• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

[Opgelost] Win7 starter netbook vertraagd

Status
Niet open voor verdere reacties.

Woutrrr

Happy! :D
Lid geworden
29 okt 2008
Berichten
1.174
Waarderingsscore
0
Goedenavond!


Ik heb een Packard Bell dot s netbook met Windows 7 Starter. Deze netbook was de eerste 2 jaar erg snel en heb er nooit problemen mee gehad. Het afgelopen jaar is hij echter een heel stuk trager geworden. Zelfs iets simpels als Chrome openen duurt veel te lang.

Ik heb een MBAM scan gedaan, hieruit kwam 1 gedetecteerd object (iets in de IE temp files), is nu verwijderd.
Onderstaand een HJT log.

[hjt]
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 19:02:11, on 3-12-2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16428)
FIREFOX: 12.0 (nl)
Boot mode: Normal

Running processes:
c:\windows\system32\taskhost.exe
c:\windows\system32\dwm.exe
c:\windows\explorer.exe
c:\program files\realtek\audio\hda\rthdvcpl.exe
c:\windows\system32\igfxtray.exe
c:\windows\system32\hkcmd.exe
c:\windows\system32\igfxpers.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\elantech\etdctrl.exe
c:\windows\plfseti.exe
c:\program files\packardbellxsync\deployment\functions\{aa58f999-6d97-42c2-a69f-8cc04d18d944}\omea.exe
c:\program files\packard bell\packard bell power management\epowertray.exe
c:\program files\citrix\ica client\concentr.exe
c:\program files\microsoft office\office12\groovemonitor.exe
c:\program files\real\realplayer\update\realsched.exe
c:\program files\citrix\ica client\wfcrun32.exe
c:\windows\system32\igfxext.exe
c:\program files\elantech\etdctrlhelper.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wuauclt.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\google\chrome\application\chrome.exe
c:\program files\google\chrome\application\chrome.exe
c:\users\uhh.. gewoon ty\downloads\hijackthis.exe
c:\windows\system32\searchfilterhost.exe
c:\windows\system32\dllhost.exe

