Ga naar inhoud

PC is erg traag.


Aanbevolen berichten

Download zoek.exe naar het bureaublad.

  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
    (hier of hier) kan je lezen hoe je dat doet.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

 
startupall; 
filesrcm; 

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.

    • Running processes
    • Installed Programs
    • HijackThis Log
    • Firefox Look
    • Chrome Look
    • System Specs
    • Silent Runners
    • Firefox Defaults
    • Reset Chrome
    • Reset IE proxy
    • Empty Temp Folders
    • System Restore Point
    • System Restore Info
    • Reset System Restore
    • Shortcut Fix
    • IE Defaults
    • Reset Hosts
    • Auto Clean

    [*] Klik daarna op de knop "Run script".

    [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

    [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

    [*] Post nu de inhoud van het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

  • Reacties 311
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Beste reacties in dit topic

Geplaatste afbeeldingen

Het is gelukt.

Zoek.exe Version 4.0.0.2 Updated 08-April-2013

Tool run by Wilma on do 11-04-2013 at 22:46:59,10.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

==== System Restore Info ======================

11-4-2013 22:52:00 Zoek.exe System Restore Point Created Succesfully.

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskhost.exe

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Windows\system32\PSIService.exe

C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Google\Update\1.3.21.135\GoogleCrashHandler.exe

C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\EMET\EMET_notifier.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\MyTomTom 3\MyTomTomSA.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\iPod\bin\iPodService.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\SearchIndexer.exe

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Users\Wilma\Desktop\zoek (1).exe

C:\Windows\system32\conhost.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

c:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2375090405-1869871859-1792986959-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D555420C-1D95-4C32-B9D7-75328A471086} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

Update for Microsoft Office 2007 (KB2508958)

Aangifte inkomstenbelasting 2008

Aangifte inkomstenbelasting 2009

Aangifte inkomstenbelasting 2010

Aangifte inkomstenbelasting 2011

Aangifte inkomstenbelasting 2012

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 10 Plugin

Adobe Flash Player 11 ActiveX

Adobe Reader X (10.1.6) - Nederlands

Adobe Shockwave Player 11.5

Aldfaer

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Bonjour

CCleaner

Compatibiliteitspakket voor het 2007 Microsoft Office system

Corel MediaOne

CorelDRAW Essential Edition 3

CyberLink LabelPrint

CyberLink Power2Go

CyberLink PowerDVD Copy

D3DX10

Delta Chrome Toolbar

EMET

EPSON Scan

EPSON SX420W Series Printer Uninstall

Glary Utilities 2.50.0.1632

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HiJackThis

iCloud

Intel® Rapid Storage Technology

iTunes

Java 7 Update 17

Java Auto Updater

Java 6 Update 18

Junk Mail filter update

Malwarebytes Anti-Malware versie 1.75.0.1300

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Access MUI (Dutch) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (Dutch) 2007

Microsoft Office File Validation Add-In

Microsoft Office Groove MUI (Dutch) 2007

Microsoft Office InfoPath MUI (Dutch) 2007

Microsoft Office OneNote MUI (Dutch) 2007

Microsoft Office Outlook Connector

Microsoft Office Outlook MUI (Dutch) 2007

Microsoft Office PowerPoint MUI (Dutch) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proofing (Dutch) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Publisher MUI (Dutch) 2007

Microsoft Office Shared MUI (Dutch) 2007

Microsoft Office Word MUI (Dutch) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft SkyDrive

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Microsoft Works 2003 Setup starten

Microsoft Works 7.0

Movie Maker

MSVCRT

MSVCRT110

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyTomTom 3.2.0.906

NL

NVIDIA Display Control Panel

NVIDIA Drivers

NVIDIA PhysX

OGA Notifier 2.0.0048.0

Photo Common

Photo Gallery

Printer EPSON SX430 Series verwijderen

QuickTime

Realtek High Definition Audio Driver

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition

Skype Click to Call

SkypeT 6.3

Spelling Dictionaries Support For Adobe Reader 9

Spybot - Search & Destroy

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

TeamViewer 8

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2768021) 32-Bit Edition

Update Manager

Update voor Microsoft Office Excel 2007 Help (KB963678)

Update voor Microsoft Office Powerpoint 2007 Help (KB963669)

Update voor Microsoft Office Word 2007 Help (KB963665)

Visual Studio C++ 10.0 Runtime

Windows Live Communications Platform

Windows Live Essentials

Windows Live Family Safety

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

==== Reset Hosts File ======================

# Copyright © 1993-2006 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

# 102.54.94.97 rhino.acme.com # source server

# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handle within DNS itself.

127.0.0.1 localhost

::1 localhost

==== FireFox Fix ======================

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 3064 MB

CPU Info: Intel® Core i3 CPU 530 @ 2.93GHz

CPU Speed: 2996,0 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek HDMI Output (Realtek Hi |

Realtek Digital Output (Realtek |

Display Adapters: NVIDIA GeForce GT 330 | NVIDIA GeForce GT 330 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; SyncMaster 203B/206B, SyncMaster Magic CX203B(Analog) |

Screen Resolution: 1024 X 768 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter | Realtek PCIe GBE Family Controller

CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH22NS50

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 910,4GB | D: 20,0GB | F: 465,5GB

Hard Disks - Free: C: 870,4GB | D: 10,9GB | F: 267,5GB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 12/11/09 | MEDION - 20091211

Time Zone: West-Europa (standaardtijd)

Motherboard *: MEDIONPC MS-7616

Sun Java version: 1.7.0_17

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-04-10 17:49:00 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2013-04-10 17:49:00 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2013-04-10 17:49:00 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2013-04-10 17:49:00 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2013-04-10 17:49:00 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

