z will be deleted at reboot

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator.WIT\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\Cache emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files\ExpressFiles" not found

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\N0ZCEDYH" not found

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\RRX5LR5Z" not found

==== EOF on do 31/10/2013 at 17:55:40,68 ======================

Link naar reactie
Delen op andere sites

  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com;fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2);fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{9494ded5-43f8-4571-bf19-fe88853faa74}(2);fs
 C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi;f
 autoclean;

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Zoek.exe Version 4.0.0.5 Updated 26-October-2013

Tool run by Gebruiker on vr 01/11/2013 at 12:19:21,93.

Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Documents and Settings\Gebruiker\Bureaublad\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-31-163948.log 20044 bytes

C:\zoek-results2013-10-31-165540.log 82624 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Documents and Settings\Administrator.WIT\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default

user.js not found

---- FireFox user.js and prefs.js backups ----

prefs_20130111_1225_.backup

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

user.js not found

---- Lines Lyric removed from prefs.js ----

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.description", "LyricsMonkey will allow you to di

user_pref("extensions.adf228366e2c446b890a57f788732f45eef1368ada4cd43ec9ff9a16207813324com43910.43910.name", "LyricsMonkey-15");

---- FireFox user.js and prefs.js backups ----

prefs_20130111_1225_.backup

==== Deleting Files \ Folders ======================

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\df228366-e2c4-46b8-90a5-7f788732f45e@ef1368ad-a4cd-43ec-9ff9-a16207813324.com deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}(2) deleted

C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{9494ded5-43f8-4571-bf19-fe88853faa74}(2) deleted

"C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\extensions\{7E77F5DF-8022-40e3-9122-F03DEBEFC43B}.xpi" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [08/09/2012 11:00]

==== Firefox Extensions ======================

ProfilePath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

- British English Dictionary Updated - %ProfilePath%\extensions\en-gb@flyingtophat.co.uk

- Dictionnaire franais Classique - %ProfilePath%\extensions\fr-classique@dictionaries.addons.mozilla(2).org

- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Documents and Settings\Gebruiker\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

CFAF7B67C78D09D79688AEDCA3D090E2 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Update\1.3.21.165\npGoogleUpdate3.dll - Google Update

BE501CBC29B2025A263D80D399F1797A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll - Silverlight Plug-In

4AE054AAF74F93566720766CBC9A0E64 - C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

6846D2CA7E1D5937AEE3F99BB7F5464B - C:\WINDOWS\system32\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director

0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2

A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2

CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2

052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2

A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2

136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2

1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2

C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

2F4781F84C92E8C4B1586E47A78E8A61 - C:\WINDOWS\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.50.255

18C6A57B569F088C2BD7B828A211AC06 - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll - Java Platform SE 7 U5

81D388824634378A37765FD943FB3144 - C:\WINDOWS\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

49DA696E73BC2CB49C0E374C7885F7AD - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat

1C8124B6A03A620EB0CBCA615666D2AE - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery

FC5866F7793AF2CBCD425CC4B8D32A9E - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll - Zylom Plugin

7ABA2EAB736F7E9EB0E03ACAA42CCB51 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox

AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation

901DF887DBDF87FA3C659239F68F3228 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM

0F9DEA5814D22F83FED5F427E263DED0 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library

F89E6BBD6A080D8C714DFB6F30678288 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM

B27CCB1168B1960AEC6E9D3E0E0F0D2A - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrlui.dll - Microsoft® Silverlight

3EA079023D32054BFD73D08E77C72609 - C:\WINDOWS\system32\npptools.dll - Besturingssysteem Microsoft® Windows®

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{73178189-D9FF-43C6-B712-83A791CA53A2} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBF"

==== Empty IE Cache ======================

C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Administrator.WIT\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Documents and Settings\Administrator.WIT\Local Settings\Application Data\Mozilla\Firefox\Profiles\5n64fci9.default\Cache emptied successfully

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Mozilla\Firefox\Profiles\5m7taeif.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted

"C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Documents and Settings\UpdatusUser\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on vr 01/11/2013 at 12:28:14,06 ======================

Link naar reactie
Delen op andere sites

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.