r1 - hkcu\software\microsoft\internet explorer\main,default_page_url = [noparse]http://packardbell.msn.com[/noparse]
r1 - hkcu\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hkcu\software\microsoft\internet explorer\main,start page = [noparse]http://packardbell.msn.com[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_page_url = [noparse]http://go.microsoft.com/fwlink/p/?linkid=255141[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,default_search_url = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r1 - hklm\software\microsoft\internet explorer\main,search page = [noparse]http://go.microsoft.com/fwlink/?linkid=54896[/noparse]
r0 - hklm\software\microsoft\internet explorer\main,start page = [noparse]http://go.microsoft.com/fwlink/p/?linkid=255141[/noparse]
r0 - hklm\software\microsoft\internet explorer\search,searchassistant =
r0 - hklm\software\microsoft\internet explorer\search,customizesearch =
r0 - hkcu\software\microsoft\internet explorer\toolbar,linksfoldername =
o2 - bho: acroiehelperstub - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - bho: realnetworks download and record plugin for internet explorer - {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
o2 - bho: search helper - {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\sepsearchhelperie.dll
o2 - bho: groove gfs browser helper - {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\grooveshellextensions.dll
o2 - bho: java(tm) plug-in ssv helper - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre7\bin\ssv.dll
o2 - bho: iespeakdoc - {8d10f6c4-0e01-4bd4-8601-11ac1fdf8126} - c:\program files\bluetooth suite\ieplugin.dll
o2 - bho: windows live id sign-in helper - {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\windowslivelogin.dll
o2 - bho: urlredirectionbho - {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~4\office14\urlredir.dll
o2 - bho: java(tm) plug-in 2 ssv helper - {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre7\bin\jp2ssv.dll
o4 - hklm\..\run: [rthdvcpl] c:\program files\realtek\audio\hda\rthdvcpl.exe -s
o4 - hklm\..\run: [igfxtray] c:\windows\system32\igfxtray.exe
o4 - hklm\..\run: [hotkeyscmds] c:\windows\system32\hkcmd.exe
o4 - hklm\..\run: [persistence] c:\windows\system32\igfxpers.exe
o4 - hklm\..\run: [etdctrl] %programfiles%\elantech\etdctrl.exe
o4 - hklm\..\run: [plfseti] c:\windows\plfseti.exe
o4 - hklm\..\run: [microsoft default manager] c:\program files\microsoft\search enhancement pack\default manager\defmgr.exe -resume
o4 - hklm\..\run: [omea] c:\program files\packardbellxsync\deployment\functions\{aa58f999-6d97-42c2-a69f-8cc04d18d944}\omea.exe
o4 - hklm\..\run: [acer epower management] c:\program files\packard bell\packard bell power management\epowertray.exe
o4 - hklm\..\run: [connectioncenter] c:\program files\citrix\ica client\concentr.exe /startup
o4 - hklm\..\run: [groovemonitor] c:\program files\microsoft office\office12\groovemonitor.exe
o4 - hklm\..\run: [tkbellexe] c:\program files\real\realplayer\update\realsched.exe -osboot
o4 - hkus\s-1-5-19\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'local service')
o4 - hkus\s-1-5-19\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'local service')
o4 - hkus\s-1-5-20\..\run: [sidebar] %programfiles%\windows sidebar\sidebar.exe /autorun (user 'network service')
o4 - hkus\s-1-5-20\..\runonce: [mctadmin] c:\windows\system32\mctadmin.exe (user 'network service')
o4 - hkus\s-1-5-18\..\runonce: [spreview] c:\windows\system32\spreview\spreview.exe /sp:1 /errorfwlink:"[noparse]http://go.microsoft.com/fwlink/?linkid=122915"[/noparse] /build:7601 (user 'system')
o4 - hkus\.default\..\runonce: [spreview] c:\windows\system32\spreview\spreview.exe /sp:1 /errorfwlink:"[noparse]http://go.microsoft.com/fwlink/?linkid=122915"[/noparse] /build:7601 (user 'default user')
o8 - extra context menu item: e&xport to microsoft excel - res://c:\progra~1\micros~4\office12\excel.exe/3000
o9 - extra button: @c:\program files\windows live\writer\windowslivewritershortcuts.dll,-1004 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra 'tools' menuitem: @c:\program files\windows live\writer\windowslivewritershortcuts.dll,-1003 - {219c3416-8cb2-491a-a3c7-d9fcddc9d600} - c:\program files\windows live\writer\writerbrowserextension.dll
o9 - extra button: send to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~4\office12\onbttnie.dll
o9 - extra 'tools' menuitem: s&end to onenote - {2670000a-7350-4f3c-8081-5663ee0c6c49} - c:\progra~1\micros~4\office12\onbttnie.dll
o9 - extra button: pokerstars - {3ad14f0c-ed16-4e43-b6d8-661b03f6a1ef} - c:\program files\pokerstars\pokerstarsupdate.exe
o9 - extra button: research - {92780b25-18cc-41c8-b9be-3c9c571a8263} - c:\progra~1\micros~4\office12\refiebar.dll
o10 - unknown file in winsock lsp: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
o10 - unknown file in winsock lsp: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
o11 - options group: [accelerated_graphics] accelerated graphics
o16 - dpf: {5c051655-fcd5-4969-9182-770ea5aa5565} (solitaire showdown class) - [noparse]http://messenger.zone.msn.com/binary/solitaireshowdown.cab56986.cab[/noparse]
o16 - dpf: {c3f79a2b-b9b4-4a66-b012-3ee46475b072} (messengerstatsclient class) - [noparse]http://messenger.zone.msn.com/binary/messengerstatspaclient.cab56907.cab[/noparse]
o16 - dpf: {f5a7706b-b9c0-4c89-a715-7a0c6b05dd48} (minesweeper flags class) - [noparse]http://messenger.zone.msn.com/binary/minesweeper.cab56986.cab[/noparse]
o18 - protocol: groovelocalgws - {88fed34c-f0ca-4636-a375-3cb6248b04cd} - c:\program files\microsoft office\office12\groovesystemservices.dll
o18 - protocol: skype4com - {ffc8b962-9b40-4dff-9458-1830c7dd7f5d} - c:\progra~1\common~1\skype\skype4~1.dll
o18 - protocol: wlpg - {e43ef6cd-a37a-4a9b-9e6f-83f89b8e6324} - c:\program files\windows live\photo gallery\albumdownloadprotocolhandler.dll
o18 - filter: application/x-ica - {cfb6322e-cc85-4d1b-82c7-893888a236bc} - c:\program files\citrix\ica client\icamimefilter.dll
o18 - filter hijack: ica - {cfb6322e-cc85-4d1b-82c7-893888a236bc} - c:\program files\citrix\ica client\icamimefilter.dll
o18 - filter hijack: text/xml - {807573e5-5146-11d5-a672-00b0d022e945} - c:\program files\common files\microsoft shared\office14\msoxmlmf.dll
o23 - service: adobe flash player update service (adobeflashplayerupdatesvc) - adobe systems incorporated - c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
o23 - service: atherossvc - atheros commnucations - c:\program files\bluetooth suite\adminservice.exe
o23 - service: dritek wmi service (dsiwmiservice) - dritek system inc. - c:\program files\launch manager\dsiwmis.exe
o23 - service: acer epower service (epowersvc) - acer incorporated - c:\program files\packard bell\packard bell power management\epowersvc.exe
o23 - service: flexnet licensing service - acresso software inc. - c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
o23 - service: gregservice - acer incorporated - c:\program files\packard bell\registration\gregsvc.exe
o23 - service: google update-service (gupdate) (gupdate) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: google update-service (gupdatem) (gupdatem) - google inc. - c:\program files\google\update\googleupdate.exe
o23 - service: logmein hamachi tunneling engine (hamachi2svc) - logmein inc. - c:\program files\logmein hamachi\hamachi-2.exe
o23 - service: mozilla maintenance service (mozillamaintenance) - mozilla foundation - c:\program files\mozilla maintenance service\maintenanceservice.exe
o23 - service: realnetworks downloader resolver service - unknown owner - c:\program files\realnetworks\realdownloader\rndlresolversvc.exe
o23 - service: skype updater (skypeupdate) - skype technologies - c:\program files\skype\updater\updater.exe
o23 - service: updater service - acer group - c:\program files\packard bell\packard bell updater\updaterservice.exe
--
end of file - 9982 bytes

[/hjt]


Hopelijk kunnen jullie me verder helpen!

Alvast bedankt,


Wouter
 
Laatst bewerkt door een moderator:
Re: Win7 starter netbook vertraagd

Hallo,


Download
51a612a8b27e2-Zoek.png
Zoek.zip naar het bureaublad.