2013-03-20 12:27:26 815372073DA85B2098A37DED84083C8A 2560 ----a-w- C:\Windows\_MSRSTRT.EXE

====== C:\Users\Wilma\AppData\Local\Temp ====

====== C:\Windows\system32 =====

====== C:\Windows\system32\drivers =====

2013-04-09 21:06:49 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys

2013-03-26 15:34:53 FE8A57C8E04EDD3AA8ADD8F3C8F65297 15872 ----a-w- C:\Windows\System32\drivers\usb8023.sys

2013-03-26 15:34:53 AF77716205C97E902E6C5B78DECE2CCA 15872 ----a-w- C:\Windows\System32\drivers\usb8023x.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-04-11 11:40:18 -------- d-----w- C:\Program Files\Common Files\Skype

======= C: =====

====== C:\Users\Wilma\AppData\Roaming ======

2013-04-10 18:01:18 -------- d-----w- C:\users\Wilma\AppData\Local\temp

2013-04-10 18:01:18 -------- d-----w- C:\users\Public\AppData\Local\temp

2013-04-10 18:01:18 -------- d-----w- C:\users\Default\AppData\Local\temp

2013-04-10 18:01:18 -------- d-----w- C:\users\Default User\AppData\Local\temp

2013-04-09 21:15:22 -------- d-----w- C:\users\Wilma\AppData\Local\ElevatedDiagnostics

====== C:\Users\Wilma ======

2013-04-10 18:01:18 -------- d-----w- C:\Users\Public\AppData

====== C: exe-files ==

2013-04-11 17:59:44 F11A39D8756B83610255FAD575204178 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$IS3OHTR.exe

2013-04-11 17:59:39 49C6626ABDFAD537F9749BDF01FE90B8 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$IAPP2GU.exe

2013-04-11 17:59:11 CFF73F4A5493821D722B23306F4C69E4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$IX67K5W.exe

2013-04-11 17:40:39 F4ABF9BC21EDEFB6EBBE14C26D6D6536 1267192 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$RX67K5W.exe

2013-04-11 17:39:42 F4ABF9BC21EDEFB6EBBE14C26D6D6536 1267192 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$RAPP2GU.exe

2013-04-11 17:35:55 F4ABF9BC21EDEFB6EBBE14C26D6D6536 1267192 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$RS3OHTR.exe

2013-04-10 17:49:00 F042EE4C8D66248D9B86DCF52ABAE416 256000 ----a-w- C:\Windows\PEV.exe

2013-04-10 17:49:00 9E05A9C264C8A908A8E79450FCBFF047 80412 ----a-w- C:\Windows\grep.exe

2013-04-10 17:49:00 5E832F4FAF5F481F2EAF3B3A48F603B8 68096 ----a-w- C:\Windows\zip.exe

2013-04-10 17:49:00 0297C72529807322B152F517FDB0A9FC 406528 ----a-w- C:\Windows\SWSC.exe

2013-04-10 17:49:00 0277C027A26428DB64EF4F64F52BB4FD 208896 ----a-w- C:\Windows\MBR.exe

2013-04-10 11:00:59 AA964645D3A987CA87186A36DFFBF28D 5677408 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\26.0.1410.64\26.0.1410.64_26.0.1410.43_chrome_updater.exe

=== C: other files ==

2013-04-11 17:59:47 C0488D8B767E6DE42A5320DBE611C1E4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$INRDRG1.zip

2013-04-11 17:35:47 DF4B670D54D48518F3EA232B398BB1DC 1262746 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2375090405-1869871859-1792986959-1000\$RNRDRG1.zip

2013-04-09 21:06:49 0DB7527DB188C7D967A37BB51BBF3963 40776 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys

======== System Restore Points ========

No Restore Point in System.

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2375090405-1869871859-1792986959-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAStorIcon"="C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe"

"CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"EMET Notifier"="C:\Program Files\EMET\EMET_notifier.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"

"MyTomTomSA.exe"="C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Folders ======================

2012-06-11 08:29:28 1288 ----a-w- C:\users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 20:57]

C:\Windows\tasks\GlaryInitialize.job --a------ C:\Program Files\Glary Utilities\initialize.exe [22-10-2012 13:45]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-08-2012 11:52]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-08-2012 11:52]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Wilma\AppData\Roaming\Delta\delta.crx[]

hahpjplbmicfkmoccokbjejahjjpnena - C:\Users\Wilma\AppData\Local\B1E\B1Tool.crx[31-01-2013 22:43]

Docs - Wilma - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Wilma - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Wilma - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Wilma - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Improved Search - Wilma - Default\Extensions\hahpjplbmicfkmoccokbjejahjjpnena

Gmail - Wilma - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Start Page Before"="http://g.live.com/1rewlive4startup/home"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.msn.com/"

"Start Page Before"="http://www.msn.com/"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner.exe

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

==== shortcuts in Users Start Menu ======================

C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Wilma\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware Help.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\chameleon.chm

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files\Microsoft Silverlight\5.1.20125.0\Silverlight.Configuration.exe

==== Reset IE Proxy ======================

Value(s) before fix:

"ProxyOverride"="*.local"

"ProxyEnable"=dword:00000000

Value(s) after fix:

"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

==== HijackThis Entries ======================

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"

O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [EMET Notifier] C:\Program Files\EMET\EMET_notifier.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files\MyTomTom 3\MyTomTomSA.exe"

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MIF5BA~1\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe

O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe

O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

==== Silent Runners ======================

"Silent Runners.vbs", revision 69, Silent Runners - Adware? Disinfect, don't reformat!

