Re: Win7 starter netbook vertraagd
Ahaaa. Nouja uitzetten heb ik nog niet gedaan, dus dan wacht ik nog wel even ja.
Bedankt en ik laat het weten als er verandering is.
---------- Bericht toegevoegd op 10:33 ---------- Vorige bericht was op 10:03 ----------
UPDATE
Scanner klaar, hier het log
Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by Wouter on wo 04-12-2013 at 9:48:23,34.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wouter\Desktop\zoek.exe [Script inserted]
==== Older Logs ======================
C:\zoek-results2013-12-04-083750.log 7347 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files\Bluetooth Suite\AthCopyHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Program Files\Packard Bell\Registration\GREGsvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\PLFSetI.exe
C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Wouter\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
==== Deleting Services ======================
==== System Specs ======================
Windows: Windows 7 Starter Edition Service Pack 1 (Build 7601)
Memory (RAM): 1014 MB
CPU Info: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
CPU Speed: 1505.7 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) Graphics Media Accelerator 3150 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 600 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B95 Wireless Network Adapter | Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) | Hamachi Network Interface
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 219.8GB | Q: 0.0MB
Hard Disks - Free: C: 163.9GB | Q: 0.0MB
Manufacturer *: Packard Bell
BIOS Info: AT/AT COMPATIBLE | 12/16/10 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer SJE02_PT
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16428
Mozilla Firefox version: 12.0 (x86 nl)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 9.5.0.270
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 12.0r112
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Wouter\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-03 07:19:16 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 07:19:16 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\System32\mshtml.dll
2013-12-03 07:19:16 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-12-03 07:19:16 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf
2013-12-03 07:19:16 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-12-03 07:19:16 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\System32\ieui.dll
2013-12-03 07:19:16 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll
2013-12-03 07:19:16 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec
2013-12-03 07:19:16 D6BC25D55501DE093757675B3B120867 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-12-03 07:19:16 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll
2013-12-03 07:19:16 C629D814E48CAA81E0D806BD7ECA98B8 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-12-03 07:19:16 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 07:19:16 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-12-03 07:19:16 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 07:19:16 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat
2013-12-03 07:19:16 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\System32\iesetup.dll
2013-12-03 07:19:16 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-12-03 07:19:16 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\System32\iertutil.dll
2013-12-03 07:19:16 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\System32\wininet.dll
2013-12-03 07:19:16 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-12-03 07:19:16 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\System32\jscript9.dll
2013-12-03 07:19:16 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll
2013-12-03 07:19:16 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe
2013-12-03 07:19:16 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll
2013-12-03 07:19:16 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx
2013-12-03 07:19:16 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll
2013-12-03 07:19:16 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe
2013-12-03 07:19:16 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 07:19:16 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll
2013-12-03 07:19:16 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-12-03 07:19:16 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-12-03 07:19:16 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll
2013-12-03 07:19:16 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll
2013-12-03 07:19:16 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-03 07:19:16 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe
2013-12-03 07:19:16 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-03 07:19:16 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-12-03 07:19:16 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll
2013-12-03 07:19:16 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-03 07:19:16 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\System32\iernonce.dll
2013-12-03 07:19:16 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-12-03 07:19:16 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-12-03 07:19:16 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll
2013-12-03 07:19:16 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-12-03 07:19:16 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll
2013-12-03 07:19:16 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\System32\jsproxy.dll
2013-12-03 07:19:16 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll
2013-12-03 07:19:16 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-12-03 07:19:16 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\System32\urlmon.dll
2013-12-03 07:19:16 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2013-12-03 07:19:16 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll
2013-12-03 07:19:16 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll
2013-12-03 07:19:16 14E18520903F925D296C8E29BDE6BD43 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-12-03 07:19:16 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll
2013-12-03 07:19:16 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll
2013-12-03 07:19:16 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll
2013-12-03 07:19:15 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\System32\ieframe.dll
2013-12-02 22:03:45 F1CD6E22E5AE5CEEB7712E546A5FC853 873384 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-12-02 22:03:45 9245D22DF0D9F8E21110FCEA6BF15E7E 796072 ----a-w- C:\Windows\System32\deployJava1.dll
2013-12-02 21:54:50 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-02 21:54:21 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-02 21:54:21 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-02 21:54:21 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
2013-11-24 21:02:58 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-24 21:02:58 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-24 21:02:57 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-24 12:15:19 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-24 12:15:14 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll
2013-11-24 12:15:13 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll
2013-11-24 12:15:13 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-24 12:14:48 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll
2013-11-24 12:14:47 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll
2013-11-24 12:14:47 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll
2013-11-24 12:14:47 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll
2013-11-24 12:14:47 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe
2013-11-24 12:14:47 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll
2013-11-24 12:14:46 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2013-11-24 11:59:35 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll
====== C:\Windows\system32\drivers =====
2013-11-24 12:14:48 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-24 12:14:48 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-24 12:14:47 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2013-11-22 17:27:04 34BB4B6F0861419564414106D40A33BB 414 ----a-w- C:\Windows\Tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-02 21:55:01 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Wouter\AppData\Roaming ======