  1. Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  2. Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
    Code:
    firefoxlook;
    emptyclsid;
    torpigcheck;
    emptyfolderscheck;delete
    chromelook;
    standardsearch;
    filesrcm;
    autoclean;
    startupall;
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.
 
Re: Win7 starter netbook vertraagd

Allereerst bedankt voor de snelle reactie!

Echter krijg ik de search niet voor elkaar, sorry :/

Het opstarten van het het programma duurt al erg lang, en het script heb ik zojuist een kwartier laten draaien zonder enig resultaat.

Nog iets anders wat ik kan proberen?
 
Re: Win7 starter netbook vertraagd

Hallo,

Het kan 45 min duren, als het langer duurt dan pas uit zetten.
 
Re: Win7 starter netbook vertraagd

Ahaaa. Nouja uitzetten heb ik nog niet gedaan, dus dan wacht ik nog wel even ja.
Bedankt en ik laat het weten als er verandering is.

---------- Bericht toegevoegd op 10:33 ---------- Vorige bericht was op 10:03 ----------

UPDATE
Scanner klaar, hier het log


Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by Wouter on wo 04-12-2013 at 9:48:23,34.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wouter\Desktop\zoek.exe [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-04-083750.log 7347 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files\Bluetooth Suite\AthCopyHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Program Files\Packard Bell\Registration\GREGsvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\PLFSetI.exe
C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Wouter\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows 7 Starter Edition Service Pack 1 (Build 7601)
Memory (RAM): 1014 MB
CPU Info: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
CPU Speed: 1505.7 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) Graphics Media Accelerator 3150 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 600 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B95 Wireless Network Adapter | Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) | Hamachi Network Interface
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 219.8GB | Q: 0.0MB
Hard Disks - Free: C: 163.9GB | Q: 0.0MB
Manufacturer *: Packard Bell
BIOS Info: AT/AT COMPATIBLE | 12/16/10 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer SJE02_PT
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16428
Mozilla Firefox version: 12.0 (x86 nl)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 9.5.0.270
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 12.0r112

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Wouter\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-03 07:19:16 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 07:19:16 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\System32\mshtml.dll
2013-12-03 07:19:16 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-12-03 07:19:16 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf
2013-12-03 07:19:16 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-12-03 07:19:16 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\System32\ieui.dll
2013-12-03 07:19:16 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll
2013-12-03 07:19:16 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec
2013-12-03 07:19:16 D6BC25D55501DE093757675B3B120867 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-12-03 07:19:16 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll
2013-12-03 07:19:16 C629D814E48CAA81E0D806BD7ECA98B8 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-12-03 07:19:16 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 07:19:16 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-12-03 07:19:16 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 07:19:16 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat
2013-12-03 07:19:16 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\System32\iesetup.dll
2013-12-03 07:19:16 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-12-03 07:19:16 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\System32\iertutil.dll
2013-12-03 07:19:16 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\System32\wininet.dll
2013-12-03 07:19:16 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-12-03 07:19:16 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\System32\jscript9.dll
2013-12-03 07:19:16 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll
2013-12-03 07:19:16 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe
2013-12-03 07:19:16 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll
2013-12-03 07:19:16 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx
2013-12-03 07:19:16 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll
2013-12-03 07:19:16 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe
2013-12-03 07:19:16 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 07:19:16 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll
2013-12-03 07:19:16 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-12-03 07:19:16 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-12-03 07:19:16 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll
2013-12-03 07:19:16 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll
2013-12-03 07:19:16 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-03 07:19:16 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe
2013-12-03 07:19:16 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-03 07:19:16 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-12-03 07:19:16 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll
2013-12-03 07:19:16 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-03 07:19:16 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\System32\iernonce.dll
2013-12-03 07:19:16 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-12-03 07:19:16 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-12-03 07:19:16 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll
2013-12-03 07:19:16 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-12-03 07:19:16 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll
2013-12-03 07:19:16 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\System32\jsproxy.dll
2013-12-03 07:19:16 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll
2013-12-03 07:19:16 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-12-03 07:19:16 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\System32\urlmon.dll
2013-12-03 07:19:16 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2013-12-03 07:19:16 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll
2013-12-03 07:19:16 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll
2013-12-03 07:19:16 14E18520903F925D296C8E29BDE6BD43 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-12-03 07:19:16 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll
2013-12-03 07:19:16 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll
2013-12-03 07:19:16 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll
2013-12-03 07:19:15 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\System32\ieframe.dll
2013-12-02 22:03:45 F1CD6E22E5AE5CEEB7712E546A5FC853 873384 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-12-02 22:03:45 9245D22DF0D9F8E21110FCEA6BF15E7E 796072 ----a-w- C:\Windows\System32\deployJava1.dll
2013-12-02 21:54:50 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-02 21:54:21 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-02 21:54:21 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-02 21:54:21 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
2013-11-24 21:02:58 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-24 21:02:58 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-24 21:02:57 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-24 12:15:19 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-24 12:15:14 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll
2013-11-24 12:15:13 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll
2013-11-24 12:15:13 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-24 12:14:48 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll
2013-11-24 12:14:47 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll
2013-11-24 12:14:47 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll
2013-11-24 12:14:47 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll
2013-11-24 12:14:47 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe
2013-11-24 12:14:47 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll
2013-11-24 12:14:46 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2013-11-24 11:59:35 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll
====== C:\Windows\system32\drivers =====
2013-11-24 12:14:48 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-24 12:14:48 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-24 12:14:47 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2013-11-22 17:27:04 34BB4B6F0861419564414106D40A33BB 414 ----a-w- C:\Windows\Tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-02 21:55:01 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Wouter\AppData\Roaming ======
====== C:\Users\Wouter ======
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-02 21:51:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-03 07:19:16 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-03 07:19:16 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-12-03 07:19:16 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-03 07:19:16 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2013-12-03 07:19:16 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"OMEA"="C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\AthBtTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\BtvStack.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wouter\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VideoWebCamera"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Wouter\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 3.3 "