Output limited to non-default values, except where indicated by "{++}"

Startup items buried in registry:

---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}

Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [MS]

MyTomTomSA.exe = "C:\Program Files\MyTomTom 3\MyTomTomSA.exe" [TomTom]

Skype = "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun [skype Technologies S.A.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++}

IAStorIcon = C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [null data]

CLMLServer = "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" [CyberLink]

RtHDVCpl = C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s [Realtek Semiconductor]

GrooveMonitor = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [MS]

MSC = "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [MS]

Adobe ARM = "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [Adobe Systems Incorporated]

EMET Notifier = C:\Program Files\EMET\EMET_notifier.exe [null data]

APSDaemon = "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [Apple Inc.]

QuickTime Task = "C:\Program Files\QuickTime\QTTask.exe" -atboottime [Apple Inc.]

iTunesHelper = "C:\Program Files\iTunes\iTunesHelper.exe" [Apple Inc.]

SunJavaUpdateSched = "C:\Program Files\Common Files\Java\Java Update\jusched.exe" [sun Microsystems, Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\

{18DF081C-E8AD-4283-A596-FA578C2EBDC3}\(Default) = AcroIEHelperStub

-> {HKLM.CLSID} = Adobe PDF Link Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [Adobe Systems Incorporated]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E}\(Default) = (no title provided)

-> {HKLM.CLSID} = Groove GFS Browser Helper

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)

-> {HKLM.CLSID} = Java Plug-In SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\ssv.dll [Oracle Corporation]

{9030D464-4C02-4ABF-8ECC-5164760863C6}\(Default) = (no title provided)

-> {HKLM.CLSID} = Windows Live ID Sign-in Helper

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [MS]

{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)

-> {HKLM.CLSID} = Google Toolbar Helper

\InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.]

{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}\(Default) = SkypeIEPluginBHO

-> {HKLM.CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{DBC80044-A445-435b-BC74-9C25C1C588A9}\(Default) = (no title provided)

-> {HKLM.CLSID} = Java Plug-In 2 SSV Helper

\InProcServer32\(Default) = C:\Program Files\Java\jre7\bin\jp2ssv.dll [Oracle Corporation]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\

SkyDrive1\(Default) = {F241C880-6982-4CE5-8CF7-7085BA96DA5A}

-> {HKCU.CLSID} = UpToDateOverlayHandler Class

\InProcServer32\(Default) = C:\Users\Wilma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]

SkyDrive2\(Default) = {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}

-> {HKCU.CLSID} = SyncingOverlayHandler Class

\InProcServer32\(Default) = C:\Users\Wilma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]

SkyDrive3\(Default) = {BBACC218-34EA-4666-9D7A-C78F2274A524}

-> {HKCU.CLSID} = ErrorOverlayHandler Class

\InProcServer32\(Default) = C:\Users\Wilma\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll [MS]

Groove Explorer Icon Overlay 1 (GFS Unread Stub)\(Default) = {99FD978C-D287-4F50-827F-B2C658EDA8E7}

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 2 (GFS Stub)\(Default) = {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC}

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)\(Default) = {920E6DB1-9907-4370-B3A0-BAFC03D81399}

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 3 (GFS Folder)\(Default) = {16F3DD56-1AF5-4347-846D-7C10C4192619}

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Groove Explorer Icon Overlay 4 (GFS Unread Mark)\(Default) = {2916C86E-86A6-43FE-8112-43ABE6BF8DCC}

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\

{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} = Microsoft Office Metadata Handler

-> {HKLM.CLSID} = Microsoft Office Metadata Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} = Microsoft Office Thumbnail Handler

-> {HKLM.CLSID} = Microsoft Office Thumbnail Handler

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll [MS]

{A70C977A-BF00-412C-90B7-034C51DA2439} = NvCpl DesktopContext Class

-> {HKLM.CLSID} = DesktopContext Class

\InProcServer32\(Default) = C:\Windows\system32\nvcpl.dll [NVIDIA Corporation]

{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} = NVIDIA Play On My TV Context Menu Extension

-> {HKLM.CLSID} = NVIDIA CPL Context Menu Extension

\InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

{FFB699E0-306A-11d3-8BD1-00104B6F7516} = Play on my TV helper

-> {HKLM.CLSID} = NVIDIA CPL Extension

\InProcServer32\(Default) = C:\Windows\system32\nvcpl.dll [NVIDIA Corporation]

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} = Groove GFS Browser Helper

-> {HKLM.CLSID} = Groove GFS Browser Helper

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} = Groove GFS Explorer Bar

-> {HKLM.CLSID} = Groove Folder Synchronization

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{A449600E-1DC6-4232-B948-9BD794D62056} = Groove GFS Stub Icon Handler

-> {HKLM.CLSID} = Groove GFS Stub Icon Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook

-> {HKLM.CLSID} = Groove GFS Stub Execution Hook

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{6C467336-8281-4E60-8204-430CED96822D} = Groove GFS Context Menu Handler

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{387E725D-DC16-4D76-B310-2C93ED4752A0} = Groove XML Icon Handler

-> {HKLM.CLSID} = Groove XML Icon Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{16F3DD56-1AF5-4347-846D-7C10C4192619} = Groove Explorer Icon Overlay 3 (GFS Folder)

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 3 (GFS Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} = Groove Explorer Icon Overlay 2 (GFS Stub)

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 2 (GFS Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 4 (GFS Unread Mark)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{99FD978C-D287-4F50-827F-B2C658EDA8E7} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 1 (GFS Unread Stub)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{920E6DB1-9907-4370-B3A0-BAFC03D81399} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

-> {HKLM.CLSID} = Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

{0006F045-0000-0000-C000-000000000046} = Microsoft Office Outlook Custom Icon Handler

-> {HKLM.CLSID} = Outlook File Icon Extension

\InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\OLKFSTUB.DLL [MS]

{00020D75-0000-0000-C000-000000000046} = Microsoft Office Outlook Desktop Icon Handler

-> {HKLM.CLSID} = Microsoft Office Outlook

\InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\MLSHEXT.DLL [MS]

{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search

-> {HKLM.CLSID} = Microsoft Office OneNote Namespace Extension for Windows Desktop Search

\InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\ONFILTER.DLL [MS]

{42042206-2D85-11D3-8CFF-005004838597} = Microsoft Office HTML Icon Handler

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\msohevi.dll [MS]

{09A47860-11B0-4DA5-AFA5-26D86198A780} = EPP

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = c:\PROGRA~1\MI8079~1\shellext.dll [MS]

{72923739-5A47-40A3-9895-25AF0DFBB9E4} = Glary Utilities Context Menu Shell Extension

-> {HKLM.CLSID} = Glary Utilities Context Menu Shell Extension

\InProcServer32\(Default) = C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL [Glarysoft Ltd]

{00F33137-EE26-412F-8D71-F84E4C2C6625} = (no title provided)

-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} = Windows Live Photo Gallery Viewer Drop Target Shim

-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} = Windows Live Photo Gallery Editor Drop Target Shim

-> {HKLM.CLSID} = Windows Live Photo Gallery Editor Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{00F30F90-3E96-453B-AFCD-D71989ECC2C7} = Windows Live Photo Gallery Autoplay Drop Target Shim

-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} = iTunes

-> {HKLM.CLSID} = iTunes

\InProcServer32\(Default) = C:\Program Files\iTunes\iTunesMiniPlayer.dll [Apple Inc.]

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\

<<!>> {B5A7F190-DDA6-4420-B3BA-52453494E6CD} = Groove GFS Stub Execution Hook

-> {HKLM.CLSID} = Groove GFS Stub Execution Hook

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Filter\

<<!>> text/xml\CLSID = {807563E5-5146-11D5-A672-00B0D022E945}

-> {HKLM.CLSID} = Microsoft Office InfoPath XML Mime Filter

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL [MS]

HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\

<<!>> grooveLocalGWS\CLSID = {88FED34C-F0CA-4636-A375-3CB6248B04CD}

-> {HKLM.CLSID} = Local Groove Web Services Protocol

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [MS]

<<!>> livecall\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files\Windows Live\Messenger\msgrapp.dll [MS]

<<!>> ms-help\CLSID = {314111c7-a502-11d2-bbca-00c04f8ec294}

-> {HKLM.CLSID} = HxProtocol Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll [MS]

<<!>> ms-itss\CLSID = {0A9007C0-4076-11D3-8789-0000F8105754}

-> {HKLM.CLSID} = Microsoft Infotech Storage Protocol for IE 4.0

\InProcServer32\(Default) = C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [MS]

<<!>> msnim\CLSID = {828030A1-22C1-4009-854F-8E305202313F}

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = C:\Program Files\Windows Live\Messenger\msgrapp.dll [MS]

<<!>> skype-ie-addon-data\CLSID = {91774881-D725-4E58-B298-07617B9B86A8}

-> {HKLM.CLSID} = Skype IE add-on Pluggable Protocol

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

<<!>> skype4com\CLSID = {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}

-> {HKLM.CLSID} = IEProtocolHandler Class

\InProcServer32\(Default) = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL [skype Technologies]

<<!>> wlmailhtml\CLSID = {03C514A3-1EFB-4856-9F99-10D7BE1653C0}

-> {HKLM.CLSID} = Windows Live Mail HTML Asynchronous Pluggable Protocol Handler

\InProcServer32\(Default) = C:\Program Files\Windows Live\Mail\mailcomm.dll [MS]

<<!>> wlpg\CLSID = {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324}

-> {HKLM.CLSID} = Album Download IE Asynchronous Pluggable Protocol Interface

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll [MS]

HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = c:\PROGRA~1\MI8079~1\shellext.dll [MS]

Glary Utilities\(Default) = {72923739-5A47-40A3-9895-25AF0DFBB9E4}

-> {HKLM.CLSID} = Glary Utilities Context Menu Shell Extension

\InProcServer32\(Default) = C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL [Glarysoft Ltd]

PhotoStreamsExt\(Default) = {89D984B3-813B-406A-8298-118AFA3A22AE}

-> {HKLM.CLSID} = ContextMenuHandler Class

\InProcServer32\(Default) = C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [Apple Inc.]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\AllFilesystemObjects\shellex\ContextMenuHandlers\

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM.CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\

EPP\(Default) = {09A47860-11B0-4DA5-AFA5-26D86198A780}

-> {HKLM.CLSID} = (no title provided)

\InProcServer32\(Default) = c:\PROGRA~1\MI8079~1\shellext.dll [MS]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\Directory\Background\shellex\ContextMenuHandlers\

NvCplDesktopContext\(Default) = {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}

-> {HKLM.CLSID} = NVIDIA CPL Context Menu Extension

\InProcServer32\(Default) = C:\Windows\system32\nvshext.dll [NVIDIA Corporation]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\

{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = PDF Column Info

-> {HKLM.CLSID} = PDF Shell Extension

\InProcServer32\(Default) = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc.]

HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\

Glary Utilities\(Default) = {72923739-5A47-40A3-9895-25AF0DFBB9E4}

-> {HKLM.CLSID} = Glary Utilities Context Menu Shell Extension

\InProcServer32\(Default) = C:\PROGRA~1\GLARYU~1\CONTEX~1.DLL [Glarysoft Ltd]

MBAMShlExt\(Default) = {57CE581A-0CB6-4266-9CA0-19364C90A0B3}

-> {HKLM.CLSID} = MBAMShlExt Class

\InProcServer32\(Default) = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll [Malwarebytes Corporation]

XXX Groove GFS Context Menu Handler XXX\(Default) = {6C467336-8281-4E60-8204-430CED96822D}

-> {HKLM.CLSID} = Groove GFS Context Menu Handler

\InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

Group Policies {GPedit.msc branch and setting}:

-----------------------------------------------

Note: detected settings may not have any effect.

HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\

NoDrives = (REG_DWORD) dword:0x00000000

{unrecognized setting}

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\

DisableRegistryTools = (REG_DWORD) dword:0x00000000

{unrecognized setting}

Active Desktop and Wallpaper:

-----------------------------

Active Desktop may be disabled at this entry:

HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:

HKCU\Control Panel\Desktop\

Wallpaper = C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

Windows Portable Device AutoPlay Handlers

-----------------------------------------

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\

iTunesBurnCDOnArrival\

Provider = iTunes

InvokeProgID = iTunes.BurnCD

InvokeVerb = burn

HKLM\SOFTWARE\Classes\iTunes.BurnCD\shell\burn\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayBurn "%L" [Apple Inc.]

iTunesImportSongsOnArrival\

Provider = iTunes

InvokeProgID = iTunes.ImportSongsOnCD

InvokeVerb = import

HKLM\SOFTWARE\Classes\iTunes.ImportSongsOnCD\shell\import\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayImportSongs "%L" [Apple Inc.]

iTunesPlaySongsOnArrival\

Provider = iTunes

InvokeProgID = iTunes.PlaySongsOnCD

InvokeVerb = play

HKLM\SOFTWARE\Classes\iTunes.PlaySongsOnCD\shell\play\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /playCD "%L" [Apple Inc.]

iTunesShowSongsOnArrival\

Provider = iTunes

InvokeProgID = iTunes.ShowSongsOnCD

InvokeVerb = showsongs

HKLM\SOFTWARE\Classes\iTunes.ShowSongsOnCD\shell\showsongs\command\(Default) = "C:\Program Files\iTunes\iTunes.exe" /AutoPlayShowSongs "%L" [Apple Inc.]

MSLivePhotoAcqHWEventHandler\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = Microsoft.LivePhotoAcqHWEventHandler

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqHWEventHandler\CLSID\(Default) = {3BD0ACD1-71CA-4475-92CC-E0AA0AAF843F}

-> {HKLM.CLSID} = (no title provided)

\LocalServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [MS]

MSLivePhotoAcquireDropHandler\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.LivePhotoAcqDTShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.LivePhotoAcqDTShim.1\shell\open\DropTarget\CLSID = {00F33137-EE26-412F-8D71-F84E4C2C6625}

-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

MSLiveShowPicturesOnArrival\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

InvokeProgID = Microsoft.Photos.LiveAutoplayShim.1

InvokeVerb = open

HKLM\SOFTWARE\Classes\Microsoft.Photos.LiveAutoplayShim.1\shell\open\DropTarget\CLSID = {00F30F90-3E96-453B-AFCD-D71989ECC2C7}

-> {HKLM.CLSID} = Windows Live Photo Gallery Viewer Autoplay Shim

\InProcServer32\(Default) = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll [MS]

MSLiveVideoCameraArrivalCaptureWizard\

Provider = @%ProgramFiles%\Windows Live\Photo Gallery\regres.dll,-10

ProgID = WLXAutoPlayMgr.WLXHWEventHandler

InitCmdLine = WLXVideoAcquireWizard

HKLM\SOFTWARE\Classes\WLXAutoPlayMgr.WLXHWEventHandler\CLSID\(Default) = {9B5C97F6-B3A5-4A6D-8B03-993EC7291A22}

-> {HKLM.CLSID} = WLXWEventHandler Class

\LocalServer32\(Default) = "C:\Program Files\Windows Live\Photo Gallery\WLXVideoCameraAutoPlayManager.exe" [MS]

P2GCDBurningOnArrival\

Provider = Power2Go

InvokeProgID = BlankCD

InvokeVerb = OpenWithPower2Go

HKLM\SOFTWARE\Classes\BlankCD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.]

P2GDVDBurningOnArrival\

Provider = Power2Go

InvokeProgID = BlankDVD

InvokeVerb = OpenWithPower2Go

HKLM\SOFTWARE\Classes\BlankDVD\shell\OpenWithPower2Go\Command\(Default) = "C:\Program Files\CyberLink\Power2Go\Power2Go.exe" "%L" [CyberLink Corp.]

Power2GoPlayCDAudioOnArrival\

Provider = Power2Go

InvokeProgID = AudioCD

InvokeVerb = PlayWithPower2Go

HKLM\SOFTWARE\Classes\AudioCD\shell\PlayWithPower2Go\Command\(Default) = "C:\Program Files\CyberLink\Power2Go\Power2Go.exe" /AudioRipper "%L" [CyberLink Corp.]

WIA_{67D74704-3A20-48DA-8972-690A511AB900}\

Provider = EPSON Scan

CLSID = {A55803CC-4D53-404c-8557-FD63DBA95D24}

InitCmdLine = /WiaCmd;C:\Windows\twain_32\escndv\escndv.exe /StiDevice:%1 /StiEvent:%2;

-> {HKLM.CLSID} = WPDShextAutoplay

\LocalServer32\(Default) = C:\Windows\system32\WPDShextAutoplay.exe [MS]

Startup items in "Wilma" & "All Users" startup folders:

-------------------------------------------------------

C:\Users\Wilma\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup {++}

OneNote 2007 Schermopname en Snel starten -> shortcut to: C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE /tsr [MS]

Non-disabled Scheduled Tasks: {++}

-----------------------------

C:\Windows\System32\Tasks

Adobe Flash Player Updater -> launches: C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [Adobe Systems Incorporated]

CCleanerSkipUAC -> launches: "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0) [Piriform Ltd]

CreateChoiceProcessTask -> launches: C:\Windows\System32\browserchoice.exe /launch [MS]

GlaryInitialize -> launches: C:\Program Files\Glary Utilities\initialize.exe [Glarysoft Ltd]

GoogleUpdateTaskMachineCore -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /c [Google Inc.]

GoogleUpdateTaskMachineUA -> launches: C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler [Google Inc.]

Scheduled Update for Ask Toolbar -> launches: C:\Program Files\Ask.com\UpdateTask.exe [file not found]

User_Feed_Synchronization-{9F24D1D4-B737-42A8-910E-C05180C0A003} -> (HIDDEN!) launches: C:\Windows\system32\msfeedssync.exe sync [MS]

C:\Windows\System32\Tasks\Apple

AppleSoftwareUpdate -> launches: C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task [Apple Inc.]

C:\Windows\System32\Tasks\Microsoft\Microsoft Antimalware

MpIdleTask -> launches: c:\Program Files\Microsoft Security Client\MpCmdRun.exe -IdleTask -TaskName MpIdleTask [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Active Directory Rights Management Services Client

AD RMS Rights Policy Template Management (Manual) -> launches: {BF5CB148-7C77-4d8a-A53E-D81C70CF743C}

-> {HKLM.CLSID} = AD RMS Rights Policy Template Management (Manual) Task Handler

\InProcServer32\(Default) = C:\Windows\system32\msdrm.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Application Experience

AitAgent -> launches: aitagent [MS]

ProgramDataUpdater -> launches: %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Autochk

Proxy -> launches: %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Bluetooth

UninstallDeviceTask -> launches: BthUdTask.exe $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\CertificateServicesClient

SystemTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

-> {HKLM.CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

UserTask -> launches: {58fb76b9-ac85-4e55-ac04-427593b1d060}

-> {HKLM.CLSID} = Certificate Services Client Task Handler

\InProcServer32\(Default) = C:\Windows\system32\dimsjob.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program

Consolidator -> launches: %SystemRoot%\System32\wsqmcons.exe [MS]

KernelCeipTask -> (HIDDEN!) launches: {e7ed314f-2816-4c26-aeb5-54a34d02404c}

-> {HKLM.CLSID} = KernelCeipCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\kernelceip.dll [MS]

UsbCeip -> (HIDDEN!) launches: {c27f6b1d-fe0b-45e4-9257-38799fa69bc8}

-> {HKLM.CLSID} = UsbCeip

\InProcServer32\(Default) = C:\Windows\System32\usbceip.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Defrag

ScheduledDefrag -> launches: %windir%\system32\defrag.exe -c [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Diagnosis

Scheduled -> (HIDDEN!) launches: {c1f85ef8-bcc2-4606-bb39-70c523715eb3}

-> {HKLM.CLSID} = ScheduledDiagnosticCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\sdiagschd.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Location

Notifications -> launches: %windir%\System32\LocationNotifications.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance

WinSAT -> launches: {A9A33436-678B-4C9C-A211-7CC38785E79D}

-> {HKLM.CLSID} = WinSAT Task Manger Task

\InProcServer32\(Default) = C:\Windows\system32\WinSATAPI.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Media Center

ActivateWindowsSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [MS]

ConfigureInternetTimeService -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [MS]

DispatchRecoveryTasks -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [MS]

ehDRMInit -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [MS]

InstallPlayReady -> launches: %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [MS]

mcupdate -> launches: %SystemRoot%\ehome\mcupdate $(Arg0) [MS]

mcupdate_scheduled -> launches: %SystemRoot%\ehome\mcupdate -crl -hms -pscn 15 [MS]

MediaCenterRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [MS]

ObjectStoreRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [MS]

OCURActivate -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [MS]

OCURDiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [MS]

PBDADiscovery -> launches: %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [MS]

PBDADiscoveryW1 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [MS]

PBDADiscoveryW2 -> launches: %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [MS]

PvrRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [MS]

PvrScheduleTask -> launches: %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [MS]

RegisterSearch -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [MS]

ReindexSearchRoot -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [MS]

SqlLiteRecoveryTask -> launches: %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [MS]

StartRecording -> launches: %SystemRoot%\ehome\ehrec /StartRecording [MS]

UpdateRecordPath -> launches: %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MemoryDiagnostic

CorruptionDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}

-> {HKLM.CLSID} = MemoryDiagnosticCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

DecompressionFailureDetector -> (HIDDEN!) launches: {190BA3F6-0205-4f46-B589-95C6822899D2}

-> {HKLM.CLSID} = MemoryDiagnosticCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\memdiag.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MobilePC

HotStart -> launches: {06DA0625-9701-43da-BFD7-FBEEA2180A1E}

-> {HKLM.CLSID} = HotStart User Agent

\InProcServer32\(Default) = C:\Windows\System32\HotStartUserAgent.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\MUI

LPRemove -> launches: %windir%\system32\lpremove.exe [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia

SystemSoundsService -> launches: {2DEA658F-54C1-4227-AF9B-260AB5FC3543}

-> {HKLM.CLSID} = Microsoft PlaySoundService Class

\InProcServer32\(Default) = C:\Windows\System32\PlaySndSrv.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\NetTrace

GatherNetworkInfo -> launches: %windir%\system32\gatherNetworkInfo.vbs [null data]

C:\Windows\System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics

AnalyzeSystem -> launches: %SystemRoot%\System32\powercfg.exe -energy -auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RAC

RacTask -> (HIDDEN!) launches: {42060D27-CA53-41f5-96E4-B1E8169308A6}

-> {HKLM.CLSID} = ReliabilityAnalysisCustomHandler

\InProcServer32\(Default) = C:\Windows\system32\RacEngn.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Ras

MobilityManager -> launches: {c463a0fc-794f-4fdf-9201-01938ceacafa}

-> {HKLM.CLSID} = RasMobilityManager

\InProcServer32\(Default) = C:\Windows\system32\rasmbmgr.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Registry

RegIdleBackup -> (HIDDEN!) launches: {ca767aa8-9157-4604-b64b-40747123d5f2}

-> {HKLM.CLSID} = RegistryIdleBackupHandler

\InProcServer32\(Default) = C:\Windows\System32\regidle.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\RemoteAssistance

RemoteAssistanceTask -> (HIDDEN!) launches: %windir%\system32\RAServer.exe /offerraupdate [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SideShow

GadgetManager -> launches: {FF87090D-4A9A-4f47-879B-29A80C355D61}

-> {HKLM.CLSID} = GadgetsManager Class

\InProcServer32\(Default) = C:\Windows\System32\AuxiliaryDisplayServices.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore

SR -> launches: %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Task Manager

Interactive -> (HIDDEN!) launches: {855fec53-d2e4-4999-9e87-3414e9cf0ff4}

-> {HKLM.CLSID} = RunTask

\InProcServer32\(Default) = C:\Windows\system32\wdc.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip

IpAddressConflict1 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [MS]

IpAddressConflict2 -> launches: %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\TextServicesFramework

MsCtfMonitor -> (HIDDEN!) launches: {01575cfe-9a55-4003-a5e1-f38d1ebdcbe1}

-> {HKLM.CLSID} = MsCtfMonitor task handler

\InProcServer32\(Default) = C:\Windows\system32\MsCtfMonitor.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Time Synchronization

SynchronizeTime -> launches: %windir%\system32\sc.exe start w32time task_started [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\UPnP

UPnPHostConfig -> launches: sc.exe config upnphost start= auto [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WDI

ResolutionHost -> (HIDDEN!) launches: {900be39d-6be8-461a-bc4d-b0fa71f5ecb1}

-> {HKLM.CLSID} = DiagnosticInfrastructureCustomHandler

\InProcServer32\(Default) = C:\Windows\System32\wdi.dll [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Activation Technologies

ValidationTask -> (HIDDEN!) launches: %SystemRoot%\system32\Wat\WatAdminSvc.exe /run [MS]

ValidationTaskDeadline -> (HIDDEN!) launches: %SystemRoot%\system32\schtasks.exe /run /I /TN "\Microsoft\Windows\Windows Activation Technologies\ValidationTask" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting

QueueReporting -> launches: %windir%\system32\wermgr.exe -queuereporting [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Filtering Platform

BfeOnServiceStartTypeChange -> (HIDDEN!) launches: %windir%\system32\rundll32.exe bfe.dll,BfeOnServiceStartTypeChange [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\Windows Media Sharing

UpdateLibrary -> launches: "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [MS]

C:\Windows\System32\Tasks\Microsoft\Windows\WindowsBackup

AutomaticBackup -> launches: %systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup [MS]

Windows Backup Monitor -> launches: %systemroot%\system32\sdclt.exe /CHECKSKIPPED [MS]

C:\Windows\System32\Tasks\Microsoft\Windows Live\SOXE

Extractor Definitions Update Task -> launches: {3519154C-227E-47F3-9CC9-12C3F05817F1}

-> {HKLM.CLSID} = Windows Live Social Object Extractor Engine Definition Updater

\InProcServer32\(Default) = C:\Program Files\Windows Live\SOXE\wlsoxe.dll [MS]

C:\Windows\System32\Tasks\WPD

SqmUpload_S-1-5-21-2375090405-1869871859-1792986959-1000 -> (HIDDEN!) launches: %windir%\system32\rundll32.exe portabledeviceapi.dll,#1 [MS]

Winsock2 Service Provider DLLs:

-------------------------------

Namespace Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}

000000000001\LibraryPath = %SystemRoot%\system32\NLAapi.dll [MS]

000000000002\LibraryPath = %SystemRoot%\system32\napinsp.dll [MS]

000000000003\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000004\LibraryPath = %SystemRoot%\system32\pnrpnsp.dll [MS]

000000000005\LibraryPath = %SystemRoot%\System32\mswsock.dll [MS]

000000000006\LibraryPath = %SystemRoot%\System32\winrnr.dll [MS]

000000000007\LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll [Apple Inc.]

000000000008\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]

000000000009\LibraryPath = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [MS]

Transport Service Providers

HKLM\SYSTEM\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}

0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:

%SystemRoot%\system32\mswsock.dll [MS], 01 - 28

Toolbars, Explorer Bars, Extensions:

------------------------------------

Toolbars

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\

{2318C2B1-4965-11D4-9B18-009027A5CD4F} = (no title provided)

-> {HKLM.CLSID} = Google Toolbar

\InProcServer32\(Default) = C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [Google Inc.]

Explorer Bars

HKLM\SOFTWARE\Classes\CLSID\{2A541AE1-5BF6-4665-A8A3-CFA9672E4291}\(Default) = Groove Folder Synchronization

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [MS]

HKLM\SOFTWARE\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = &Onderzoeken

Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]

InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\

{219C3416-8CB2-491A-A3C7-D9FCDDC9D600}\

ButtonText = @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004

MenuText = @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003

CLSIDExtension = {5F7B1267-94A9-47F5-98DB-E99415F33AEC}

-> {HKLM.CLSID} = BlogThisToolbarButton Class

\InProcServer32\(Default) = C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll [MS]

{2670000A-7350-4F3C-8081-5663EE0C6C49}\

ButtonText = Verzenden naar OneNote

MenuText = Verz&enden naar OneNote

CLSIDExtension = {48E73304-E1D6-4330-914C-F5F514E3486C}

-> {HKLM.CLSID} = Send to OneNote from Internet Explorer button

\InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\ONBttnIE.dll [MS]

{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\

ButtonText = Skype Click to Call

CLSIDExtension = {898EA8C8-E7FF-479B-8935-AEC46303B9E5}

-> {HKLM.CLSID} = Skype Browser Helper

\InProcServer32\(Default) = C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [skype Technologies S.A.]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\

ButtonText = Research

BandCLSID = {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

-> {HKLM.CLSID} = &Onderzoeken

\InProcServer32\(Default) = C:\PROGRA~1\MIF5BA~1\Office12\REFIEBAR.DLL [MS]

Running Services (Display Name, Service Name, Path {Service DLL}):

------------------------------------------------------------------

Adobe Acrobat Update Service, AdobeARMservice, "C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe" [Adobe Systems Incorporated]

Apple Mobile Device, Apple Mobile Device, "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [Apple Inc.]

Bonjour-service, Bonjour Service, "C:\Program Files\Bonjour\mDNSResponder.exe" [Apple Inc.]

Intel® Rapid Storage Technology, IAStorDataMgrSvc, "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [null data]

iPod-service, iPod Service, "C:\Program Files\iPod\bin\iPodService.exe" [Apple Inc.]

Microsoft Antimalware Service, MsMpSvc, "c:\Program Files\Microsoft Security Client\MsMpEng.exe" [MS]

Microsoft Netwerkinspectie, NisSrv, "c:\Program Files\Microsoft Security Client\NisSrv.exe" [MS]

NVIDIA Display Driver Service, nvsvc, C:\Windows\system32\nvvsvc.exe [NVIDIA Corporation]

ProtexisLicensing, ProtexisLicensing, C:\Windows\system32\PSIService.exe [null data]

Skype C2C Service, Skype C2C Service, "C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe" [skype Technologies S.A.]

TeamViewer 8, TeamViewer8, "C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" [TeamViewer GmbH]

Windows Live ID Sign-in Assistant, wlidsvc, "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" [MS]

Safe Mode Drivers & Services (subkey name, subkey default value):

-----------------------------------------------------------------

HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\

<<!>> MsMpSvc, Service

HKLM\System\CurrentControlSet\Control\SafeBoot\Network\

<<!>> MsMpSvc, Service

Print Monitors:

---------------

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors\

EPSON SX420W Series 32MonitorBE\Driver = E_FLBGCE.DLL [sEIKO EPSON CORPORATION]

EPSON SX430 Series 32MonitorBE\Driver = E_FLBHAE.DLL [sEIKO EPSON CORPORATION]

Send To Microsoft OneNote Monitor\Driver = msonpmon.dll [MS]

==== Empty IE Cache ======================

C:\Users\Wilma\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Wilma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\users\Wilma\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Wilma\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Wilma\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

Link naar reactie
Delen op andere sites

Kan je eens bekijken of je volgende twee programma's kan vinden in Configuratischerm -> Software :

Delta Chrome Toolbar

Java 6 Update 18

Zo ja, mag je deze daar allebei verwijderen . En laat dan eens weten hoe de PC nu draait ?

Link naar reactie
Delen op andere sites

Download en installeer Speccy.

Tijdens de installatie heb je nu de mogelijkheid om Nederlands als taal te selecteren.

Wanneer, tijdens het installeren van Speccy, de optie aangeboden wordt om Google Chrome of Google Toolbar "gratis" mee te installeren dien je de vinkjes weg te halen, tenzij dit een bewuste keuze is.

Speccysetup_zps67a9e41f.png

Start nu het programma en er zal een overzicht gemaakt worden van je hardware.

Als dit gereed is selecteer je bovenaan " Bestand - Publiceer Snapshot " en vervolgens bevestig je die keuze met " Ja ".

In het venster dat nu opent krijg je een link te zien, kopieer nu die link en plak die in je volgende bericht. Zo krijgen we een gedetailleerd overzicht van je hardware icon_e_wink.gif

Link naar reactie
Delen op andere sites

Het valt me ook op dat hij de laatste dagen bij het afsluiten iedere keer updates gaat installeren.

Er zijn inderdaad een aantal updates op 10, 11 en 12 april maar het zijn telkens dezelfde updates.

Kijk eens na bij de updategeschiedenis of de updates niet mislukt zijn.

aangepast door kweezie wabbit
Link naar reactie
Delen op andere sites

De updates zijn idd meestal mislukt.

Windows is ook een keer onverwacht afgesloten. Het rapport zie je hieronder (ik weet niet of je daar iets aan hebt)

Probleemhandtekening:

Gebeurtenisnaam van probleem: BlueScreen

Versie van besturingssysteem: 6.1.7601.2.1.0.768.3

Landinstelling-id: 1043

Aanvullende informatie over dit probleem:

BCCode: 1000008e

BCP1: C0000005

BCP2: 8CA0658F

BCP3: A4740B00

BCP4: 00000000

OS Version: 6_1_7601

Service Pack: 1_0

Product: 768_1

Bestanden die helpen bij het beschrijven van het probleem:

C:\Windows\Minidump\041213-19796-01.dmp

C:\Users\Wilma\AppData\Local\Temp\WER-69108-0.sysdata.xml

Lees de onlineprivacyverklaring:

Windows 7 Privacyverklaring - Microsoft Windows

Als de onlineprivacyverklaring niet beschikbaar is, lees dan onze offlineprivacyverklaring:

C:\Windows\system32\nl-NL\erofflps.txt

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.