====== C:\Users\Wouter ======
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-02 21:51:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-03 07:19:16 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-03 07:19:16 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-12-03 07:19:16 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-03 07:19:16 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2013-12-03 07:19:16 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:
http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:
http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"OMEA"="C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\AthBtTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\BtvStack.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wouter\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Spotify.exe\" /uri spotify:autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Data\\SpotifyWebHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VideoWebCamera"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Wouter\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 3.3 "
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-10-2013 21:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job --a------ C:\Users\Uhh.. gewoon TY\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22-11-2013 18:25]
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Folders in C:\ProgramData 0-6 Months Old ======================
No folders found aged 0-6 months
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{34712C68-7391-4c47-94F3-8F88D49AD632}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [21-02-2013 22:24]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3h8gn7yi.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
ProfilePath: C:\Users\Uhh.. gewoon TY\AppData\Roaming\Mozilla\Firefox\Profiles\uq3b9dcb.default
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
ProfilePath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft? Windows Media Player Firefox Plugin
9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft? Windows? Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[21-09-2011 08:35]
Google Docs - Uhh.. gewoon TY - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Uhh.. gewoon TY - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Uhh.. gewoon TY - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Uhh.. gewoon TY - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Uhh.. gewoon TY - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Uhh.. gewoon TY - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Uhh.. gewoon TY - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Uhh.. gewoon TY - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Wouter - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wouter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wouter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wouter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Wouter - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealDownloader - Wouter - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Wouter - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Wouter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wouter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== HijackThis Entries ======================
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [OMEA] "C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\3h8gn7yi.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Uhh.. gewoon TY\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Wouter\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 04-12-2013 at 10:27:55,62 ======================
Even ter info, de waslijst aan .exe downloads (4.16 Memoriaalboeking.exe etc.) klopt allemaal, is van een software cursus.
---------- Bericht toegevoegd op 10:34 ---------- Vorige bericht was op 10:33 ----------
UPDATE
Scanner klaar, hier het log
Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by Wouter on wo 04-12-2013 at 9:48:23,34.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wouter\Desktop\zoek.exe [Script inserted]
==== Older Logs ======================
C:\zoek-results2013-12-04-083750.log 7347 bytes
==== Torpig Check ======================
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files\Bluetooth Suite\AthCopyHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
==== Running Processes ======================
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Program Files\Packard Bell\Registration\GREGsvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\PLFSetI.exe
C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Wouter\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs
==== Deleting Services ======================
==== System Specs ======================
Windows: Windows 7 Starter Edition Service Pack 1 (Build 7601)
Memory (RAM): 1014 MB
CPU Info: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
CPU Speed: 1505.7 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) Graphics Media Accelerator 3150 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 600 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B95 Wireless Network Adapter | Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) | Hamachi Network Interface
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 219.8GB | Q: 0.0MB
Hard Disks - Free: C: 163.9GB | Q: 0.0MB
Manufacturer *: Packard Bell
BIOS Info: AT/AT COMPATIBLE | 12/16/10 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer SJE02_PT
Country: Nederland
Language: NLD
==== System Specs (Software) ======================
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16428
Mozilla Firefox version: 12.0 (x86 nl)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 9.5.0.270
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 12.0r112
==== Files Recently Created / Modified ======================
====== C:\Windows ====
====== C:\Users\Wouter\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-03 07:19:16 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 07:19:16 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\System32\mshtml.dll
2013-12-03 07:19:16 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-12-03 07:19:16 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf
2013-12-03 07:19:16 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-12-03 07:19:16 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\System32\ieui.dll
2013-12-03 07:19:16 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll
2013-12-03 07:19:16 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec
2013-12-03 07:19:16 D6BC25D55501DE093757675B3B120867 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-12-03 07:19:16 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll
2013-12-03 07:19:16 C629D814E48CAA81E0D806BD7ECA98B8 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-12-03 07:19:16 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 07:19:16 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-12-03 07:19:16 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 07:19:16 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat
2013-12-03 07:19:16 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\System32\iesetup.dll
2013-12-03 07:19:16 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-12-03 07:19:16 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\System32\iertutil.dll
2013-12-03 07:19:16 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\System32\wininet.dll
2013-12-03 07:19:16 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-12-03 07:19:16 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\System32\jscript9.dll
2013-12-03 07:19:16 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll
2013-12-03 07:19:16 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe
2013-12-03 07:19:16 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll
2013-12-03 07:19:16 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx
2013-12-03 07:19:16 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll
2013-12-03 07:19:16 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe
2013-12-03 07:19:16 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 07:19:16 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll
2013-12-03 07:19:16 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-12-03 07:19:16 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-12-03 07:19:16 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll
2013-12-03 07:19:16 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll
2013-12-03 07:19:16 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-03 07:19:16 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe
2013-12-03 07:19:16 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-03 07:19:16 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-12-03 07:19:16 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll
2013-12-03 07:19:16 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-03 07:19:16 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\System32\iernonce.dll
2013-12-03 07:19:16 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-12-03 07:19:16 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-12-03 07:19:16 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll
2013-12-03 07:19:16 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-12-03 07:19:16 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll
2013-12-03 07:19:16 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\System32\jsproxy.dll
2013-12-03 07:19:16 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll
2013-12-03 07:19:16 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-12-03 07:19:16 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\System32\urlmon.dll
2013-12-03 07:19:16 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2013-12-03 07:19:16 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll
2013-12-03 07:19:16 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll
2013-12-03 07:19:16 14E18520903F925D296C8E29BDE6BD43 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-12-03 07:19:16 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll
2013-12-03 07:19:16 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll
2013-12-03 07:19:16 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll
2013-12-03 07:19:15 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\System32\ieframe.dll
2013-12-02 22:03:45 F1CD6E22E5AE5CEEB7712E546A5FC853 873384 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-12-02 22:03:45 9245D22DF0D9F8E21110FCEA6BF15E7E 796072 ----a-w- C:\Windows\System32\deployJava1.dll
2013-12-02 21:54:50 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-02 21:54:21 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-02 21:54:21 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-02 21:54:21 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
2013-11-24 21:02:58 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-24 21:02:58 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-24 21:02:57 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-24 12:15:19 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-24 12:15:14 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll
2013-11-24 12:15:13 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll
2013-11-24 12:15:13 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-24 12:14:48 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll
2013-11-24 12:14:47 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll
2013-11-24 12:14:47 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll
2013-11-24 12:14:47 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll
2013-11-24 12:14:47 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe
2013-11-24 12:14:47 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll
2013-11-24 12:14:46 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2013-11-24 11:59:35 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll
====== C:\Windows\system32\drivers =====
2013-11-24 12:14:48 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-24 12:14:48 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-24 12:14:47 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2013-11-22 17:27:04 34BB4B6F0861419564414106D40A33BB 414 ----a-w- C:\Windows\Tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-02 21:55:01 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Wouter\AppData\Roaming ======
====== C:\Users\Wouter ======
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-02 21:51:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
====== C: exe-files ==
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-03 07:19:16 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-03 07:19:16 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-12-03 07:19:16 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-03 07:19:16 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2013-12-03 07:19:16 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
=== C: other files ==
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:
http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:
http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"OMEA"="C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\AthBtTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\BtvStack.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wouter\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Spotify.exe\" /uri spotify:autostart"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Data\\SpotifyWebHelper.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VideoWebCamera"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Wouter\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 3.3 "
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-10-2013 21:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job --a------ C:\Users\Uhh.. gewoon TY\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22-11-2013 18:25]
==== Other Scheduled Tasks ======================
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
==== Folders in C:\ProgramData 0-6 Months Old ======================
No folders found aged 0-6 months
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{34712C68-7391-4c47-94F3-8F88D49AD632}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [21-02-2013 22:24]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3h8gn7yi.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
ProfilePath: C:\Users\Uhh.. gewoon TY\AppData\Roaming\Mozilla\Firefox\Profiles\uq3b9dcb.default
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
ProfilePath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft Windows Media Player Firefox Plugin
9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft Windows Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[21-09-2011 08:35]
Google Docs - Uhh.. gewoon TY - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Uhh.. gewoon TY - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Uhh.. gewoon TY - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Uhh.. gewoon TY - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Uhh.. gewoon TY - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Uhh.. gewoon TY - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Uhh.. gewoon TY - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Uhh.. gewoon TY - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Wouter - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wouter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wouter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wouter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Wouter - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealDownloader - Wouter - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Wouter - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Wouter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wouter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
==== HijackThis Entries ======================
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [OMEA] "C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
==== Empty IE Cache ======================
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\3h8gn7yi.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\Users\Uhh.. gewoon TY\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Wouter\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on wo 04-12-2013 at 10:27:55,62 ======================
Even ter info, de waslijst aan .exe downloads (4.16 Memoriaalboeking.exe etc.) klopt allemaal, is van een software cursus.