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-10-2013 21:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job --a------ C:\Users\Uhh.. gewoon TY\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22-11-2013 18:25]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\ProgramData 0-6 Months Old ======================

No folders found aged 0-6 months

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{34712C68-7391-4c47-94F3-8F88D49AD632}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [21-02-2013 22:24]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3h8gn7yi.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

ProfilePath: C:\Users\Uhh.. gewoon TY\AppData\Roaming\Mozilla\Firefox\Profiles\uq3b9dcb.default
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

ProfilePath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft? Windows Media Player Firefox Plugin
9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft? Windows? Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[21-09-2011 08:35]

Google Docs - Uhh.. gewoon TY - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Uhh.. gewoon TY - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Uhh.. gewoon TY - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Uhh.. gewoon TY - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Uhh.. gewoon TY - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Uhh.. gewoon TY - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Uhh.. gewoon TY - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Uhh.. gewoon TY - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Wouter - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wouter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wouter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wouter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Wouter - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealDownloader - Wouter - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Wouter - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Wouter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wouter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [OMEA] "C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\3h8gn7yi.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Uhh.. gewoon TY\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wouter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 04-12-2013 at 10:27:55,62 ======================


Even ter info, de waslijst aan .exe downloads (4.16 Memoriaalboeking.exe etc.) klopt allemaal, is van een software cursus.

---------- Bericht toegevoegd op 10:34 ---------- Vorige bericht was op 10:33 ----------

UPDATE
Scanner klaar, hier het log


Zoek.exe Version 4.0.0.5 Updated 30-November-2013
Tool run by Wouter on wo 04-12-2013 at 9:48:23,34.
Microsoft Windows 7 Starter 6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wouter\Desktop\zoek.exe [Script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-04-083750.log 7347 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Ath_CopyHook {8e10a039-fe03-4f9c-b7e1-c5eeeaf53735} C:\Program Files\Bluetooth Suite\AthCopyHook.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files\FileZilla FTP Client\fzshellext.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\Bluetooth Suite\adminservice.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
C:\Program Files\Packard Bell\Registration\GREGsvc.exe
C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\PLFSetI.exe
C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Wouter\Desktop\zoek.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k secsvcs

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows 7 Starter Edition Service Pack 1 (Build 7601)
Memory (RAM): 1014 MB
CPU Info: Intel(R) Atom(TM) CPU N550 @ 1.50GHz
CPU Speed: 1505.7 MHz
Sound Card: Speakers (Realtek High Definiti |
Display Adapters: Intel(R) Graphics Media Accelerator 3150 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1024 X 600 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B95 Wireless Network Adapter | Atheros AR8152 PCI-E Fast Ethernet Controller (NDIS 6.20) | Hamachi Network Interface
CD / DVD Drives: No optical drives found.
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 2 Button Mouse Present
Hard Disks: C: 219.8GB | Q: 0.0MB
Hard Disks - Free: C: 163.9GB | Q: 0.0MB
Manufacturer *: Packard Bell
BIOS Info: AT/AT COMPATIBLE | 12/16/10 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer SJE02_PT
Country: Nederland
Language: NLD

==== System Specs (Software) ======================

Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16428
Mozilla Firefox version: 12.0 (x86 nl)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 9.5.0.270
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.117
Shockwave Player version: 12.0r112

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Wouter\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2013-12-03 07:19:16 FB0D1CC2911A0645DDA6C0608473EB55 34816 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-03 07:19:16 F9F114B2A6F876C92D317A755494F233 17142784 ----a-w- C:\Windows\System32\mshtml.dll
2013-12-03 07:19:16 F8DE2F74CD4323BABBDACAADD9A39254 112128 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-12-03 07:19:16 F862CD08F1AD4EE39BD506853F3C6103 16284 ----a-w- C:\Windows\System32\ieuinit.inf
2013-12-03 07:19:16 F7B6E341F4B1947BEC0E14EEBE3C627E 111616 ----a-w- C:\Windows\System32\IEAdvpack.dll
2013-12-03 07:19:16 F705F52FC41577641E82B9934728B02C 440832 ----a-w- C:\Windows\System32\ieui.dll
2013-12-03 07:19:16 EC7038154490E50ACD405A022F51B204 83456 ----a-w- C:\Windows\System32\inseng.dll
2013-12-03 07:19:16 D9F12F54E3B5A092F1D5F191F5286E53 337408 ----a-w- C:\Windows\System32\html.iec
2013-12-03 07:19:16 D6BC25D55501DE093757675B3B120867 208896 ----a-w- C:\Windows\System32\ie4uinit.exe
2013-12-03 07:19:16 CFCE4EFF1D6D909EE2EA3AFCB8F1E677 233472 ----a-w- C:\Windows\System32\url.dll
2013-12-03 07:19:16 C629D814E48CAA81E0D806BD7ECA98B8 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-12-03 07:19:16 C611C6ED5ECFE4608BA79472DFE3D49C 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2013-12-03 07:19:16 C3B0DBD04CC18574B0706CA119902474 367104 ----a-w- C:\Windows\System32\dxtmsft.dll
2013-12-03 07:19:16 C1A6E565B2782C09BC40AD749B46D9ED 71680 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2013-12-03 07:19:16 C17139EAF939964142C7A1AEEE02DC81 616104 ----a-w- C:\Windows\System32\ieapfltr.dat
2013-12-03 07:19:16 BE8B10D84DDD8F43A32EE013B54F5287 61952 ----a-w- C:\Windows\System32\iesetup.dll
2013-12-03 07:19:16 BC2C13A3B664B686DA52D558FE5502FC 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-12-03 07:19:16 B68750104FBA545C633B7E9AEA660208 2166272 ----a-w- C:\Windows\System32\iertutil.dll
2013-12-03 07:19:16 B5EB5BD3066959611E1F7A80FD6CC172 1818112 ----a-w- C:\Windows\System32\wininet.dll
2013-12-03 07:19:16 AE6A2C5ECD3E96556E22F12816842F60 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-12-03 07:19:16 AE254DBF16E3E3D7C35ED017B4B55EC6 4240384 ----a-w- C:\Windows\System32\jscript9.dll
2013-12-03 07:19:16 AD27563BC16AB1EAACAE3033E99C2F78 194048 ----a-w- C:\Windows\System32\elshyph.dll
2013-12-03 07:19:16 ABDFC692D9FE43E2BA8FE6CB5A8CB95A 13312 ----a-w- C:\Windows\System32\mshta.exe
2013-12-03 07:19:16 AB3B2CA52AFB695AFCDD2620A21E5B21 24576 ----a-w- C:\Windows\System32\licmgr10.dll
2013-12-03 07:19:16 9E170B0AF156B478BD2B1FD6A2250C9E 62464 ----a-w- C:\Windows\System32\tdc.ocx
2013-12-03 07:19:16 9B8701A380CEE1B05D651B4ED4048C8F 645120 ----a-w- C:\Windows\System32\jsIntl.dll
2013-12-03 07:19:16 9A33FDDD687A836A1FD478B43C5A95FD 151552 ----a-w- C:\Windows\System32\iexpress.exe
2013-12-03 07:19:16 887055A3C8DD6C87D200D11EAFDBD45B 74240 ----a-w- C:\Windows\System32\SetIEInstalledDate.exe
2013-12-03 07:19:16 83F49FD1BC0A999B006D564C540C7258 86016 ----a-w- C:\Windows\System32\iesysprep.dll
2013-12-03 07:19:16 81A605B0F3A29A117AB83A08D40F772F 1926656 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-12-03 07:19:16 809804D8AED97AEA96B3D4B66A4C5C70 553472 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-12-03 07:19:16 779E142FE2159935E78C0FA2E190FF1E 610304 ----a-w- C:\Windows\System32\jscript.dll
2013-12-03 07:19:16 71144A47CD02FDDC77DDF5EB5315767F 523776 ----a-w- C:\Windows\System32\msfeeds.dll
2013-12-03 07:19:16 6EB0B7301E00F717BD68A742D1391FAF 36352 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-03 07:19:16 6A92CEC8532056791C6832B2725D170D 139264 ----a-w- C:\Windows\System32\wextract.exe
2013-12-03 07:19:16 6A794439B6612E43FEDE0217C919B652 454656 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-03 07:19:16 6922D7ED84AE102504174922D5D42F49 238288 ----a-w- C:\Windows\System32\iedkcs32.dll
2013-12-03 07:19:16 64831CAD496A073398853A34A5813675 69632 ----a-w- C:\Windows\System32\mshtmled.dll
2013-12-03 07:19:16 5EC13202430A3EB68DFF44CF1FEEA2BE 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-03 07:19:16 5DFE55E0221F0C5FA4D6CECFA72B1D78 32768 ----a-w- C:\Windows\System32\iernonce.dll
2013-12-03 07:19:16 55969AADF0210A614700F89B48976F68 43008 ----a-w- C:\Windows\System32\msfeedsbs.dll
2013-12-03 07:19:16 53FC62C51CB18C9100A7DFAF2D2A6C47 12800 ----a-w- C:\Windows\System32\msfeedssync.exe
2013-12-03 07:19:16 4F032F1FDEFEA5EC8EEA3562643B5EE8 69120 ----a-w- C:\Windows\System32\icardie.dll
2013-12-03 07:19:16 4D4726D1AD5ED1590A62685F92900594 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-12-03 07:19:16 4BCC7EB5F20840DA67943BD86AE95735 56832 ----a-w- C:\Windows\System32\pngfilt.dll
2013-12-03 07:19:16 4A7956EE34BE56D20C54CF6A47693C25 43008 ----a-w- C:\Windows\System32\jsproxy.dll
2013-12-03 07:19:16 44D5C650C971910827EA65B4D989ED94 164864 ----a-w- C:\Windows\System32\msrating.dll
2013-12-03 07:19:16 433161597584186EF806EFC8EA530433 703488 ----a-w- C:\Windows\System32\ieapfltr.dll
2013-12-03 07:19:16 2EE1E467D73642AFDDB03019F58C252B 1156608 ----a-w- C:\Windows\System32\urlmon.dll
2013-12-03 07:19:16 2AF48780D879AFC43733159CB29CD8BD 1051136 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2013-12-03 07:19:16 298FDE634538B62CEEEC266D8773B21A 182272 ----a-w- C:\Windows\System32\msls31.dll
2013-12-03 07:19:16 1AFBAA54BDF637F69B8E02A5578286B0 116736 ----a-w- C:\Windows\System32\iepeers.dll
2013-12-03 07:19:16 14E18520903F925D296C8E29BDE6BD43 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-12-03 07:19:16 1200D9C7DB0ADC1B8143A0A9921BF7DA 127488 ----a-w- C:\Windows\System32\occache.dll
2013-12-03 07:19:16 08B56CF57B7CE44315034247CC76D0F1 244736 ----a-w- C:\Windows\System32\dxtrans.dll
2013-12-03 07:19:16 03B3541AE6986602CF9CB5B3AD169C33 208384 ----a-w- C:\Windows\System32\webcheck.dll
2013-12-03 07:19:15 22868FAAF9C851BFA924B8D7EDB6CBC1 11220992 ----a-w- C:\Windows\System32\ieframe.dll
2013-12-02 22:03:45 F1CD6E22E5AE5CEEB7712E546A5FC853 873384 ----a-w- C:\Windows\System32\npdeployJava1.dll
2013-12-02 22:03:45 9245D22DF0D9F8E21110FCEA6BF15E7E 796072 ----a-w- C:\Windows\System32\deployJava1.dll
2013-12-02 21:54:50 9223A2810B73069F4A03A636052EF14A 264616 ----a-w- C:\Windows\System32\javaws.exe
2013-12-02 21:54:21 DC1342498BEE7EF1646E9D63138B69CC 175016 ----a-w- C:\Windows\System32\javaw.exe
2013-12-02 21:54:21 9BF46C7F21E75FA0BB03AA93368CC66C 94632 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll
2013-12-02 21:54:21 658633D255FEF154EA1CB8705B4468C5 174504 ----a-w- C:\Windows\System32\java.exe
2013-11-24 21:02:58 F0D0E883EBBDC7615DC9EDEA0FFB2817 216576 ----a-w- C:\Windows\System32\FWPUCLNT.DLL
2013-11-24 21:02:58 B9C54120F46392100478F58F374E5709 679424 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-11-24 21:02:57 CE2A48CD0D2B39FB77FA4797C6434E71 656896 ----a-w- C:\Windows\System32\nshwfp.dll
2013-11-24 12:15:19 5A775CAE7CCCAC581C05B8D2C92C0DF1 305152 ----a-w- C:\Windows\System32\gdi32.dll
2013-11-24 12:15:14 EE7CB55F77465CDAC4C80F587FF7C278 1796096 ----a-w- C:\Windows\System32\authui.dll
2013-11-24 12:15:13 E9BB0CD09DA17C71FD1B9954D75AEEF7 168960 ----a-w- C:\Windows\System32\credui.dll
2013-11-24 12:15:13 4BCC63ED1C3D15B2635A8AE2B854B3EB 152576 ----a-w- C:\Windows\System32\SmartcardCredentialProvider.dll
2013-11-24 12:14:48 AA6F6457116B559B76BC6A012CB4C293 247808 ----a-w- C:\Windows\System32\schannel.dll
2013-11-24 12:14:47 EF6950D7B24AAF4E477065F5455DD4F8 1038848 ----a-w- C:\Windows\System32\lsasrv.dll
2013-11-24 12:14:47 BD6B9BC84D004C6BEE89CF7BDB95E1FC 99840 ----a-w- C:\Windows\System32\sspicli.dll
2013-11-24 12:14:47 AD7FB087A238883D1618F29F7BBBD584 220160 ----a-w- C:\Windows\System32\ncrypt.dll
2013-11-24 12:14:47 803B370865D907EA21DC0C2B6A8936B5 22016 ----a-w- C:\Windows\System32\lsass.exe
2013-11-24 12:14:47 372948BB5E41CE42341C4398DE572E56 22016 ----a-w- C:\Windows\System32\secur32.dll
2013-11-24 12:14:46 D89077E2E1C88A29C57F21FAD28DAC45 15872 ----a-w- C:\Windows\System32\sspisrv.dll
2013-11-24 11:59:35 CC09E0C9A2D89C6E71D093DC8BD121B7 1168384 ----a-w- C:\Windows\System32\crypt32.dll
====== C:\Windows\system32\drivers =====
2013-11-24 12:14:48 D7C760D57B1656DD748B9E4AB6CB5A51 136640 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2013-11-24 12:14:48 85449EEBE8F8EBD6481EFBF0F352B4EB 369848 ----a-w- C:\Windows\System32\drivers\cng.sys
2013-11-24 12:14:47 F286830298323272260332D6ABC905C1 67520 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2013-11-22 17:27:04 34BB4B6F0861419564414106D40A33BB 414 ----a-w- C:\Windows\Tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-12-02 21:55:01 -------- d-----w- C:\Program Files\Common Files\Java
======= C: =====
====== C:\Users\Wouter\AppData\Roaming ======
====== C:\Users\Wouter ======
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-02 21:51:46 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2013-12-03 20:40:39 6D237958C0BF89BD069639235BCC93A5 4687720 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.16 Memoriaalboeking.exe
2013-12-03 20:35:56 6C6F28D6063A37D0D2A73A943D5947F6 1841736 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Bankafschriften.exe
2013-12-03 20:33:26 69A42CF6E891E5243E114119D4F12A5F 2946232 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.15 Bankafschriften gereedmelden.exe
2013-12-03 20:28:28 9637E7F61C500FFAC492DEA9C625D0F8 3852912 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.14 Kasafschrift inboeken.exe
2013-12-03 20:21:18 F1B28512CB32FE0200E38751522F85B5 4841856 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.13 Bankafschriften inboeken.exe
2013-12-03 20:19:13 E7CA1540CCDF01DB446034D0CE6B9FB6 1946304 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.12 Soorten bankafschriften.exe
2013-12-03 20:06:17 CBD015EDA109C250ECEC8A2955586C34 1825568 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Inkoopfacturen.exe
2013-12-03 20:03:53 54B8F4199E38B1934C0AA4E7998360E8 2826008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.11 Inkoopfactuur gereedmelden.exe
2013-12-03 20:00:40 62B2EF00EE1267AEB0BABDEA87CDB07A 2582904 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.10 Inkoopfactuur met gecombineerde btw.exe
2013-12-03 19:56:56 D4AED828E041F5C6D1FDAD99903C8ECA 2778672 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.09 Inkoopfactuur met meerdere ksoorten.exe
2013-12-03 19:52:06 BA47CABCB5E001E1DD9121FE7AA132A1 3298944 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.08 Inkoopfactuur met 1 kostensoort.exe
2013-12-03 19:50:04 2D163FCB72906CAF7C6E03116A0DB8BB 2619296 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.07 Relatiekaart Crediteur Aanpassen.exe
2013-12-03 19:46:00 B28CED7A44CA81FD9B2C92C1883BE825 1854960 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\Kenniszone Verkoopfacturen.exe
2013-12-03 19:41:20 221C0BB39283DFD4A8262771148CFFA5 3073376 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.06 Klantrekening factureren en gereedmelden.exe
2013-12-03 19:36:47 3DC0AE374544116E8E9BC5E60CF51551 2975616 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.05 Klantrekening aanmaken.exe
2013-12-03 19:34:05 6F3AD8FAC5A8B323B9D515ED82BD0570 2908008 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.03 Verkoopfactuur gereedmelden.exe
2013-12-03 19:30:15 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (2).exe
2013-12-03 17:21:56 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels (1).exe
2013-12-03 17:21:50 7AD7C4F11B6A1D152115A8F8B6049AF6 2732984 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.02 Multiselect invoeren factuurregels.exe
2013-12-03 17:10:35 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken (1).exe
2013-12-03 17:09:30 603B5878A1D849D0B3F40A135EF31699 4373408 ----a-w- C:\Users\Uhh.. gewoon TY\Downloads\4.01 Verkoopfactuur aanmaken en afdrukken.exe
2013-12-03 07:19:16 ED45D1C3FDA215374FBCFC161A57AA80 467456 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2013-12-03 07:19:16 CC02FE4520CA886508069245D9A6962F 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2013-12-03 07:19:16 C8A8321292A459B0A17FB39A782A5C74 806096 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2013-12-03 07:19:16 7F7F391491C315A4A72EFCAC0D34FA93 25600 ----a-w- C:\Program Files\Internet Explorer\ExtExport.exe
2013-12-03 07:19:16 2AFAE62B727EE7190450D4A14C287422 359632 ----a-w- C:\Program Files\Internet Explorer\iediagcmd.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Microsoft Default Manager"="C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"OMEA"="C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
"Acer ePower Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"ConnectionCenter"="C:\Program Files\Citrix\ICA Client\concentr.exe /startup"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
"TkBellExe"="C:\Program Files\Real\RealPlayer\update\realsched.exe -osboot"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\AthBtTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Bluetooth Suite\\BtvStack.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Wouter\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VideoWebCamera]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VideoWebCamera"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\VideoWebCamera\\VideoWebCamera.exe\" -a"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Wouter\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Wouter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
"path"="C:\\Users\\Wouter\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 3.3 "


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [11-10-2013 21:18]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [09-05-2013 19:45]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA.job --a------ C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe [23-08-2011 16:59]
C:\Windows\tasks\ReclaimerResumeInstall_Uhh.. gewoon TY.job --a------ C:\Users\Uhh.. gewoon TY\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.70\agent\rnupgagent.exe [22-11-2013 18:25]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000Core" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-1099594845-3035903562-227543811-1000UA" [C:\Users\Wouter\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1099594845-3035903562-227543811-1001" [C:\Program Files\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\ProgramData 0-6 Months Old ======================

No folders found aged 0-6 months

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{34712C68-7391-4c47-94F3-8F88D49AD632}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [21-02-2013 22:24]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3h8gn7yi.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}

ProfilePath: C:\Users\Uhh.. gewoon TY\AppData\Roaming\Mozilla\Firefox\Profiles\uq3b9dcb.default
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

ProfilePath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
- Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default
C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
6768C724599214E4F9ADD9F8FF5097EB - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U45
F1CD6E22E5AE5CEEB7712E546A5FC853 - C:\Windows\system32\npdeployJava1.dll - Java Deployment Toolkit 7.0.450.18
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft Windows Media Player Firefox Plugin
9A6101F29E2E9D41B99CBCC8F106E8FE - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL - 2007 Microsoft Office system
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll - Adobe Acrobat
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft Windows Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29-11-2012 20:35]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[21-09-2011 08:35]

Google Docs - Uhh.. gewoon TY - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Uhh.. gewoon TY - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Uhh.. gewoon TY - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Uhh.. gewoon TY - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
RealDownloader - Uhh.. gewoon TY - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Uhh.. gewoon TY - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Uhh.. gewoon TY - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Uhh.. gewoon TY - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Wouter - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Wouter - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Wouter - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Wouter - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Wouter - Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
RealDownloader - Wouter - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Skype Click to Call - Wouter - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - Wouter - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Wouter - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://packardbell.msn.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== HijackThis Entries ======================

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [ETDCtrl] %ProgramFiles%\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [OMEA] "C:\Program Files\PackardBellXSync\Deployment\Functions\{AA58F999-6D97-42c2-A69F-8CC04D18D944}\OMEA.exe"
O4 - HKLM\..\Run: [Acer ePower Management] C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~4\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files\Bluetooth Suite\adminservice.exe
O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files\Launch Manager\dsiwmis.exe
O23 - Service: Acer ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GREGService - Acer Incorporated - C:\Program Files\Packard Bell\Registration\GREGsvc.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Updater Service - Acer Group - C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Uhh.. gewoon TY\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Wouter\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\3h8gn7yi.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Uhh.. gewoon TY\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wouter\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 04-12-2013 at 10:27:55,62 ======================


Even ter info, de waslijst aan .exe downloads (4.16 Memoriaalboeking.exe etc.) klopt allemaal, is van een software cursus.
 
Re: Win7 starter netbook vertraagd

Even ter info, de waslijst aan .exe downloads (4.16 Memoriaalboeking.exe etc.) klopt allemaal, is van een software cursus.
Daar kan je beter een eigen map voor aan maken, sommige schoonmaak programma's legen je downloads ook wel eens.

Verder zie niet echt iets raars in je logje.


Download
adwcleaner.png
AdwCleaner by Xplode naar het bureaublad.
  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner om hem te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
  • Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op Scan.
  • Klik vervolgens op Clean als er items zijn gevonden.
  • Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[R1].txt
Post aansluitend de inhoud van dit log in je volgende bericht.
 
Re: Win7 starter netbook vertraagd

Bedankt voor de tip, zal er een mapje voor aanmaken ja.

De AdwCleanerlog:

# AdwCleaner v3.014 - Report created 04/12/2013 at 11:08:38
# Updated 01/12/2013 by Xplode
# Operating System : Windows 7 Starter Service Pack 1 (32 bits)
# Username : Wouter - WOUTER-PC
# Running from : C:\Users\Wouter\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v12.0 (nl)

[ File : C:\Users\Wouter\AppData\Roaming\Mozilla\Firefox\Profiles\f30v6k72.default\prefs.js ]


[ File : C:\Users\Uhh.. gewoon TY\AppData\Roaming\Mozilla\Firefox\Profiles\uq3b9dcb.default\prefs.js ]


[ File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\3h8gn7yi.default\prefs.js ]


-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Wouter\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Uhh.. gewoon TY\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1490 octets] - [04/12/2013 11:05:11]
AdwCleaner[S0].txt - [1417 octets] - [04/12/2013 11:08:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1477 octets] ##########

Volgens mij niet heel veel interessants.
Hadden jullie niet ook een tooltje waarmee je de status van Java en Adobe zooi kon checken? Updaten van Adobe bagger gaat niet altijd even soepel hier.

Nogmaals bedankt, top hulp :)
 
Re: Win7 starter netbook vertraagd

Hallo,

Alleen een paar restanten;

Download
5207507eb6836-SecurityCheck_cannednieuw.jpg
Security Check
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
TFC opstarten:
  • Windows 2000 en Windows XP: dubbelklik op TFC.exe.
  • Windows Vista, Windows 7 en Windows 8 rechtsklik op TFC.exe en kies "Als Administrator uitvoeren".
  • Let op de instrukties in het zwarte venster.
  • Een Kladblok document genaamd checkup.txt dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
  • Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.
Post de inhoud van checkup.txt in jouw volgende post.
 
Re: Win7 starter netbook vertraagd

Results of screen317's Security Check version 0.99.77
Windows 7 Service Pack 1 x86 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
CCleaner
Java 7 Update 45
Adobe Flash Player 11.9.900.117
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 12.0 Firefox out of Date!
Google Chrome 30.0.1599.101
Google Chrome 31.0.1650.57
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Hijs wel al wat sneller geworden trouwens, zal ook komen door de grote CCleaner schoonmaakactie gisteravond (iets van 1.2gb eraf : ) )
 
Re: Win7 starter netbook vertraagd

Hallo,

Je ziet wat je moet updaten;
Verwijder daarna de gebruikte programma's en doe het volgende;

Download Defraggler
Zorg er wel voor dat je tijdens de installatie het vinkje weg haalt bij "Install optional Yahoo! Toolbar"
Klik bij Schijf op de schijf waar je Windows op hebt genstalleerd.
Kies vervolgens voor Defragmenteer
Zeker de eerste keer zal dit proces tijd vergen!
LET OP: Zij die een ssd disk in het systeem hebben, mogen te nimmer defragmenteren!
 
Re: Win7 starter netbook vertraagd

Retelange defragmentatie, maar was het waard. Laptop is weer heel stuk sneller!

Super bedankt! :)
(mag een slotje oid op)
 
Re: Win7 starter netbook vertraagd

Hallo,

Dat is mooi, bedankt en graag gedaan :biggrin:

Dan gaat deze op slot.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan