moederjeanne

Zoek.exe v5.0.0.1 Updated 21-December-2015 Tool run by moederjeanne on di 22-12-2015 at 20:06:37,90. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\moederjeanne\Desktop\map anti virussen\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2015-12-19-150758.log 52982 bytes C:\zoek-results2015-12-20-132520.log 8244 bytes ==== Empty Folders Check ====================== C:\Users\moederjeanne\AppData\Local\NetworkTiles deleted successfully C:\Users\ruth\AppData\Local\VirtualStore deleted successfully ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-12-09 19:57:37 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\MOEDER~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-12-17 09:07:40 DAE24406C99B03DE3070FCA7B8823C68 122352 ----a-w- C:\WINDOWS\SysWOW64\mantle32.dll 2015-12-17 09:07:40 B1414C449CDF025115DDA1DD58A77381 111088 ----a-w- C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-12-17 09:07:40 9A90866790368A9739F940C3AB854BE5 12784 ----a-w- C:\WINDOWS\SysWOW64\detoured.dll 2015-12-17 09:07:40 4B15FFE298E746FC8FE1718461C8527D 96752 ----a-w- C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-12-17 09:07:37 A6D47DE75D4DA8B345193FD2456A4386 3471376 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.cap 2015-12-17 09:07:28 AB2F45F4D17649F8F571CD4EFA5346EC 89584 ----a-w- C:\WINDOWS\SysWOW64\atisamu32.dll 2015-12-17 09:07:26 0A4ECF95D837EB9C7990FDAE92077765 25320432 ----a-w- C:\WINDOWS\SysWOW64\atioglxx.dll 2015-12-17 09:07:22 212E4467D3558D6CF999942FBF24249A 81160 ----a-w- C:\WINDOWS\SysWOW64\atimpc32.dll 2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-12-17 09:07:16 07722BE5C09F174DE3C857A384EB7A19 152560 ----a-w- C:\WINDOWS\SysWOW64\atieah32.exe 2015-12-17 09:07:10 91EE47E5F262066C4FE15FCC2AFA76D0 60912 ----a-w- C:\WINDOWS\SysWOW64\aticalrt.dll 2015-12-17 09:07:06 0D5F02309668BB18B09CC3018870A21D 14310896 ----a-w- C:\WINDOWS\SysWOW64\aticaldd.dll 2015-12-17 09:07:03 6C1E0FA435FF2BE03DAE57482D70229C 57840 ----a-w- C:\WINDOWS\SysWOW64\aticalcl.dll 2015-12-17 09:07:02 760A16CB68AA94B46C13E778E2C40C42 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-12-17 09:07:01 A7DC8E9EEAE4F4957DE450AC0C8FFCD0 68080 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2015-12-17 09:06:58 A400CFF0E7618D3C96E6D3FB5C657E6B 7683096 ----a-w- C:\WINDOWS\SysWOW64\amdxc32.dll 2015-12-17 09:06:57 7D5DED378BFDB41955AC460C4F396F1B 81160 ----a-w- C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-12-17 09:06:56 EBC93A124038127EAD6CD8F16558C26B 807424 ----a-w- C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-12-17 09:06:55 ECC282372DEB746231685280F96442DF 1004032 ----a-w- C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-12-17 09:06:36 4C2E47A3ED607193656C44974AEA4162 48112 ----a-w- C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-12-17 09:06:35 DB00A1EDAF063A00E715BC0D844A6C6B 5216240 ----a-w- C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-12-17 09:06:34 870A3E3F7F49E0F0EDA057DE539BAA5C 524272 ----a-w- C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-12-17 09:06:30 4DC0A8630E9C94AC559BDA738D228C2E 132080 ----a-w- C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-12-17 09:06:27 A373223DA7D8955471215CE5B1BDCD0B 198640 ----a-w- C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-12-17 09:06:25 75D082F60A62FD7FAA33C665307895BA 110320 ----a-w- C:\WINDOWS\SysWOW64\amdave32.dll 2015-12-09 19:57:58 19928365CF64B0883317A260E2E6377B 19323392 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-09 19:57:54 F9AB0E57957218B31E2959628C3C0997 18801664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-09 19:57:53 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-09 19:57:49 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-09 19:57:47 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-09 19:57:46 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-09 19:57:46 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-09 19:57:46 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2015-12-09 19:57:46 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-09 19:57:43 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-09 19:57:43 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2015-12-09 19:57:42 4900597B180D4A2755B9A6AD5D42A4C7 5455360 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-09 19:57:39 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll 2015-12-09 19:57:39 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\WINDOWS\SysWOW64\ninput.dll 2015-12-09 19:57:39 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\WINDOWS\SysWOW64\duser.dll 2015-12-09 19:57:39 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2015-12-09 19:57:38 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-09 19:57:36 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-12-09 19:57:35 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-09 19:57:35 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-09 19:57:34 BB14EE9FF8DCB98AAA9B1861A3F4DA5A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\SysWOW64\locale.nls 2015-12-09 19:57:32 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll 2015-12-09 19:57:30 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-09 19:57:30 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-09 19:57:30 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-09 19:57:30 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-09 19:57:29 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll 2015-12-09 19:57:25 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-12-22 19:03:35 49205A1F903A5F8B0AED4A6AB160FAE3 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_moederjeanne_HistoryPrediction.bin 2015-12-21 18:24:41 B4FC020FD0106F164F456523CC95553D 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_ruth_HistoryPrediction.bin 2015-12-17 09:07:40 DF432871A485FD77E6C90197BE0B637D 111600 ----a-w- C:\WINDOWS\Sysnative\hsa-thunk64.dll 2015-12-17 09:07:40 CE5A4E28D6423278DD8440404B6B5851 103408 ----a-w- C:\WINDOWS\Sysnative\mantleaxl64.dll 2015-12-17 09:07:40 9E881E4739C6BCAA98F2152CAFC3E059 136176 ----a-w- C:\WINDOWS\Sysnative\mantle64.dll 2015-12-17 09:07:40 7BDE885D471C6478B13E0C32418EEE20 243696 ----a-w- C:\WINDOWS\Sysnative\clinfo.exe 2015-12-17 09:07:40 43A7C796566C3A83222567DE189F8D18 12784 ----a-w- C:\WINDOWS\Sysnative\detoured.dll 2015-12-17 09:07:33 E40A33F1DD46469DCFFA4BD5117C61B1 3437632 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.cap 2015-12-17 09:07:32 EAD4B31FE72D70F2BACFC915454E5BE2 8864920 ----a-w- C:\WINDOWS\Sysnative\atiumd64.dll 2015-12-17 09:07:31 DF30135A414649B0A8E8FAD0D61C13C1 130064 ----a-w- C:\WINDOWS\Sysnative\atiu9p64.dll 2015-12-17 09:07:30 A273FBD6DCBB91434E33C1EC2404DFCC 199664 ----a-w- C:\WINDOWS\Sysnative\atitmm64.dll 2015-12-17 09:07:29 51A35D97A9DB597EE0D14E2D248AA5A5 97776 ----a-w- C:\WINDOWS\Sysnative\atisamu64.dll 2015-12-17 09:07:26 D9D76760A606AA2946757BA583538BA2 341488 ----a-w- C:\WINDOWS\Sysnative\ATIODE.exe 2015-12-17 09:07:26 1F5F96AE1C39FC46275D120CB1C0CC7F 59888 ----a-w- C:\WINDOWS\Sysnative\ATIODCLI.exe 2015-12-17 09:07:23 3FC67270212EDDA9B0C3D1276930F830 30775792 ----a-w- C:\WINDOWS\Sysnative\atio6axx.dll 2015-12-17 09:07:22 DDFF3EC23045E0B96D9B2212B0B00E31 88000 ----a-w- C:\WINDOWS\Sysnative\atimpc64.dll 2015-12-17 09:07:22 9A407EF63E33D60BD607CA6DC917676F 38384 ----a-w- C:\WINDOWS\Sysnative\atimuixx.dll 2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\Sysnative\atiglpxx.dll 2015-12-17 09:07:17 A400AAEA1E6FD94A3874066BA26AE257 83952 ----a-w- C:\WINDOWS\Sysnative\atig6pxx.dll 2015-12-17 09:07:16 B238026AACDDF5D78920DD46F4B8B9CC 168944 ----a-w- C:\WINDOWS\Sysnative\atieah64.exe 2015-12-17 09:07:12 0924FBECA5B233CCD3F89306D6EBBB50 451056 ----a-w- C:\WINDOWS\Sysnative\atidemgy.dll 2015-12-17 09:07:10 2568D12AF17245F8D8413AC9A8B4EDA5 71152 ----a-w- C:\WINDOWS\Sysnative\aticalrt64.dll 2015-12-17 09:07:08 CDDD4CB320EDAAA9AACEFA117CB0F3FA 15725552 ----a-w- C:\WINDOWS\Sysnative\aticaldd64.dll 2015-12-17 09:07:04 3845FDD141F1658CF28A3A199C40ADAF 64496 ----a-w- C:\WINDOWS\Sysnative\aticalcl64.dll 2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.blb 2015-12-17 09:07:02 0789EC00F29DCC4A1441F876B81F15A7 375792 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.exe 2015-12-17 09:07:01 D2075893570DA1B6766977D858FB9508 73712 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2015-12-17 09:06:59 0EF0E1F7B96736DA036A8FA3EC1A389A 9355016 ----a-w- C:\WINDOWS\Sysnative\amdxc64.dll 2015-12-17 09:06:58 42B9C6DE9E3E4F0925AD58DAD8A86B7B 88000 ----a-w- C:\WINDOWS\Sysnative\amdpcom64.dll 2015-12-17 09:06:57 10E49359190C5F9EC0287991260805D4 1070592 ----a-w- C:\WINDOWS\Sysnative\amdocl_ld64.exe 2015-12-17 09:06:56 2C121EDECF6F26ADA8E6B2D5316966A7 1196032 ----a-w- C:\WINDOWS\Sysnative\amdocl_as64.exe 2015-12-17 09:06:37 A40AD832C19625AAE912E2C8F26686A7 59376 ----a-w- C:\WINDOWS\Sysnative\amdmmcl6.dll 2015-12-17 09:06:36 D2112F5468176F075FAB0B08A142DB6A 471320 ----a-w- C:\WINDOWS\Sysnative\amdmiracast.dll 2015-12-17 09:06:35 5D4ABEC64507FDAF954B867AF85ADA87 6686192 ----a-w- C:\WINDOWS\Sysnative\amdmantle64.dll 2015-12-17 09:06:34 038A004CF76AFDC15FA70863D3DC345A 631792 ----a-w- C:\WINDOWS\Sysnative\amdlvr64.dll 2015-12-17 09:06:31 4A8EEFA45D4DE092F9FB557B196BFE0F 143344 ----a-w- C:\WINDOWS\Sysnative\amdhdl64.dll 2015-12-17 09:06:30 D36864C43E5B1AC2FB2DA910A8AEF0E5 151936 ----a-w- C:\WINDOWS\Sysnative\amdhcp64.dll 2015-12-17 09:06:28 C8EDC7EFDAE950D1939B9A7E863642C9 213488 ----a-w- C:\WINDOWS\Sysnative\amdgfxinfo64.dll 2015-12-17 09:06:26 3BB6CE191F9D761EBD6DE222922A7469 117600 ----a-w- C:\WINDOWS\Sysnative\amdave64.dll 2015-12-09 19:58:01 DD032686353CBEA293EBA1710C676533 21872640 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-12-09 19:57:59 C075D7FB5304C60CE7296882F299A90D 24592384 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-12-09 19:57:52 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-12-09 19:57:51 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-12-09 19:57:51 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-12-09 19:57:49 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2015-12-09 19:57:49 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-12-09 19:57:47 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-12-09 19:57:47 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-12-09 19:57:47 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2015-12-09 19:57:46 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll 2015-12-09 19:57:46 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2015-12-09 19:57:45 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2015-12-09 19:57:43 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\WINDOWS\Sysnative\Magnify.exe 2015-12-09 19:57:43 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2015-12-09 19:57:41 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\WINDOWS\Sysnative\ninput.dll 2015-12-09 19:57:41 08F67B81DA4F6B5D247183915253872C 7523840 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2015-12-09 19:57:41 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\WINDOWS\Sysnative\duser.dll 2015-12-09 19:57:40 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-12-09 19:57:38 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll 2015-12-09 19:57:37 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\WINDOWS\Sysnative\DAMM.dll 2015-12-09 19:57:37 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2015-12-09 19:57:37 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\WINDOWS\Sysnative\dot3mm.dll 2015-12-09 19:57:36 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-12-09 19:57:35 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-12-09 19:57:35 7A4CC6F1945E13BE51FCEE9A2C6C7ABE 572928 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-12-09 19:57:35 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\WINDOWS\Sysnative\RasMediaManager.dll 2015-12-09 19:57:35 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\WINDOWS\Sysnative\DAMediaManager.dll 2015-12-09 19:57:34 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\WINDOWS\Sysnative\EthernetMediaManager.dll 2015-12-09 19:57:34 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\WINDOWS\Sysnative\WlanMediaManager.dll 2015-12-09 19:57:34 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2015-12-09 19:57:34 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll 2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\Sysnative\locale.nls 2015-12-09 19:57:34 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2015-12-09 19:57:32 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2015-12-09 19:57:32 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2015-12-09 19:57:32 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\WINDOWS\Sysnative\userenv.dll 2015-12-09 19:57:31 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZE.DLL 2015-12-09 19:57:31 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZEL.DLL 2015-12-09 19:57:31 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\WINDOWS\Sysnative\kbdgeoqw.dll 2015-12-09 19:57:30 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZST.DLL 2015-12-09 19:57:29 38C714192315DD02561D30FCFE693736 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2015-12-09 19:57:29 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\WINDOWS\Sysnative\profext.dll 2015-12-09 19:57:26 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-12-17 09:07:02 4FF0FE695EDB2326F268377EBD546957 52208 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll 2015-12-09 19:57:38 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-12-09 19:57:36 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-12-09 19:57:33 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2015-12-09 19:57:32 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\usb8023.sys 2015-12-09 19:57:32 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-12-09 19:57:31 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\WINDOWS\Sysnative\drivers\gpuenergydrv.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-12-17 09:12:38 -------- d-----w- C:\Program Files\ATI Technologies ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\moederjeanne\AppData\Roaming ====== 2015-12-20 12:32:17 -------- d-----w- C:\Users\moederjeanne\AppData\Local\Temp 2015-12-10 08:50:08 -------- d-----w- C:\Users\moederjeanne\AppData\Local\AMD 2015-12-08 17:47:24 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2015-12-08 17:46:44 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog ====== C:\Users\moederjeanne ====== 2015-12-21 11:43:58 1D749FC1137C46737F14EDD47219FDA3 1740288 ----a-w- C:\Users\moederjeanne\Downloads\AdwCleaner.exe 2015-12-21 10:56:11 1D749FC1137C46737F14EDD47219FDA3 1740288 ----a-w- C:\Users\moederjeanne\Downloads\adwcleaner_5.025.exe 2015-12-17 09:12:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-12-08 17:47:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen ====== C: exe-files == 2015-12-21 10:55:45 D2395425B61A3280E6437E641B954121 174 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3968276687-3847870925-728767108-1001\$IHEWCLW.exe 2015-12-21 10:55:45 8FCD15721DA3CD7AFA613E9941C0D092 166 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3968276687-3847870925-728767108-1001\$ISPOT04.exe 2015-12-21 10:55:45 8E79ED7DE4A9B2D09FA3360572434A03 174 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-3968276687-3847870925-728767108-1001\$IEP7TG9.exe 2015-12-17 09:07:38 B16CBF710BAC6FE3EA52C88C886870B2 96779808 ----a-w- C:\Program Files\AMD\CCC2\Install\ccc2_install.exe 2015-12-17 07:55:39 9A81ADFEA183CA54971D9EE568D4AE67 758864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.106\47.0.2526.106_47.0.2526.80_chrome_updater_3stage.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Trojan Killer" ["C:\Users\moederjeanne\Desktop\anti spam\trojankiller.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{82B7F595-5AE2-407C-9927-19E0A68E3980}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{962602FA-6334-4D12-AC80-1D8392B9923C}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23-04-2014 21:29] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default - Undetermined - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com ==== Firefox Plugins ====================== Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 whatsapp-for-chrome - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan Fantastic platform game that will try to intimidate you and make you give up. - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi Magisto - Magical Video Editor - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk WhatsApp Web Notifier - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mandlfjpchelbigcligpgfmmagaobkeo ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3238 folders=907 4296499447 bytes) ==== EOF on di 22-12-2015 at 20:25:03,79 ======================

daarnet kreeg ik de problemen terug , als bvb van gebruiker wil veranderen lukt dit niet wil ik apps openen doet hij ook niets raar

beste , volgens mij zijn al de problemen opgelost , was dit nu eigenlijk een virus ? Enorm bedankt voor de hulp dikke merci

had inderdaad het proces doorlopen , : # AdwCleaner v5.025 - Logbestand aangemaakt 21/12/2015 op 12:50:17 # Laatste update 13/12/2015 door Xplode # Database : 2015-12-13.2 [server] # Besturingssysteem : Windows 10 Home (x64) # Gebruikersnaam : moederjeanne - HANS # Gestart vanuit : C:\Users\moederjeanne\Downloads\AdwCleaner.exe # Optie : Verwijderen # Ondersteuning : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Mappen ] ***** ***** [ Bestanden ] ***** [-] Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage [-] Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal ***** [ DLLs ] ***** ***** [ Snelkoppelingen ] ***** ***** [ geplande taken ] ***** ***** [ Register ] ***** [-] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] ***** [ Internetbrowsers ] ***** ************************* :: "Tracing" sleutels verwijderd :: Winsock instellingen gereset ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1148 bytes] ##########

denk dat het gelukt is : # AdwCleaner v5.025 - Logbestand aangemaakt 21/12/2015 op 12:50:17 # Laatste update 13/12/2015 door Xplode # Database : 2015-12-13.2 [server] # Besturingssysteem : Windows 10 Home (x64) # Gebruikersnaam : moederjeanne - HANS # Gestart vanuit : C:\Users\moederjeanne\Downloads\AdwCleaner.exe # Optie : Verwijderen # Ondersteuning : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Mappen ] ***** ***** [ Bestanden ] ***** [-] Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage [-] Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal ***** [ DLLs ] ***** ***** [ Snelkoppelingen ] ***** ***** [ geplande taken ] ***** ***** [ Register ] ***** [-] Waarde Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] ***** [ Internetbrowsers ] ***** ************************* :: "Tracing" sleutels verwijderd :: Winsock instellingen gereset ########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1148 bytes] ##########

als ik op logbestand kijk kkrijg ik deze file ,alhoewel volgens mij hij het proces niet heeft doorlopen # AdwCleaner v5.025 - Logbestand aangemaakt 21/12/2015 op 12:20:38 # Laatste update 13/12/2015 door Xplode # Database : 2015-12-13.2 [server] # Besturingssysteem : Windows 10 Home (x64) # Gebruikersnaam : moederjeanne - HANS # Gestart vanuit : C:\Users\moederjeanne\Desktop\adwcleaner_5.025.exe # Optie : Scannen # Ondersteuning : http://toolslib.net/forum ***** [ Services ] ***** ***** [ Mappen ] ***** ***** [ Bestanden ] ***** Bestand Gevonden : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage Bestand Gevonden : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal ***** [ DLL ] ***** ***** [ Snelkoppelingen ] ***** ***** [ geplande taken ] ***** ***** [ Register ] ***** Waarde Gevonden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] ***** [ Internetbrowsers ] ***** ########## EOF - C:\AdwCleaner\AdwCleaner[s4].txt - [1031 bytes] ##########

als ik ADW claener open komt erop : wacht op actie ,deselecteer alle items die je wilt behouden maar dit blijft na 10 nog zo staan en ik kan niet klikken op actie is dit normaal ?

Malwarebytes Anti-Malware www.malwarebytes.org Scandatum: 21-12-2015 Scantijd: 10:13 Logboekbestand: mm.txt Beheerder: Ja Versie: 2.2.0.1024 Malware-database: v2015.12.21.02 Rootkit-database: v2015.12.18.01 Licentie: Gratis Malware-bescherming: Uitgeschakeld Bescherming tegen kwaadaardige websites: Uitgeschakeld Zelfbescherming: Uitgeschakeld Besturingssysteem: Windows 10 Processor: x64 Bestandssysteem: NTFS Gebruiker: moederjeanne Scantype: Bedreigingsscan Resultaat: Voltooid Objecten gescand: 444478 Verstreken tijd: 1 u., 2 min, 26 sec Geheugen: Ingeschakeld Opstarten: Ingeschakeld Bestandssysteem: Ingeschakeld Archieven: Ingeschakeld Rootkits: Ingeschakeld Heuristiek: Ingeschakeld POP: Ingeschakeld POA: Ingeschakeld Processen: 0 (Geen kwaadaardige items gedetecteerd) Modules: 0 (Geen kwaadaardige items gedetecteerd) Registersleutels: 2 PUP.Optional.MultiPlug, HKU\S-1-5-21-3968276687-3847870925-728767108-1001_Classes\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040}, In quarantaine, [0ea863448605b08608364d87f112758b], PUP.Optional.MultiPlug, HKU\S-1-5-21-3968276687-3847870925-728767108-1001_Classes\INTERFACE\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}, In quarantaine, [0ea863448605b08608364d87f112758b], Registerwaarden: 0 (Geen kwaadaardige items gedetecteerd) Registerdata: 0 (Geen kwaadaardige items gedetecteerd) Mappen: 0 (Geen kwaadaardige items gedetecteerd) Bestanden: 0 (Geen kwaadaardige items gedetecteerd) Fysieke Sectoren: 0 (Geen kwaadaardige items gedetecteerd) (end)

nog steeds hetzelfde probleem -(

Zoek.exe v5.0.0.1 Updated 18-December-2015 Tool run by moederjeanne on zo 20-12-2015 at 12:13:00,08. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\moederjeanne\Desktop\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2015-12-19-150758.log 52982 bytes ==== Empty Folders Check ====================== C:\Users\moederjeanne\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user.js not found ---- Lines _uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"ekWne@1.org\":{\"d\":\"C:\\\\Users\\\\moederjeanne\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\ ---- FireFox user.js and prefs.js backups ---- prefs_20-12-2015_1314_.backup ==== Deleting Files \ Folders ====================== C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp deleted C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com deleted "C:\WINDOWS\SysNative\tasks\{1E2CD787-5A20-40B3-90F1-B15A6B5A8BC5}" deleted "C:\WINDOWS\SysNative\tasks\{51FCCE58-FEC1-4972-ADC1-822CF1457E58}" deleted "C:\WINDOWS\SysNative\tasks\{7B1E1EAD-2704-4193-ABC7-997C3ABCD50B}" deleted "C:\WINDOWS\SysNative\tasks\{90375371-90DE-400E-A70C-04F320B38B99}" deleted "C:\WINDOWS\SysNative\tasks\{9B65EFED-9950-49CA-976E-D3CF30D7830A}" deleted "C:\WINDOWS\SysNative\tasks\{9C32E855-0165-4830-8A35-7662750DF12C}" deleted "C:\WINDOWS\SysNative\tasks\{9CA88F91-C466-4B49-B55B-941445717BEE}" deleted "C:\WINDOWS\SysNative\tasks\{9F674414-1591-4CD9-A7AD-7D26CFD5EF41}" deleted "C:\WINDOWS\SysNative\tasks\{C1282EE3-A959-42FD-A09C-1BE41E0A7A04}" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23-04-2014 21:29] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default - Undetermined - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com ==== Firefox Plugins ====================== Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 whatsapp-for-chrome - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan Magisto - Magical Video Editor - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk ==== Chromium Fix ====================== C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\moederjeanne\AppData\Local\Mozilla\Firefox\Profiles\so4plgdq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3238 folders=907 4296499447 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\MOEDER~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 20-12-2015 at 14:25:20,73 ======================

ik weet niet of het probleem nu zou moeten opgelost zijn ? maar ik heb nog steeds dezelfde problemen met de pc -(

ik krijg dit txt file maar nog steeds dezelfde problemen : Zoek.exe v5.0.0.1 Updated 18-December-2015 Tool run by moederjeanne on za 19-12-2015 at 13:36:50,32. Microsoft Windows 10 Home 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\moederjeanne\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 19-12-2015 13:45:48 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\moederjeanne\AppData\Local\CrashDumps deleted successfully C:\Users\moederjeanne\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\moederjeanne\AppData\Local\EmieSiteList deleted successfully C:\Users\moederjeanne\AppData\Local\EmieUserList deleted successfully C:\Users\moederjeanne\AppData\Local\NetworkTiles deleted successfully C:\Users\ruth\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\ruth\AppData\Local\EmieSiteList deleted successfully C:\Users\ruth\AppData\Local\EmieUserList deleted successfully C:\Users\ruth\AppData\Local\NetworkTiles deleted successfully C:\Users\ruth\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Acer Recovery Management Adobe Reader XI (11.0.13) Adobe Refresh Manager AMD Accelerated Video Transcoding AMD Catalyst Control Center AMD Catalyst Install Manager AMD Fuel AMD Quick Stream Apple Application Support (32-bit) Apple Application Support (64-bit) Apple Mobile Device Support Apple Software Update AVG AVG 2016 AVG Protection AVG Web TuneUp AVG Zen Bonjour BS.Player FREE Canon MP Navigator EX 4.0 Canon MP495 series MP Drivers Canon My Image Garden Canon My Image Garden Design Files Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CCleaner D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB3114412) 64-Bit Edition ELAN Touchpad 11.15.0.18_X64 Fallout 3 - Wasteland Edition FMW 1 Google Chrome Google Update Helper Identity Card iTunes Malwarebytes Anti-Malware versie 2.2.0.1024 Microsoft Application Error Reporting Microsoft Games for Windows - LIVE Redistributable Microsoft Office Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared 32-bit MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2005 Tools for Office Runtime Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD Microsoft WSE 3.0 Runtime Movie Maker MPC-HC 1.7.3 (64-bit) MSVCRT MSVCRT110 MSVCRT110_amd64 Nero BackItUp Nero BackItUp 12 Essentials OEM.a01 Nero BackItUp Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Launcher Nero RescueAgent Nero RescueAgent Help (CHM) Nero Update OEM Application Profile Office Addin Photo Common Photo Gallery Prerequisite installer Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros WLAN and Bluetooth Client Installation Program RealDownloader Realtek High Definition Audio Driver Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition Security Update for Microsoft Excel 2010 (KB3114415) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2878230) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2965310) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB3054978) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB3085594) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB3101526) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition Security Update for Microsoft Word 2010 (KB3101532) 64-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition Skype Click to Call SkypeT 7.12 Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD TeamViewer 9 Trojan Killer Unity Web Player Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition Update for Microsoft Office 2010 (KB3114399) 64-Bit Edition Update for Microsoft Office 2010 (KB3114404) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3085604) 64-Bit Edition Update for Microsoft Outlook 2010 (KB3101535) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition Update for Microsoft Project 2010 (KB3114419) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition Uplay VirtualDJ PRO Full Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio 2012 x64 Redistributables Visual Studio 2012 x86 Redistributables Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) VLC media player Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 ) Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack WinRAR 4.20 (64-bit) ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\AVG Web TuneUp deleted C:\Program Files\Common Files\AVG Secure Search deleted C:\ProgramData\Avg_Update_1215av deleted C:\Users\moederjeanne\AppData\Local\AVG Web TuneUp deleted C:\Users\ruth\AppData\Local\AVG Web TuneUp deleted C:\Program Files\AVG Web TuneUp deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\Package Cache deleted C:\Users\moederjeanne\AppData\Local\Unity deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\moederjeanne\AppData\LocalLow\Unity deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-12-09 19:57:37 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\MOEDER~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== 2015-12-17 09:07:40 DAE24406C99B03DE3070FCA7B8823C68 122352 ----a-w- C:\WINDOWS\SysWOW64\mantle32.dll 2015-12-17 09:07:40 B1414C449CDF025115DDA1DD58A77381 111088 ----a-w- C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-12-17 09:07:40 9A90866790368A9739F940C3AB854BE5 12784 ----a-w- C:\WINDOWS\SysWOW64\detoured.dll 2015-12-17 09:07:40 4B15FFE298E746FC8FE1718461C8527D 96752 ----a-w- C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-12-17 09:07:37 A6D47DE75D4DA8B345193FD2456A4386 3471376 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.cap 2015-12-17 09:07:28 AB2F45F4D17649F8F571CD4EFA5346EC 89584 ----a-w- C:\WINDOWS\SysWOW64\atisamu32.dll 2015-12-17 09:07:26 0A4ECF95D837EB9C7990FDAE92077765 25320432 ----a-w- C:\WINDOWS\SysWOW64\atioglxx.dll 2015-12-17 09:07:22 212E4467D3558D6CF999942FBF24249A 81160 ----a-w- C:\WINDOWS\SysWOW64\atimpc32.dll 2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-12-17 09:07:16 07722BE5C09F174DE3C857A384EB7A19 152560 ----a-w- C:\WINDOWS\SysWOW64\atieah32.exe 2015-12-17 09:07:10 91EE47E5F262066C4FE15FCC2AFA76D0 60912 ----a-w- C:\WINDOWS\SysWOW64\aticalrt.dll 2015-12-17 09:07:06 0D5F02309668BB18B09CC3018870A21D 14310896 ----a-w- C:\WINDOWS\SysWOW64\aticaldd.dll 2015-12-17 09:07:03 6C1E0FA435FF2BE03DAE57482D70229C 57840 ----a-w- C:\WINDOWS\SysWOW64\aticalcl.dll 2015-12-17 09:07:02 760A16CB68AA94B46C13E778E2C40C42 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-12-17 09:07:01 A7DC8E9EEAE4F4957DE450AC0C8FFCD0 68080 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll 2015-12-17 09:06:58 A400CFF0E7618D3C96E6D3FB5C657E6B 7683096 ----a-w- C:\WINDOWS\SysWOW64\amdxc32.dll 2015-12-17 09:06:57 7D5DED378BFDB41955AC460C4F396F1B 81160 ----a-w- C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-12-17 09:06:56 EBC93A124038127EAD6CD8F16558C26B 807424 ----a-w- C:\WINDOWS\SysWOW64\amdocl_ld32.exe 2015-12-17 09:06:55 ECC282372DEB746231685280F96442DF 1004032 ----a-w- C:\WINDOWS\SysWOW64\amdocl_as32.exe 2015-12-17 09:06:36 4C2E47A3ED607193656C44974AEA4162 48112 ----a-w- C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-12-17 09:06:35 DB00A1EDAF063A00E715BC0D844A6C6B 5216240 ----a-w- C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-12-17 09:06:34 870A3E3F7F49E0F0EDA057DE539BAA5C 524272 ----a-w- C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-12-17 09:06:30 4DC0A8630E9C94AC559BDA738D228C2E 132080 ----a-w- C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-12-17 09:06:27 A373223DA7D8955471215CE5B1BDCD0B 198640 ----a-w- C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-12-17 09:06:25 75D082F60A62FD7FAA33C665307895BA 110320 ----a-w- C:\WINDOWS\SysWOW64\amdave32.dll 2015-12-09 19:57:58 19928365CF64B0883317A260E2E6377B 19323392 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll 2015-12-09 19:57:54 F9AB0E57957218B31E2959628C3C0997 18801664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll 2015-12-09 19:57:53 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll 2015-12-09 19:57:49 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll 2015-12-09 19:57:47 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll 2015-12-09 19:57:46 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll 2015-12-09 19:57:46 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll 2015-12-09 19:57:46 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\WINDOWS\SysWOW64\user32.dll 2015-12-09 19:57:46 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll 2015-12-09 19:57:43 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\WINDOWS\SysWOW64\Magnify.exe 2015-12-09 19:57:43 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll 2015-12-09 19:57:42 4900597B180D4A2755B9A6AD5D42A4C7 5455360 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll 2015-12-09 19:57:39 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll 2015-12-09 19:57:39 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\WINDOWS\SysWOW64\ninput.dll 2015-12-09 19:57:39 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\WINDOWS\SysWOW64\duser.dll 2015-12-09 19:57:39 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe 2015-12-09 19:57:38 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll 2015-12-09 19:57:36 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\WINDOWS\SysWOW64\authui.dll 2015-12-09 19:57:35 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll 2015-12-09 19:57:35 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll 2015-12-09 19:57:34 BB14EE9FF8DCB98AAA9B1861A3F4DA5A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll 2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\SysWOW64\locale.nls 2015-12-09 19:57:32 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll 2015-12-09 19:57:30 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZE.DLL 2015-12-09 19:57:30 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\WINDOWS\SysWOW64\kbdgeoqw.dll 2015-12-09 19:57:30 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZEL.DLL 2015-12-09 19:57:30 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZST.DLL 2015-12-09 19:57:29 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll 2015-12-09 19:57:25 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== 2015-12-19 12:30:54 13D17227BB2AB670F99EE13B12F593A5 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_moederjeanne_HistoryPrediction.bin 2015-12-17 09:07:40 DF432871A485FD77E6C90197BE0B637D 111600 ----a-w- C:\WINDOWS\Sysnative\hsa-thunk64.dll 2015-12-17 09:07:40 CE5A4E28D6423278DD8440404B6B5851 103408 ----a-w- C:\WINDOWS\Sysnative\mantleaxl64.dll 2015-12-17 09:07:40 9E881E4739C6BCAA98F2152CAFC3E059 136176 ----a-w- C:\WINDOWS\Sysnative\mantle64.dll 2015-12-17 09:07:40 7BDE885D471C6478B13E0C32418EEE20 243696 ----a-w- C:\WINDOWS\Sysnative\clinfo.exe 2015-12-17 09:07:40 43A7C796566C3A83222567DE189F8D18 12784 ----a-w- C:\WINDOWS\Sysnative\detoured.dll 2015-12-17 09:07:33 E40A33F1DD46469DCFFA4BD5117C61B1 3437632 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.cap 2015-12-17 09:07:32 EAD4B31FE72D70F2BACFC915454E5BE2 8864920 ----a-w- C:\WINDOWS\Sysnative\atiumd64.dll 2015-12-17 09:07:31 DF30135A414649B0A8E8FAD0D61C13C1 130064 ----a-w- C:\WINDOWS\Sysnative\atiu9p64.dll 2015-12-17 09:07:30 A273FBD6DCBB91434E33C1EC2404DFCC 199664 ----a-w- C:\WINDOWS\Sysnative\atitmm64.dll 2015-12-17 09:07:29 51A35D97A9DB597EE0D14E2D248AA5A5 97776 ----a-w- C:\WINDOWS\Sysnative\atisamu64.dll 2015-12-17 09:07:26 D9D76760A606AA2946757BA583538BA2 341488 ----a-w- C:\WINDOWS\Sysnative\ATIODE.exe 2015-12-17 09:07:26 1F5F96AE1C39FC46275D120CB1C0CC7F 59888 ----a-w- C:\WINDOWS\Sysnative\ATIODCLI.exe 2015-12-17 09:07:23 3FC67270212EDDA9B0C3D1276930F830 30775792 ----a-w- C:\WINDOWS\Sysnative\atio6axx.dll 2015-12-17 09:07:22 DDFF3EC23045E0B96D9B2212B0B00E31 88000 ----a-w- C:\WINDOWS\Sysnative\atimpc64.dll 2015-12-17 09:07:22 9A407EF63E33D60BD607CA6DC917676F 38384 ----a-w- C:\WINDOWS\Sysnative\atimuixx.dll 2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\Sysnative\atiglpxx.dll 2015-12-17 09:07:17 A400AAEA1E6FD94A3874066BA26AE257 83952 ----a-w- C:\WINDOWS\Sysnative\atig6pxx.dll 2015-12-17 09:07:16 B238026AACDDF5D78920DD46F4B8B9CC 168944 ----a-w- C:\WINDOWS\Sysnative\atieah64.exe 2015-12-17 09:07:12 0924FBECA5B233CCD3F89306D6EBBB50 451056 ----a-w- C:\WINDOWS\Sysnative\atidemgy.dll 2015-12-17 09:07:10 2568D12AF17245F8D8413AC9A8B4EDA5 71152 ----a-w- C:\WINDOWS\Sysnative\aticalrt64.dll 2015-12-17 09:07:08 CDDD4CB320EDAAA9AACEFA117CB0F3FA 15725552 ----a-w- C:\WINDOWS\Sysnative\aticaldd64.dll 2015-12-17 09:07:04 3845FDD141F1658CF28A3A199C40ADAF 64496 ----a-w- C:\WINDOWS\Sysnative\aticalcl64.dll 2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.blb 2015-12-17 09:07:02 0789EC00F29DCC4A1441F876B81F15A7 375792 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.exe 2015-12-17 09:07:01 D2075893570DA1B6766977D858FB9508 73712 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll 2015-12-17 09:06:59 0EF0E1F7B96736DA036A8FA3EC1A389A 9355016 ----a-w- C:\WINDOWS\Sysnative\amdxc64.dll 2015-12-17 09:06:58 42B9C6DE9E3E4F0925AD58DAD8A86B7B 88000 ----a-w- C:\WINDOWS\Sysnative\amdpcom64.dll 2015-12-17 09:06:57 10E49359190C5F9EC0287991260805D4 1070592 ----a-w- C:\WINDOWS\Sysnative\amdocl_ld64.exe 2015-12-17 09:06:56 2C121EDECF6F26ADA8E6B2D5316966A7 1196032 ----a-w- C:\WINDOWS\Sysnative\amdocl_as64.exe 2015-12-17 09:06:37 A40AD832C19625AAE912E2C8F26686A7 59376 ----a-w- C:\WINDOWS\Sysnative\amdmmcl6.dll 2015-12-17 09:06:36 D2112F5468176F075FAB0B08A142DB6A 471320 ----a-w- C:\WINDOWS\Sysnative\amdmiracast.dll 2015-12-17 09:06:35 5D4ABEC64507FDAF954B867AF85ADA87 6686192 ----a-w- C:\WINDOWS\Sysnative\amdmantle64.dll 2015-12-17 09:06:34 038A004CF76AFDC15FA70863D3DC345A 631792 ----a-w- C:\WINDOWS\Sysnative\amdlvr64.dll 2015-12-17 09:06:31 4A8EEFA45D4DE092F9FB557B196BFE0F 143344 ----a-w- C:\WINDOWS\Sysnative\amdhdl64.dll 2015-12-17 09:06:30 D36864C43E5B1AC2FB2DA910A8AEF0E5 151936 ----a-w- C:\WINDOWS\Sysnative\amdhcp64.dll 2015-12-17 09:06:28 C8EDC7EFDAE950D1939B9A7E863642C9 213488 ----a-w- C:\WINDOWS\Sysnative\amdgfxinfo64.dll 2015-12-17 09:06:26 3BB6CE191F9D761EBD6DE222922A7469 117600 ----a-w- C:\WINDOWS\Sysnative\amdave64.dll 2015-12-15 22:18:00 C1E95F2758CD6797ECEB81BCD5533320 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_ruth_HistoryPrediction.bin 2015-12-09 19:58:01 DD032686353CBEA293EBA1710C676533 21872640 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll 2015-12-09 19:57:59 C075D7FB5304C60CE7296882F299A90D 24592384 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll 2015-12-09 19:57:52 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll 2015-12-09 19:57:51 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys 2015-12-09 19:57:51 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys 2015-12-09 19:57:49 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll 2015-12-09 19:57:49 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll 2015-12-09 19:57:47 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll 2015-12-09 19:57:47 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll 2015-12-09 19:57:47 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll 2015-12-09 19:57:46 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll 2015-12-09 19:57:46 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll 2015-12-09 19:57:45 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\WINDOWS\Sysnative\user32.dll 2015-12-09 19:57:43 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\WINDOWS\Sysnative\Magnify.exe 2015-12-09 19:57:43 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\WINDOWS\Sysnative\SRH.dll 2015-12-09 19:57:41 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\WINDOWS\Sysnative\ninput.dll 2015-12-09 19:57:41 08F67B81DA4F6B5D247183915253872C 7523840 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll 2015-12-09 19:57:41 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\WINDOWS\Sysnative\duser.dll 2015-12-09 19:57:40 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\WINDOWS\Sysnative\ieui.dll 2015-12-09 19:57:38 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll 2015-12-09 19:57:37 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\WINDOWS\Sysnative\DAMM.dll 2015-12-09 19:57:37 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll 2015-12-09 19:57:37 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\WINDOWS\Sysnative\dot3mm.dll 2015-12-09 19:57:36 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\WINDOWS\Sysnative\authui.dll 2015-12-09 19:57:35 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll 2015-12-09 19:57:35 7A4CC6F1945E13BE51FCEE9A2C6C7ABE 572928 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll 2015-12-09 19:57:35 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\WINDOWS\Sysnative\RasMediaManager.dll 2015-12-09 19:57:35 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\WINDOWS\Sysnative\DAMediaManager.dll 2015-12-09 19:57:34 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\WINDOWS\Sysnative\EthernetMediaManager.dll 2015-12-09 19:57:34 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\WINDOWS\Sysnative\WlanMediaManager.dll 2015-12-09 19:57:34 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll 2015-12-09 19:57:34 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll 2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\Sysnative\locale.nls 2015-12-09 19:57:34 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe 2015-12-09 19:57:32 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll 2015-12-09 19:57:32 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll 2015-12-09 19:57:32 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\WINDOWS\Sysnative\userenv.dll 2015-12-09 19:57:31 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZE.DLL 2015-12-09 19:57:31 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZEL.DLL 2015-12-09 19:57:31 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\WINDOWS\Sysnative\kbdgeoqw.dll 2015-12-09 19:57:30 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZST.DLL 2015-12-09 19:57:29 38C714192315DD02561D30FCFE693736 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll 2015-12-09 19:57:29 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\WINDOWS\Sysnative\profext.dll 2015-12-09 19:57:26 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll ====== C:\WINDOWS\Sysnative\drivers ===== 2015-12-17 09:07:02 4FF0FE695EDB2326F268377EBD546957 52208 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll 2015-12-09 19:57:38 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2015-12-09 19:57:36 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys 2015-12-09 19:57:33 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys 2015-12-09 19:57:32 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\usb8023.sys 2015-12-09 19:57:32 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS 2015-12-09 19:57:31 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\WINDOWS\Sysnative\drivers\gpuenergydrv.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-12-17 09:12:38 -------- d-----w- C:\Program Files\ATI Technologies ======= C:\PROGRA~2 ===== 2015-11-22 16:00:45 -------- d-----w- C:\PROGRA~2\VirtualDJ ======= C: ===== ====== C:\Users\moederjeanne\AppData\Roaming ====== 2015-12-10 08:50:08 -------- d-----w- C:\Users\moederjeanne\AppData\Local\AMD 2015-12-08 17:47:24 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg 2015-12-08 17:46:44 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog 2015-11-22 16:00:51 -------- d-----w- C:\Users\moederjeanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ ====== C:\Users\moederjeanne ====== 2015-12-17 09:12:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-12-08 17:47:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen ====== C: exe-files == 2015-12-17 09:07:38 B16CBF710BAC6FE3EA52C88C886870B2 96779808 ----a-w- C:\Program Files\AMD\CCC2\Install\ccc2_install.exe 2015-12-17 07:55:39 9A81ADFEA183CA54971D9EE568D4AE67 758864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.106\47.0.2526.106_47.0.2526.80_chrome_updater_3stage.exe 2015-12-15 16:59:47 E15AEE90C6CD89A71EB108EF8FD035DA 279232 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\mighost.exe 2015-12-15 16:59:47 9E8AD47012931BAE13D4B30CD5A2258F 173760 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\setupplatform.exe 2015-12-15 14:38:09 D1F59C81E2F6030459424F20030B3647 2829512 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\Setup.exe 2015-12-15 14:38:07 FBB698C69C0A8EF6499D9353A97CC232 2451144 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDUn_inst.exe 2015-12-15 14:38:07 BD5B801F8035A5066C6A4F4ABA67C4D5 93384 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDMag.exe 2015-12-15 14:38:07 8916EACF1256E1C5A3AF81FD39C747E7 144072 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDService.exe 2015-12-15 14:38:07 2B484C30F4B5C2AE38FC26F6FC57764B 2855112 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDHValueMonitor.exe 2015-12-15 14:38:07 2025712CFB93C2161C6EC0612EEC5B40 2265800 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDFingerPositioner.exe 2015-12-15 14:38:06 D37064498DE2B69EB94E2DA83C62E4A4 2580168 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrlHelper.exe 2015-12-15 14:38:06 BB11B4124F1DCA432705C2DB64B60580 8405192 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDAniConf.exe 2015-12-15 14:38:06 97B7D81A8461126BB9CC4085712675E5 3242696 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrl.exe 2015-12-15 14:38:06 7DBEFB1CD4BB8FEF7AEE87D07F695BFC 2790088 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDDeviceInformation.exe 2015-12-15 14:38:06 3FC075F33F8462EB7897A44E760D2377 1056968 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\dpinst.exe 2015-12-15 14:38:05 A7406B7710720E7E3EBC8DCE5C5FB084 243696 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\clinfo.exe 2015-12-15 14:38:03 412EF1F21D4DB473A8DECCE2B29006AB 96749536 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\ccc2_install.exe 2015-12-15 14:37:58 B844EBA6ED1666309C9D74345647057F 1070592 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_ld64.exe 2015-12-15 14:37:58 A8AFEC11C457D037602921C6645D8679 1004032 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_as32.exe 2015-12-15 14:37:58 50A1F30C906F8DA69FE0F3B95B324936 807424 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_ld32.exe 2015-12-15 14:37:58 3B40AFF6A70B690D6B0C79DEADBFCD32 1196032 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_as64.exe 2015-12-15 13:56:20 3CAF959D7275C91B2DB96BF60AFEB6EF 71592 ----a-w- C:\ProgramData\AVG\Setup\av\avguirux.exe 2015-12-15 13:56:19 4DF8AE87AF8B98D84F2D0C0B66550E5B 6000232 ----a-w- C:\ProgramData\AVG\Setup\av\avgmfapx.exe 2015-12-14 09:44:49 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2015-12-14 09:44:49 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\OneDriveSetup.exe 2015-12-14 09:44:38 EB0965F7AE1394C0A3165A5E9A32C44D 164040 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncConfig.exe 2015-12-14 09:44:37 2DB7D5B28812523AAF17F71A8EB4832E 171712 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe === C: other files == 2015-12-15 14:38:06 6BD85B39B7B23F03B24CF641ED29147B 525512 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETD.sys 2015-12-15 14:37:50 239A81CC18170F3369D389DA65E74342 599240 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\e6cf54d3-c314-4c73-ba29-eae39271af0d\btfilter.sys 2015-12-15 13:50:08 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\ruth\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\CollectOneDriveLogs.bat 2015-12-14 09:44:37 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\CollectOneDriveLogs.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Trojan Killer" ["C:\Users\moederjeanne\Desktop\anti spam\trojankiller.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{82B7F595-5AE2-407C-9927-19E0A68E3980}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{962602FA-6334-4D12-AC80-1D8392B9923C}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\{1E2CD787-5A20-40B3-90F1-B15A6B5A8BC5}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{51FCCE58-FEC1-4972-ADC1-822CF1457E58}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{7B1E1EAD-2704-4193-ABC7-997C3ABCD50B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{90375371-90DE-400E-A70C-04F320B38B99}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{9B65EFED-9950-49CA-976E-D3CF30D7830A}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{9C32E855-0165-4830-8A35-7662750DF12C}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{9CA88F91-C466-4B49-B55B-941445717BEE}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{9F674414-1591-4CD9-A7AD-7D26CFD5EF41}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\{C1282EE3-A959-42FD-A09C-1BE41E0A7A04}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23-04-2014 21:29] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default - ActiveDeals - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com - ActiveDeals - %ProfilePath%\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com ==== Firefox Plugins ====================== Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 14:24] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 08:31] whatsapp-for-chrome - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan Fantastic platform game that will try to intimidate you and make you give up. - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi Magisto - Magical Video Editor - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk RealDownloader - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji WhatsApp Web Notifier - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mandlfjpchelbigcligpgfmmagaobkeo Chrome Web Store Payments - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda YouTube - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Skype Click to Call - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia YouTube - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf RealDownloader - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Skype Click to Call - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Chrome Web Store Payments - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx deleted successfully C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia deleted successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={6AD30996-7856-4F05-9FA0-3B6D9392455F}&mid=a0f7a049bf0b47d2a1e2e12caacd3db6-305099513131e3e91d57094a037dd94ea90d0535〈=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:08:34&v=4.2.4.155&pid=wtu&sg=&sap=hp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\moederjeanne\AppData\Local\Mozilla\Firefox\Profiles\so4plgdq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=977 folders=526 625197913 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\MOEDER~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 19-12-2015 at 16:07:58,09 ======================

Logfile of random's system information tool 1.10 (written by random/random) Run by moederjeanne at 2015-12-19 11:21:53 Microsoft Windows 10 Home System drive C: has 600 GB (64%) free of 936 GB Total RAM: 15813 MB (87% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:21:56, on 19-12-2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.10240.16603) Boot mode: Normal Running processes: C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\moederjeanne.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={6AD30996-7856-4F05-9FA0-3B6D9392455F}&mid=a0f7a049bf0b47d2a1e2e12caacd3db6-305099513131e3e91d57094a037dd94ea90d0535〈=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:08:34&v=4.2.4.155&pid=wtu&sg=&sap=hp R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit= O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly O4 - HKCU\..\Run: [OneDrive] "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64" O4 - HKLM\..\Policies\Explorer\Run: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing) O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- End of file - 11235 bytes ======Listing Processes====== c:\PROGRA~2\AVG\Av\avgrsa.exe /boot C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-53ac-cf6706ebcd60 /binaryPath="C:\Program Files (x86)\AVG\Av\\" winlogon.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS "dwm.exe" C:\WINDOWS\system32\svchost.exe -k netsvcs "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation atieclxx C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" "C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\WINDOWS\System32\svchost.exe -k utcsvc "C:\Program Files\Elantech\ETDService.exe" dashost.exe {d006d19c-7cca-4a86-a344025b5d989525} "C:\Windows\system32\mfevtps.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" C:\WINDOWS\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" C:\WINDOWS\system32\svchost.exe -k appmodel "C:\Program Files (x86)\AVG\Av\avgnsa.exe" "C:\Program Files (x86)\AVG\Av\avgemca.exe" C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E} sihost.exe C:\WINDOWS\Explorer.EXE "C:\Program Files\Elantech\ETDCtrl.exe" C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Program Files\Elantech\ETDCtrlHelper.exe" C:\WINDOWS\system32\SettingSyncHost.exe -Embedding C:\WINDOWS\system32\SearchIndexer.exe /Embedding "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s "C:\Program Files\iTunes\iTunesHelper.exe" "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly "C:\Program Files\iPod\bin\iPodService.exe" "C:\Program Files (x86)\Nero\Update\NASvc.exe" C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6372.0.1090146018\46870288" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x1002 --gpu-device-id=0x9830 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.2.636081077\79300670" --font-cache-shared-handle=2804 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.4.63105887\1375210933" --font-cache-shared-handle=4800 /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.18.688391759\1744922408" --font-cache-shared-handle=5404 /prefetch:673131151 "C:\Users\moederjeanne\Desktop\map anti virussen\anti spam\RSITx64.exe" C:\WINDOWS\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-10 3242696] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-06 169768] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"=C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-14 551112] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448] "Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176] "AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-09 3855272] "AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DSCAutomationHostEnabled"=2 "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "vidc.i420"=iyuv_32.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "VIDC.CFHD"=CFHD.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-12-19 11:21:53 ----D---- C:\rsit 2015-12-18 09:56:51 ----HD---- C:\OneDriveTemp 2015-12-17 12:47:12 ----D---- C:\AdwCleaner 2015-12-17 10:12:38 ----D---- C:\Program Files\ATI Technologies 2015-12-17 10:08:27 ----D---- C:\WINDOWS\LastGood.Tmp 2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\mantleaxl64.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\mantle64.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\detoured.dll 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\clinfo.exe 2015-12-17 10:07:32 ----A---- C:\WINDOWS\system32\atiumd64.dll 2015-12-17 10:07:31 ----A---- C:\WINDOWS\system32\atiu9p64.dll 2015-12-17 10:07:30 ----A---- C:\WINDOWS\system32\atitmm64.dll 2015-12-17 10:07:29 ----A---- C:\WINDOWS\system32\atisamu64.dll 2015-12-17 10:07:28 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll 2015-12-17 10:07:26 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll 2015-12-17 10:07:26 ----A---- C:\WINDOWS\system32\ATIODE.exe 2015-12-17 10:07:26 ----A---- C:\WINDOWS\system32\ATIODCLI.exe 2015-12-17 10:07:23 ----A---- C:\WINDOWS\system32\atio6axx.dll 2015-12-17 10:07:22 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll 2015-12-17 10:07:22 ----A---- C:\WINDOWS\system32\atimuixx.dll 2015-12-17 10:07:22 ----A---- C:\WINDOWS\system32\atimpc64.dll 2015-12-17 10:07:18 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll 2015-12-17 10:07:18 ----A---- C:\WINDOWS\system32\atiglpxx.dll 2015-12-17 10:07:17 ----A---- C:\WINDOWS\system32\atig6pxx.dll 2015-12-17 10:07:16 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe 2015-12-17 10:07:16 ----A---- C:\WINDOWS\system32\atieah64.exe 2015-12-17 10:07:12 ----A---- C:\WINDOWS\system32\atidemgy.dll 2015-12-17 10:07:10 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll 2015-12-17 10:07:10 ----A---- C:\WINDOWS\system32\aticalrt64.dll 2015-12-17 10:07:08 ----A---- C:\WINDOWS\system32\aticaldd64.dll 2015-12-17 10:07:06 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll 2015-12-17 10:07:04 ----A---- C:\WINDOWS\system32\aticalcl64.dll 2015-12-17 10:07:03 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll 2015-12-17 10:07:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll 2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll 2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\atiapfxx.exe 2015-12-17 10:07:01 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll 2015-12-17 10:07:01 ----A---- C:\WINDOWS\system32\OpenCL.dll 2015-12-17 10:06:59 ----A---- C:\WINDOWS\system32\amdxc64.dll 2015-12-17 10:06:58 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll 2015-12-17 10:06:58 ----A---- C:\WINDOWS\system32\amdpcom64.dll 2015-12-17 10:06:57 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll 2015-12-17 10:06:57 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe 2015-12-17 10:06:56 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe 2015-12-17 10:06:56 ----A---- C:\WINDOWS\system32\amdocl_as64.exe 2015-12-17 10:06:55 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe 2015-12-17 10:06:37 ----A---- C:\WINDOWS\system32\amdmmcl6.dll 2015-12-17 10:06:36 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll 2015-12-17 10:06:36 ----A---- C:\WINDOWS\system32\amdmiracast.dll 2015-12-17 10:06:35 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll 2015-12-17 10:06:35 ----A---- C:\WINDOWS\system32\amdmantle64.dll 2015-12-17 10:06:34 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll 2015-12-17 10:06:34 ----A---- C:\WINDOWS\system32\amdlvr64.dll 2015-12-17 10:06:31 ----A---- C:\WINDOWS\system32\amdhdl64.dll 2015-12-17 10:06:30 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll 2015-12-17 10:06:30 ----A---- C:\WINDOWS\system32\amdhcp64.dll 2015-12-17 10:06:28 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll 2015-12-17 10:06:27 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll 2015-12-17 10:06:26 ----A---- C:\WINDOWS\system32\amdave64.dll 2015-12-17 10:06:25 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll 2015-12-10 20:38:23 ----D---- C:\Program Files\Common Files\AVG Secure Search 2015-12-09 20:58:01 ----A---- C:\WINDOWS\system32\edgehtml.dll 2015-12-09 20:57:59 ----A---- C:\WINDOWS\system32\mshtml.dll 2015-12-09 20:57:58 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll 2015-12-09 20:57:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll 2015-12-09 20:57:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll 2015-12-09 20:57:52 ----A---- C:\WINDOWS\system32\ieframe.dll 2015-12-09 20:57:51 ----A---- C:\WINDOWS\system32\win32kfull.sys 2015-12-09 20:57:51 ----A---- C:\WINDOWS\system32\win32kbase.sys 2015-12-09 20:57:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll 2015-12-09 20:57:49 ----A---- C:\WINDOWS\system32\iertutil.dll 2015-12-09 20:57:49 ----A---- C:\WINDOWS\system32\GdiPlus.dll 2015-12-09 20:57:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll 2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\SRHInproc.dll 2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\user32.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll 2015-12-09 20:57:46 ----A---- C:\WINDOWS\system32\comsvcs.dll 2015-12-09 20:57:45 ----A---- C:\WINDOWS\system32\user32.dll 2015-12-09 20:57:43 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll 2015-12-09 20:57:43 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe 2015-12-09 20:57:43 ----A---- C:\WINDOWS\system32\SRH.dll 2015-12-09 20:57:43 ----A---- C:\WINDOWS\system32\Magnify.exe 2015-12-09 20:57:42 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll 2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\ninput.dll 2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\duser.dll 2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\Chakra.dll 2015-12-09 20:57:40 ----A---- C:\WINDOWS\system32\ieui.dll 2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll 2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll 2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe 2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\duser.dll 2015-12-09 20:57:38 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll 2015-12-09 20:57:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys 2015-12-09 20:57:38 ----A---- C:\WINDOWS\system32\catsrvut.dll 2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\profsvc.dll 2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\dot3mm.dll 2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\DAMM.dll 2015-12-09 20:57:37 ----A---- C:\WINDOWS\explorer.exe 2015-12-09 20:57:36 ----A---- C:\WINDOWS\SYSWOW64\authui.dll 2015-12-09 20:57:36 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys 2015-12-09 20:57:36 ----A---- C:\WINDOWS\system32\authui.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\vbscript.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\RasMediaManager.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\ntdll.dll 2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\DAMediaManager.dll 2015-12-09 20:57:34 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll 2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll 2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\NetworkUXBroker.exe 2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\MBMediaManager.dll 2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\EthernetMediaManager.dll 2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\comdlg32.dll 2015-12-09 20:57:33 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys 2015-12-09 20:57:32 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll 2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\userenv.dll 2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\shutdownux.dll 2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\psmsrv.dll 2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS 2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys 2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll 2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL 2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\KBDAZE.DLL 2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys 2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll 2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL 2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL 2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL 2015-12-09 20:57:30 ----A---- C:\WINDOWS\system32\KBDAZST.DLL 2015-12-09 20:57:29 ----A---- C:\WINDOWS\SYSWOW64\profext.dll 2015-12-09 20:57:29 ----A---- C:\WINDOWS\system32\profext.dll 2015-12-09 20:57:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll 2015-12-09 20:57:26 ----A---- C:\WINDOWS\system32\jscript9.dll 2015-12-09 20:57:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll 2015-12-03 19:33:36 ----D---- C:\ProgramData\Avg_Update_1215av 2015-11-22 17:00:45 ----D---- C:\Program Files (x86)\VirtualDJ ======List of files/folders modified in the last 1 month====== 2015-12-19 11:21:55 ----D---- C:\Program Files\trend micro 2015-12-19 11:18:48 ----D---- C:\WINDOWS\Temp 2015-12-19 11:13:48 ----D---- C:\WINDOWS\system32\sru 2015-12-19 11:11:59 ----D---- C:\WINDOWS\Prefetch 2015-12-19 11:09:59 ----D---- C:\WINDOWS\AppReadiness 2015-12-19 11:09:52 ----D---- C:\WINDOWS\System32 2015-12-19 10:40:55 ----HD---- C:\Program Files\WindowsApps 2015-12-19 10:34:23 ----D---- C:\WINDOWS\INF 2015-12-19 10:34:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-19 10:22:07 ----D---- C:\ProgramData\MFAData 2015-12-19 10:21:50 ----D---- C:\Users\moederjeanne\AppData\Roaming\Skype 2015-12-17 18:27:40 ----D---- C:\WINDOWS\Microsoft.NET 2015-12-17 18:27:11 ----D---- C:\WINDOWS\system32\config 2015-12-17 17:51:42 ----D---- C:\WINDOWS\debug 2015-12-17 13:19:50 ----D---- C:\Windows 2015-12-17 13:15:05 ----D---- C:\Program Files (x86)\Common Files 2015-12-17 13:15:04 ----HD---- C:\ProgramData 2015-12-17 12:52:33 ----D---- C:\Users\moederjeanne\AppData\Roaming\DAEMON Tools Lite 2015-12-17 12:52:30 ----D---- C:\Users\moederjeanne\AppData\Roaming\uTorrent 2015-12-17 12:51:19 ----DC---- C:\WINDOWS\Panther 2015-12-17 12:50:59 ----D---- C:\WINDOWS\Minidump 2015-12-17 12:49:09 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-12-17 12:48:54 ----D---- C:\WINDOWS\system32\drivers 2015-12-17 12:43:48 ----D---- C:\WINDOWS\SysWOW64 2015-12-17 10:57:24 ----SHD---- C:\System Volume Information 2015-12-17 10:50:09 ----D---- C:\WINDOWS\system32\DriverStore 2015-12-17 10:13:08 ----SHD---- C:\WINDOWS\Installer 2015-12-17 10:13:08 ----SHD---- C:\Config.Msi 2015-12-17 10:12:38 ----RD---- C:\Program Files 2015-12-17 10:12:02 ----D---- C:\Program Files (x86)\ATI Technologies 2015-12-17 10:11:49 ----D---- C:\ProgramData\AMD 2015-12-17 10:09:40 ----D---- C:\AMD 2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\coinst_15.20.dll 2015-12-17 10:07:38 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll 2015-12-17 10:07:38 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll 2015-12-17 10:07:38 ----A---- C:\WINDOWS\system32\atiuxp64.dll 2015-12-17 10:07:37 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll 2015-12-17 10:07:35 ----A---- C:\WINDOWS\system32\atiumd6a.dll 2015-12-17 10:07:32 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll 2015-12-17 10:07:18 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll 2015-12-17 10:07:18 ----A---- C:\WINDOWS\system32\atig6txx.dll 2015-12-17 10:07:17 ----A---- C:\WINDOWS\system32\atiesrxx.exe 2015-12-17 10:07:16 ----A---- C:\WINDOWS\system32\atieclxx.exe 2015-12-17 10:07:15 ----A---- C:\WINDOWS\system32\atidxx64.dll 2015-12-17 10:07:13 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll 2015-12-17 10:07:12 ----A---- C:\WINDOWS\system32\aticfx64.dll 2015-12-17 10:07:11 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll 2015-12-17 10:07:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll 2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\atiadlxx.dll 2015-12-17 10:06:54 ----A---- C:\WINDOWS\system32\amdocl64.dll 2015-12-17 10:06:48 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll 2015-12-17 10:06:43 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll 2015-12-17 10:06:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll 2015-12-17 10:06:29 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll 2015-12-16 19:21:51 ----D---- C:\Program Files\AVG Web TuneUp 2015-12-16 19:21:45 ----D---- C:\Program Files (x86)\AVG Web TuneUp 2015-12-15 21:42:46 ----D---- C:\Users\moederjeanne\AppData\Roaming\vlc 2015-12-15 18:08:00 ----D---- C:\WINDOWS\WinSxS 2015-12-15 17:57:41 ----HD---- C:\$WINDOWS.~BT 2015-12-15 14:54:23 ----HD---- C:\$AVG 2015-12-14 21:26:14 ----RD---- C:\WINDOWS\assembly 2015-12-14 16:38:51 ----D---- C:\WINDOWS\Logs 2015-12-13 10:45:48 ----D---- C:\WINDOWS\system32\WDI 2015-12-13 10:42:19 ----RD---- C:\Users 2015-12-13 10:37:27 ----D---- C:\WINDOWS\system32\oobe 2015-12-13 10:37:20 ----RSD---- C:\WINDOWS\Fonts 2015-12-13 10:37:18 ----D---- C:\Program Files (x86)\Internet Explorer 2015-12-13 10:37:17 ----D---- C:\Program Files\Internet Explorer 2015-12-13 10:33:09 ----D---- C:\Program Files\Microsoft Silverlight 2015-12-13 10:33:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight 2015-12-13 10:33:05 ----D---- C:\Program Files (x86)\AVG 2015-12-13 10:33:04 ----D---- C:\ProgramData\AVG2014 2015-12-10 20:38:23 ----D---- C:\Program Files\Common Files 2015-12-10 10:28:14 ----D---- C:\ProgramData\Microsoft Help 2015-12-10 10:26:53 ----D---- C:\WINDOWS\CbsTemp 2015-12-10 10:24:41 ----D---- C:\WINDOWS\system32\MRT 2015-12-10 09:28:16 ----A---- C:\WINDOWS\system32\MRT.exe 2015-12-09 20:50:44 ----D---- C:\WINDOWS\system32\catroot2 2015-12-08 18:54:03 ----D---- C:\Users\moederjeanne\AppData\Roaming\AVG 2015-12-08 18:51:32 ----HD---- C:\WINDOWS\ELAMBKUP 2015-12-08 18:50:28 ----D---- C:\ProgramData\AVG 2015-12-05 23:06:51 ----D---- C:\WINDOWS\system32\Tasks 2015-12-02 08:50:18 ----RD---- C:\Program Files (x86) 2015-12-02 08:50:16 ----D---- C:\WINDOWS\Tasks 2015-12-01 01:32:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe 2015-11-24 20:15:17 ----SD---- C:\Users\moederjeanne\AppData\Roaming\Microsoft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-20 298416] R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-08-14 398256] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416] R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2013-08-07 776168] R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2013-08-07 343568] R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240] R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776] R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-12-08 52000] R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608] R1 dtsoftbus01;@oem2.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-07-07 283064] R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968] R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192] R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128] R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952] R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-17 21648880] R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-17 674288] R3 athr;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwbx.sys [2013-08-16 3859968] R3 AtiHDAudioService;@oem23.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912] R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384] R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992] R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-10 525512] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320] R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-07-10 129224] R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816] R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2013-08-07 310224] R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2013-08-07 519064] S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-09-09 23152] S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800] S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168] S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2013-08-07 69264] S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208] S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720] S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288] S2 APXACC;@oem13.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2013-04-18 219360] S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth-stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-07-10 165376] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2015-07-10 105984] S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280] S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352] S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736] S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2013-08-07 70112] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232] S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992] S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016] S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800] S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624] S3 LMDriver;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-17 21360] S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-12-17 192216] S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216] S3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2013-08-07 179664] S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376] S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128] S3 RadioShim;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-17 14680] S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-06 934752] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\WINDOWS\system32\DRIVERS\gtkdrv.sys [2015-01-27 17568] S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952] S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-06 46080] S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128] R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-17 255472] R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 351944] R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272] R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-09 579776] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696] R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-10 144072] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752] R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432] R2 OneSyncSvc_Session1;Host synchroniseren_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760] R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-06 643880] R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] R3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848] S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416] S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc_Session11;Host synchroniseren_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc_Session2;Host synchroniseren_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc_Session4;Host synchroniseren_Session4; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 OneSyncSvc_Session8;Host synchroniseren_Session8; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296] S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-09 615584] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136] S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848] S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144] S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 PimIndexMaintenanceSvc_Session11;Contact Data_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 PimIndexMaintenanceSvc_Session4;Contact Data_Session4; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 PimIndexMaintenanceSvc_Session8;Contact Data_Session8; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856] S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-06 1031680] S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856] -----------------EOF-----------------

Beste , sinds een week zit mijn pc veel vast als ik hem dat heropstart is het probleem even weg soms als ik een map wil openen sluit hij hem , doet hele rare dingen

de link gaat terug niet open ik krijg foutmelding 404 not found

voorlopig geen problemen meer , ik weet niet hoe ik je kan bedanken

Zoek.exe v5.0.0.0 Updated 23-04-2015 Tool run by moederjeanne on vr 24/04/2015 at 14:09:05,08. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\moederjeanne\Desktop\zoek.exe [scan all users] [script inserted] ==== System Restore Info ====================== 24/04/2015 14:12:22 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\AVS4YOU deleted successfully C:\PROGRA~2\WildTangent Games deleted successfully C:\Program Files\Fotoservice deleted successfully C:\PROGRA~3\OEM deleted successfully C:\Users\moederjeanne\AppData\Local\MediaShow deleted successfully C:\Users\moederjeanne\AppData\Local\MigWiz deleted successfully C:\Users\moederjeanne\AppData\Local\Unity deleted successfully C:\Users\ruth\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user.js not found ---- Lines extensions.096vtznLhtsYeNmi removed from prefs.js ---- user_pref("extensions.096vtznLhtsYeNmi.epoch", "1429946194"); user_pref("extensions.096vtznLhtsYeNmi.url", "http://getjpinet.info/sync2/?q=hfZ9oemVC6bTtNbPhd9GrjwGrShTB6lKDzt4oktxtNtVh7n0rjkEqda4rTaGqTs5tMFHhd9Fq ---- FireFox user.js and prefs.js backups ---- prefs_20152404_1443_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\AVS4YOU not found C:\PROGRA~2\WildTangent Games not found C:\PROGRA~2\KeeppeorusEXt deleted C:\Users\moederjeanne\AppData\Local\AVG Web TuneUp deleted C:\Users\ruth\AppData\Local\AVG Web TuneUp deleted C:\PROGRA~2\AVG Web TuneUp deleted C:\Program Files\AVG Web TuneUp deleted C:\Users\moederjeanne\AppData\Roaming\appdataFr3.bin deleted C:\PROGRA~3\AVG Web TuneUp deleted C:\PROGRA~3\Avg_Update_0215tb deleted C:\PROGRA~3\Avg_Update_1214tb deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\moederjeanne\Downloads\ReimageRepair.exe deleted C:\Users\moederjeanne\AppData\LocalLow\AVG Web TuneUp deleted C:\Users\ruth\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\ekWne@1.org deleted "C:\Windows\Installer\dcbf2.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\MOEDER~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2015-04-17 12:16:54 AF8B7B22592C5AC6319102D5AED5EF84 178168 ----a-w- C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-17 12:16:54 14D380006B9105D2E75033566559C593 792056 ----a-w- C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-15 07:05:15 374FD87A72F8FEFF75B8AD7BBBF7A7D0 1498872 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2015-04-15 07:05:15 1663E8E480EDD51FEEFDAF46E3949A9C 749568 ----a-w- C:\Windows\SysWOW64\tdh.dll 2015-04-15 07:05:14 A2AE5C4AE0E64B39687EBD015293A531 257216 ----a-w- C:\Windows\SysWOW64\sechost.dll 2015-04-15 07:05:13 C1A8175D03884045F1D266D3D8B902DC 369152 ----a-w- C:\Windows\SysWOW64\tracerpt.exe 2015-04-15 07:05:04 46DE9C72EE0F23B9AB6A625214C16FE3 1124352 ----a-w- C:\Windows\SysWOW64\msctf.dll 2015-04-15 07:05:00 5E88986E655935B4D68B964A47A9BFB7 208896 ----a-w- C:\Windows\SysWOW64\pku2u.dll 2015-04-15 07:04:56 3E8FCF4A26FA1A75AEE64FBDE19A2290 58880 ----a-w- C:\Windows\SysWOW64\clfsw32.dll 2015-04-15 07:04:46 2F42037DD6F2831332653EB7F35D7E9A 19695616 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2015-04-15 07:04:43 43A5A38E45F0D4FA02A0CCD51244AA17 4305408 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2015-04-15 07:04:41 AE8A9FCDC135F681EFE9135929CF4A7B 12825600 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2015-04-15 07:04:40 C46904F2E9E121A91DDDABB48D7648C3 1888256 ----a-w- C:\Windows\SysWOW64\wininet.dll 2015-04-15 07:04:39 77104FDBBD821F2D73338D9370675EF3 2278400 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2015-04-15 07:04:38 65296F27564BFA862B12D8E42B11D14E 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2015-04-15 07:04:37 EC442CB6F2D08F4FAA6BA68A23B82383 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2015-04-15 07:04:37 9DE502561C39D71B174FE24541449F82 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll 2015-04-15 07:04:37 8127C2EE2E287BB3AB7843F9923B62BD 1311232 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2015-04-15 07:04:37 7776F3DA2B1AEDC2DA226F726B1E9A01 503296 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2015-04-15 07:04:36 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\Windows\SysWOW64\ieuinit.inf 2015-04-15 07:04:36 01C2BB4C13E6E0AF50867BCE8EE8A03E 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2015-04-15 07:03:31 1F457FACEBEE5F9C3882163FF9A51AFC 721920 ----a-w- C:\Windows\SysWOW64\wuapi.dll 2015-04-15 07:03:30 A7964350B8F9E26679225CB897A522A4 124928 ----a-w- C:\Windows\SysWOW64\wuwebv.dll 2015-04-15 07:03:30 9C8D7CE66075A93954F3082CD6896F0D 81920 ----a-w- C:\Windows\SysWOW64\wudriver.dll 2015-04-15 07:03:30 307FED3A389198547D6446693E8FEFAA 27136 ----a-w- C:\Windows\SysWOW64\wups.dll 2015-04-15 07:03:30 1DAD87D13FE06EF4ECD873A1DDF445E3 29696 ----a-w- C:\Windows\SysWOW64\wuapp.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-04-15 07:05:16 7DB50C244AE8F15D62AD044B84824B69 7476032 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2015-04-15 07:05:16 18F7A5A02CB66AC3E08B3B5DCD5BDBF4 1733952 ----a-w- C:\Windows\Sysnative\ntdll.dll 2015-04-15 07:05:15 9E23ACF90477AA76857130FD01EAE09B 950784 ----a-w- C:\Windows\Sysnative\tdh.dll 2015-04-15 07:05:15 50C5F7952F821EED8253BDC4203DECDB 360480 ----a-w- C:\Windows\Sysnative\sechost.dll 2015-04-15 07:05:14 D2451F8CF7EAA14531E3731C06D6D27E 246272 ----a-w- C:\Windows\Sysnative\microsoft-windows-system-events.dll 2015-04-15 07:05:14 AF4309E729C1943908E1E10DAEE42413 285184 ----a-w- C:\Windows\Sysnative\wow64.dll 2015-04-15 07:05:14 168ECAC2C72695D6F827050BE5386206 411648 ----a-w- C:\Windows\Sysnative\tracerpt.exe 2015-04-15 07:05:13 DB2A64D1A82226DCEFF4076725BD5577 13312 ----a-w- C:\Windows\Sysnative\wow64cpu.dll 2015-04-15 07:05:04 3E9BB985DF2FF26CCE840DE1D24E9381 1385256 ----a-w- C:\Windows\Sysnative\msctf.dll 2015-04-15 07:05:02 9A7A7E45DAED2E8C2816716D8D28236A 780800 ----a-w- C:\Windows\Sysnative\lsm.dll 2015-04-15 07:05:00 31E9837295401C2470027AF7DD75C4D2 259072 ----a-w- C:\Windows\Sysnative\pku2u.dll 2015-04-15 07:04:57 EFC011253AE4F21DE600907AD9F0263D 75264 ----a-w- C:\Windows\Sysnative\clfsw32.dll 2015-04-15 07:04:48 DBC0C4554A8B2A81F68690D30F12C99E 24980480 ----a-w- C:\Windows\Sysnative\mshtml.dll 2015-04-15 07:04:43 AA0640B3252BB6E9F90715F79EE77399 6025216 ----a-w- C:\Windows\Sysnative\jscript9.dll 2015-04-15 07:04:42 FA10EC0F44A75511D13F9D93184CFC90 14397440 ----a-w- C:\Windows\Sysnative\ieframe.dll 2015-04-15 07:04:40 77B35D0FC22A2D2EAC8D07C3F9784DBF 2358784 ----a-w- C:\Windows\Sysnative\wininet.dll 2015-04-15 07:04:39 7571102ACD8A82A55D1657CDF96A1A0E 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2015-04-15 07:04:39 50B2A19B2FBFEFE0FFC537C1BA6C5DD9 2886144 ----a-w- C:\Windows\Sysnative\iertutil.dll 2015-04-15 07:04:38 EF1A03145BC0F28BC7604207A4CE29AB 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2015-04-15 07:04:38 3C9D34F1F5A2C6867ECC60026F1F6CB7 1548288 ----a-w- C:\Windows\Sysnative\urlmon.dll 2015-04-15 07:04:38 3457A873B2246B36F1FF58876841D7FE 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2015-04-15 07:04:37 E593E891B374088572AD021431EBC38B 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll 2015-04-15 07:04:37 9171D1A18B1185A78BA33FEE884B8912 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2015-04-15 07:04:37 2FB7437C878ED672C00C5EC8109411F4 816128 ----a-w- C:\Windows\Sysnative\jscript.dll 2015-04-15 07:04:36 3408F27ABC8B2426481306336F747949 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2015-04-15 07:04:36 2CBD6D22499EB13A2666F62EF33D00E2 16303 ----a-w- C:\Windows\Sysnative\ieuinit.inf 2015-04-15 07:03:32 5F3D70B19BCAC985DA90F22CA2FF45E4 3678720 ----a-w- C:\Windows\Sysnative\wuaueng.dll 2015-04-15 07:03:31 DDFFE37C690F8D0AB05309C11AE8A740 52224 ----a-w- C:\Windows\Sysnative\wups2.dll 2015-04-15 07:03:31 A6D023786B16C2C6FEC235A69F60A5B2 15360 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll 2015-04-15 07:03:31 A40A005B63E305A0509A69A604659944 133256 ----a-w- C:\Windows\Sysnative\wuauclt.exe 2015-04-15 07:03:31 8DE0A3EC9024DC2AF1DE8BDCE4AEA2C6 2373632 ----a-w- C:\Windows\Sysnative\wucltux.dll 2015-04-15 07:03:31 49B0AE13918B1456C1EFB284E4DC52D1 408064 ----a-w- C:\Windows\Sysnative\WUSettingsProvider.dll 2015-04-15 07:03:31 47C04EEA5C1C3D27744E123F3AF25E57 891392 ----a-w- C:\Windows\Sysnative\wuapi.dll 2015-04-15 07:03:31 3BAAE060A97C0F9AD48AFE3330B577E5 267264 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll 2015-04-15 07:03:31 35FAB05339F7083611B12ED7143AFA81 200192 ----a-w- C:\Windows\Sysnative\storewuauth.dll 2015-04-15 07:03:31 1EB1732C67D40598222103776F7AF829 66048 ----a-w- C:\Windows\Sysnative\wups.dll 2015-04-15 07:03:30 BF5F10811E8249075D48153E8766184D 35840 ----a-w- C:\Windows\Sysnative\wuapp.exe 2015-04-15 07:03:30 A6B426B5502174F2FDC5D2CA174E6B6C 95744 ----a-w- C:\Windows\Sysnative\wudriver.dll 2015-04-15 07:03:30 4C6D7A1AA4EB4DA0382484ECF38040A7 140288 ----a-w- C:\Windows\Sysnative\wuwebv.dll 2015-04-15 07:03:23 BA93F0E6B27510746864DA8D26DD3852 30720 ----a-w- C:\Windows\Sysnative\acmigration.dll 2015-04-15 07:03:23 9B8BE8DDC0D9CD6A4D2182196ABE99E2 419328 ----a-w- C:\Windows\Sysnative\devinv.dll 2015-04-15 07:03:23 813906D7D0A35CB7158C45E6568FA3DD 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll 2015-04-15 07:03:23 7F6FF3CFCE8A174BA6635FC1617E0F02 957440 ----a-w- C:\Windows\Sysnative\appraiser.dll 2015-04-15 07:03:23 1C6716A453FEB8DB6EE7A05E02CF5C6A 769024 ----a-w- C:\Windows\Sysnative\invagent.dll 2015-04-15 07:03:23 1588D38241818380E156613D29C1C303 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll 2015-04-15 07:03:22 EE5ED8E6998D7E686F614BA8D876829B 192000 ----a-w- C:\Windows\Sysnative\aepic.dll 2015-04-15 07:03:22 150416EB645442AB9AF3ECC0AA183A92 1111552 ----a-w- C:\Windows\Sysnative\aeinv.dll ====== C:\Windows\Sysnative\drivers ===== 2015-04-24 09:24:21 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-04-24 09:24:04 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-04-24 09:24:04 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-04-24 09:24:04 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-04-15 07:04:58 E87A6D3B8FECD5B93BC0CFBB48C27970 991552 ----a-w- C:\Windows\Sysnative\drivers\http.sys 2015-04-15 07:04:57 8EB7E70C2D348FE2476A2E3F2D585E3D 377152 ----a-w- C:\Windows\Sysnative\drivers\clfs.sys ====== C:\Windows\Tasks ====== 2015-04-24 07:25:01 DF1FAE622BA513B8C5693C6EF1F8553D 3814 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2015-04-24 07:25:01 DD9BFE98524023871ED0B230E9FDC243 1074 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-24 07:25:01 AD133ADA2795E09B12656991A40F3BDF 4050 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-04-24 07:25:01 617A5E362D851C23E1EB9F214DC8E76D 1078 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-10 08:29:56 AACA709BFCFB59B5F053B98F19D533BE 3248 ----a-w- C:\Windows\Sysnative\Tasks\Trojan Killer ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-24 07:29:03 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\moederjeanne\AppData\Roaming ====== 2015-03-29 16:53:34 -------- d-----w- C:\Users\ruth\AppData\Roaming\WinRAR ====== C:\Users\moederjeanne ====== 2015-04-24 07:25:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-04-10 08:28:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GridinSoft Trojan Killer 2015-04-10 08:28:08 -------- d-----w- C:\ProgramData\GridinSoft 2015-04-09 20:53:34 -------- d-----w- C:\Users\moederjeanne\Tracing ====== C: exe-files == 2015-04-24 09:23:04 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\moederjeanne\Desktop\map anti virussen\mbam-setup-2.0.0.1000.exe 2015-04-24 08:37:50 BCA7C7F35103894AC6D403C0917DF0F3 2224640 ----a-w- C:\Users\moederjeanne\Desktop\map anti virussen\adwcleaner_4.202 (2).exe 2015-04-24 08:36:50 BCA7C7F35103894AC6D403C0917DF0F3 2224640 ----a-w- C:\Users\moederjeanne\Desktop\map anti virussen\adwcleaner_4.202 (1).exe 2015-04-24 08:34:38 BCA7C7F35103894AC6D403C0917DF0F3 2224640 ----a-w- C:\Users\moederjeanne\Desktop\map anti virussen\adwcleaner_4.202.exe 2015-04-24 07:29:17 4B52FD2C7B9675D2BBD9A8F80508A61E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$IP1RPCG.exe 2015-04-24 07:29:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\moederjeanne.exe 2015-04-24 07:28:26 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\moederjeanne\Desktop\map anti virussen\anti spam\RSITx64.exe 2015-04-24 07:25:15 3F41E4BC551B4C913BAD2F4340D79B60 41815632 ----a-w- C:\Program Files (x86)\Google\Update\Install\{23B65E7B-8B0F-4C1C-BA02-DA6D8AAB2F22}\42.0.2311.90_chrome_installer.exe 2015-04-24 07:25:13 3F41E4BC551B4C913BAD2F4340D79B60 41815632 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\42.0.2311.90\42.0.2311.90_chrome_installer.exe 2015-04-24 07:25:00 FD98434B6A06FE31A35E4BFBC827B290 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe 2015-04-24 07:25:00 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe 2015-04-24 07:25:00 5F0A3AA68785C49454F56C9F2DDA0237 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe 2015-04-24 07:25:00 4C02536F4CA35911FB3EA5715F300C57 52040 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe 2015-04-24 07:24:59 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 2015-04-24 07:24:57 F3B6470DA7CE34E559D3BA7365CC909C 115528 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe 2015-04-24 07:24:57 E1B44A75947137F4143308D566889837 107848 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe 2015-04-24 07:24:57 83BB030C71C9727DCFB2737005772C4E 232264 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe 2015-04-24 07:24:57 323CFFFDAF253AC65CD194A101BE6231 287048 ----atw- C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe 2015-04-24 07:24:51 F6414DD3B23979312F8EBB91DE794178 11080 ----a-w- C:\Users\moederjeanne\AppData\Local\Apps\2.0\ZK6VKCB9.OPQ\X54WGVGL.142\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\clickonce_bootstrap.exe 2015-04-24 07:24:51 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\moederjeanne\AppData\Local\Apps\2.0\ZK6VKCB9.OPQ\X54WGVGL.142\inst...app_86fd5b6b43e66935_0001.0003_8cc1e8369c183a46\GoogleUpdateSetup.exe 2015-04-24 07:24:51 7CA00A58AA808F4B9844C91845910377 880208 ----a-w- C:\Users\moederjeanne\AppData\Local\Apps\2.0\ZK6VKCB9.OPQ\X54WGVGL.142\clic...exe_86fd5b6b43e66935_0001.0003_none_f263691f58f224f9\GoogleUpdateSetup.exe 2015-04-24 06:38:19 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$RP1RPCG.exe 2015-04-24 06:07:04 4BBD71FB0B84DE9F61EE22D528944C6A 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$IFC2457.exe 2015-04-24 06:05:32 CD2F181EF015F7B3D397DEF900E503EC 355840 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$RFC2457.exe === C: other files == 2015-04-24 09:24:21 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-04-24 09:24:04 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-04-24 09:24:04 9D7BFFDB5FA62B600DF1FCB4919D9D79 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-04-24 09:24:04 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-04-24 07:29:11 79E4DB1EBF1F77D4195DD9E16955819C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$IOWEO4J.zip 2015-04-24 06:13:54 F4705EDB00E570CD82C961F4C70561C1 307075 ----a-w- C:\$Recycle.Bin\S-1-5-21-3968276687-3847870925-728767108-1001\$ROWEO4J.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24/04/2015 09:24] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Trojan Killer" ["C:\Users\moederjeanne\Desktop\anti spam\trojankiller.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{82B7F595-5AE2-407C-9927-19E0A68E3980}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{962602FA-6334-4D12-AC80-1D8392B9923C}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23/04/2014 22:29] ==== Firefox Extensions ====================== ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default - ActiveDeals - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com - ActiveDeals - %ProfilePath%\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com ==== Firefox Plugins ====================== Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit) F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.90 (Latest Stable version: 42.0.2311.90) [z-db] HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 15:24] Bookmark Manager - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik RealDownloader - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji DeaLSSpaacea - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnjdpjpcamfeeiikdfmmcidbdbingoc RealDownloader - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Tumblr Shortcuts - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeaoiimgjnefgefklfijghnlngmkcgom ==== Chromium Fix ====================== C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecnjdpjpcamfeeiikdfmmcidbdbingoc deleted successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeaoiimgjnefgefklfijghnlngmkcgom deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.be/" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {FA489A03-530C-4BC9-B000-AD47AAD15937} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\Software\Microsoft\Internet Explorer\SearchScopes\{FA489A03-530C-4BC9-B000-AD47AAD15937} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{FA489A03-530C-4BC9-B000-AD47AAD15937} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA489A03-530C-4BC9-B000-AD47AAD15937} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\moederjeanne\AppData\Local\Mozilla\Firefox\Profiles\so4plgdq.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=721 folders=104 591920568 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\moederjeanne\AppData\Local\Temp will be emptied at reboot C:\Users\ruth\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\MOEDER~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on vr 24/04/2015 at 15:25:27,95 ======================

Zoek.exe is running now. Do not start any browser windows, they may get closed automatically. Please wait! This window will close when finished. A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

Logfile of random's system information tool 1.10 (written by random/random) Run by moederjeanne at 2015-04-24 12:41:23 Microsoft Windows 8.1 System drive C: has 691 GB (74%) free of 936 GB Total RAM: 15813 MB (89% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:41:26, on 24/04/2015 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.9600.17416) Boot mode: Normal Running processes: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files\trend micro\moederjeanne.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Policies\Explorer\Run: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AtherosSvc - Windows ® Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe -- End of file - 7775 bytes ======Listing Processes====== wininit.exe winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS "dwm.exe" "C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe" C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService atieclxx C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe" "C:\Program Files (x86)\AVG\AVG2014\avgfws.exe" "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service "C:\Program Files\Elantech\ETDService.exe" dashost.exe {29856568-bd70-434b-962ff7fc76381898} "C:\Windows\system32\mfevtps.exe" "C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe" "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" "C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe" "C:\Program Files (x86)\AVG\AVG2014\avgemca.exe" C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=4332003c-d1c9-4e56-a59b-4c6910c1cf20 /coreSdkOptions=4126 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\790fe54c-2b46-4407-927a-ae639a008519-b14-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" /logPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\log\" "C:\Program Files\Elantech\ETDCtrl.exe" taskhostex.exe C:\Windows\Explorer.EXE "C:\Program Files\Elantech\ETDTouch.exe" "C:\Program Files\Elantech\ETDCtrlHelper.exe" C:\Windows\system32\SearchIndexer.exe /Embedding C:\Windows\System32\skydrive.exe -Embedding "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe" "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe /pipeName=6e790638-a136-440b-a304-aa27b5226711 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\35b8534b-66cb-4431-9811-a217cbcdb17a-8b4-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2014\" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014\temp\" C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted "C:\Windows\System32\SettingSyncHost.exe" -Embedding "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" https://mail.telenet.be/zimbra/mail?client=advanced&null=#1 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="5288.0.745755188\845522813" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,41 --gpu-vendor-id=0x1002 --gpu-device-id=0x9830 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=13.152.1.3000 --ignored=" --type=renderer " /prefetch:822062411 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/Disallow/BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5288.1.108222010\864659064" /prefetch:673131151 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BackgroundRendererProcesses/Disallow/*BrowserBlacklist/Enabled/*CTRequiredForEVTrial/RequirementEnforced/CaptivePortalInterstitial/Enabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*DomRel-Enable/enable/*EmbeddedSearch/Group8 pct:10h stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnableSessionCrashedBubbleUI/Disabled/*EnhancedBookmarks/Extension (public)/*ExtensionContentVerification/Enforce/*ExtensionInstallVerification/Enforce/*GoogleNow/Enable/*NewProfileManagement/Enabled/*OmniboxBundledExperimentV1/Preperiod_A4_StableBookmarksIndexURLs/*PasswordGeneration/Disabled/PermissionBubbleRollout/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/*QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Enabled/*RememberCertificateErrorDecisions/Default/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Default/*SafeBrowsingIncidentReportingService/Default/*SettingsEnforcement/enforce_always_with_extensions_and_dse/*ShowAppLauncherPromo/ShowPromoUntilDismissed/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_97/*UMA-Uniformity-Trial-10-Percent/default/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-5-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UwSInterstitialStatus/On/*V8CacheOptions/default/*VoiceTrigger/Install/*WebRTC-IPv6Default/Enabled/*Win32kLockdown/Disabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --font-cache-shared-mem-suffix=5288 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="5288.2.871167226\519859271" /prefetch:673131151 "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" "C:\Users\moederjeanne\Desktop\map anti virussen\anti spam\RSITx64.exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2013-09-06 2890056] "RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-27 13647576] "BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-09-07 132736] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2013-09-25 766208] "AVG_UI"=C:\Program Files (x86)\AVG\AVG2014\avgui.exe [2014-12-16 5188112] "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20 1021128] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [2013-09-07 132736] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcpltsvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefire] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfefirek.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfehidk.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mfevtp] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "EnableLinkedConnections"=1 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "VIDC.YUY2"=msyuv.dll "vidc.i420"=iyuv_32.dll "msacm.msgsm610"=msgsm32.acm "msacm.msg711"=msg711.acm "VIDC.YVYU"=msyuv.dll "VIDC.YVU9"=tsbyuv.dll "wavemapper"=msacm32.drv "midimapper"=midimap.dll "VIDC.UYVY"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.mrle"=msrle32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msadpcm"=msadp32.acm "vidc.msvc"=msvidc32.dll "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "VIDC.CFHD"=CFHD.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2015-04-24 11:24:21 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2015-04-24 11:24:04 ----D---- C:\ProgramData\Malwarebytes 2015-04-24 11:24:04 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-04-24 11:24:04 ----A---- C:\Windows\system32\drivers\mwac.sys 2015-04-24 11:24:04 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2015-04-24 11:24:04 ----A---- C:\Windows\system32\drivers\mbam.sys 2015-04-24 09:29:03 ----D---- C:\Program Files\trend micro 2015-04-24 09:29:02 ----D---- C:\rsit 2015-04-17 14:16:54 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe 2015-04-16 21:58:17 ----D---- C:\Windows\system32\appraiser 2015-04-15 09:05:16 ----A---- C:\Windows\system32\ntoskrnl.exe 2015-04-15 09:05:16 ----A---- C:\Windows\system32\ntdll.dll 2015-04-15 09:05:15 ----A---- C:\Windows\SYSWOW64\tdh.dll 2015-04-15 09:05:15 ----A---- C:\Windows\SYSWOW64\ntdll.dll 2015-04-15 09:05:15 ----A---- C:\Windows\system32\tdh.dll 2015-04-15 09:05:15 ----A---- C:\Windows\system32\sechost.dll 2015-04-15 09:05:14 ----A---- C:\Windows\SYSWOW64\sechost.dll 2015-04-15 09:05:14 ----A---- C:\Windows\system32\wow64.dll 2015-04-15 09:05:14 ----A---- C:\Windows\system32\tracerpt.exe 2015-04-15 09:05:14 ----A---- C:\Windows\system32\microsoft-windows-system-events.dll 2015-04-15 09:05:13 ----A---- C:\Windows\SYSWOW64\tracerpt.exe 2015-04-15 09:05:13 ----A---- C:\Windows\system32\wow64cpu.dll 2015-04-15 09:05:04 ----A---- C:\Windows\SYSWOW64\msctf.dll 2015-04-15 09:05:04 ----A---- C:\Windows\system32\msctf.dll 2015-04-15 09:05:02 ----A---- C:\Windows\system32\lsm.dll 2015-04-15 09:05:00 ----A---- C:\Windows\SYSWOW64\pku2u.dll 2015-04-15 09:05:00 ----A---- C:\Windows\system32\pku2u.dll 2015-04-15 09:04:58 ----A---- C:\Windows\system32\drivers\http.sys 2015-04-15 09:04:57 ----A---- C:\Windows\system32\drivers\clfs.sys 2015-04-15 09:04:57 ----A---- C:\Windows\system32\clfsw32.dll 2015-04-15 09:04:56 ----A---- C:\Windows\SYSWOW64\clfsw32.dll 2015-04-15 09:04:48 ----A---- C:\Windows\system32\mshtml.dll 2015-04-15 09:04:46 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2015-04-15 09:04:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2015-04-15 09:04:43 ----A---- C:\Windows\system32\jscript9.dll 2015-04-15 09:04:42 ----A---- C:\Windows\system32\ieframe.dll 2015-04-15 09:04:41 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2015-04-15 09:04:40 ----A---- C:\Windows\SYSWOW64\wininet.dll 2015-04-15 09:04:40 ----A---- C:\Windows\system32\wininet.dll 2015-04-15 09:04:39 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2015-04-15 09:04:39 ----A---- C:\Windows\system32\iertutil.dll 2015-04-15 09:04:39 ----A---- C:\Windows\system32\ie4uinit.exe 2015-04-15 09:04:38 ----A---- C:\Windows\SYSWOW64\inetcomm.dll 2015-04-15 09:04:38 ----A---- C:\Windows\system32\urlmon.dll 2015-04-15 09:04:38 ----A---- C:\Windows\system32\mshtmled.dll 2015-04-15 09:04:38 ----A---- C:\Windows\system32\inetcomm.dll 2015-04-15 09:04:37 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2015-04-15 09:04:37 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2015-04-15 09:04:37 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2015-04-15 09:04:37 ----A---- C:\Windows\SYSWOW64\jscript.dll 2015-04-15 09:04:37 ----A---- C:\Windows\system32\vbscript.dll 2015-04-15 09:04:37 ----A---- C:\Windows\system32\msfeeds.dll 2015-04-15 09:04:37 ----A---- C:\Windows\system32\jscript.dll 2015-04-15 09:04:36 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2015-04-15 09:04:36 ----A---- C:\Windows\system32\ieapfltr.dll 2015-04-15 09:03:32 ----A---- C:\Windows\system32\wuaueng.dll 2015-04-15 09:03:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\WUSettingsProvider.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wups2.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wups.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wucltux.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wuauclt.exe 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wuapi.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\wu.upgrade.ps.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\WinSetupUI.dll 2015-04-15 09:03:31 ----A---- C:\Windows\system32\storewuauth.dll 2015-04-15 09:03:30 ----A---- C:\Windows\SYSWOW64\wuwebv.dll 2015-04-15 09:03:30 ----A---- C:\Windows\SYSWOW64\wups.dll 2015-04-15 09:03:30 ----A---- C:\Windows\SYSWOW64\wudriver.dll 2015-04-15 09:03:30 ----A---- C:\Windows\SYSWOW64\wuapp.exe 2015-04-15 09:03:30 ----A---- C:\Windows\system32\wuwebv.dll 2015-04-15 09:03:30 ----A---- C:\Windows\system32\wudriver.dll 2015-04-15 09:03:30 ----A---- C:\Windows\system32\wuapp.exe 2015-04-15 09:03:23 ----A---- C:\Windows\system32\invagent.dll 2015-04-15 09:03:23 ----A---- C:\Windows\system32\generaltel.dll 2015-04-15 09:03:23 ----A---- C:\Windows\system32\devinv.dll 2015-04-15 09:03:23 ----A---- C:\Windows\system32\appraiser.dll 2015-04-15 09:03:23 ----A---- C:\Windows\system32\aepdu.dll 2015-04-15 09:03:23 ----A---- C:\Windows\system32\acmigration.dll 2015-04-15 09:03:22 ----A---- C:\Windows\system32\aepic.dll 2015-04-15 09:03:22 ----A---- C:\Windows\system32\aeinv.dll 2015-04-10 10:28:08 ----D---- C:\ProgramData\GridinSoft 2015-04-09 22:28:43 ----D---- C:\Program Files (x86)\KeeppeorusEXt 2015-04-05 13:01:21 ----SD---- C:\Windows\SYSWOW64\GWX 2015-04-05 13:01:21 ----SD---- C:\Windows\system32\GWX ======List of files/folders modified in the last 1 month====== 2015-04-24 12:37:24 ----D---- C:\Windows\Temp 2015-04-24 12:27:23 ----D---- C:\Windows\Prefetch 2015-04-24 12:16:56 ----D---- C:\Windows\system32\drivers 2015-04-24 12:16:25 ----D---- C:\Windows\twain_32 2015-04-24 12:16:24 ----D---- C:\Program Files (x86)\Mozilla Firefox 2015-04-24 12:00:00 ----D---- C:\Windows\system32\sru 2015-04-24 11:56:24 ----D---- C:\Windows\system32\DriverStore 2015-04-24 11:44:51 ----D---- C:\Windows\system32\config 2015-04-24 11:24:04 ----HD---- C:\ProgramData 2015-04-24 11:24:04 ----D---- C:\Program Files (x86) 2015-04-24 11:14:31 ----D---- C:\ProgramData\MFAData 2015-04-24 10:45:09 ----D---- C:\AdwCleaner 2015-04-24 10:13:07 ----D---- C:\Windows\Microsoft.NET 2015-04-24 09:30:01 ----SHD---- C:\Windows\Installer 2015-04-24 09:30:01 ----SHD---- C:\Config.Msi 2015-04-24 09:29:03 ----RD---- C:\Program Files 2015-04-24 09:25:21 ----D---- C:\Program Files (x86)\Google 2015-04-24 09:25:01 ----D---- C:\Windows\Tasks 2015-04-24 09:25:01 ----D---- C:\Windows\system32\Tasks 2015-04-24 07:43:02 ----D---- C:\Users\moederjeanne\AppData\Roaming\Skype 2015-04-23 19:40:38 ----D---- C:\Windows\rescache 2015-04-23 19:38:54 ----SHD---- C:\System Volume Information 2015-04-23 16:29:54 ----RD---- C:\Windows\System32 2015-04-23 16:29:54 ----D---- C:\Windows\Inf 2015-04-23 16:29:54 ----A---- C:\Windows\system32\PerfStringBackup.INI 2015-04-23 09:34:14 ----HD---- C:\Program Files\WindowsApps 2015-04-23 09:34:14 ----D---- C:\Windows\AppReadiness 2015-04-21 10:57:46 ----RSD---- C:\Windows\assembly 2015-04-21 10:55:46 ----D---- C:\Windows\AppCompat 2015-04-17 19:03:58 ----D---- C:\Users\moederjeanne\AppData\Roaming\uTorrent 2015-04-17 14:16:58 ----D---- C:\Windows\WinSxS 2015-04-17 14:16:54 ----D---- C:\Windows\SysWOW64 2015-04-16 21:58:18 ----D---- C:\Windows\system32\nl-NL 2015-04-16 21:58:18 ----D---- C:\Windows\system32\en-US 2015-04-16 21:58:17 ----SD---- C:\Windows\system32\CompatTel 2015-04-16 21:58:17 ----SD---- C:\ProgramData\Microsoft 2015-04-16 21:58:17 ----D---- C:\Windows\system32\wbem 2015-04-16 21:58:17 ----D---- C:\Windows\apppatch 2015-04-16 21:58:16 ----D---- C:\Windows\SYSWOW64\nl-NL 2015-04-16 21:58:16 ----D---- C:\Program Files\Internet Explorer 2015-04-16 20:59:38 ----D---- C:\Windows\CbsTemp 2015-04-15 17:45:45 ----D---- C:\ProgramData\Microsoft Help 2015-04-15 17:44:59 ----D---- C:\Windows\system32\MRT 2015-04-15 17:36:06 ----A---- C:\Windows\system32\MRT.exe 2015-04-15 17:28:13 ----A---- C:\Windows\win.ini 2015-04-15 09:03:01 ----A---- C:\Windows\system32\wuaext.dll 2015-04-10 11:38:55 ----D---- C:\Windows\debug 2015-04-10 10:59:43 ----D---- C:\Windows 2015-04-09 23:32:08 ----D---- C:\Windows\SoftwareDistribution 2015-04-09 23:12:44 ----D---- C:\Program Files (x86)\AVS4YOU 2015-04-09 23:05:14 ----D---- C:\ProgramData\AVG2014 2015-04-09 23:03:27 ----D---- C:\Users\moederjeanne\AppData\Roaming\DAEMON Tools Lite 2015-04-09 22:53:09 ----D---- C:\ProgramData\Skype 2015-04-09 22:53:03 ----RD---- C:\Program Files (x86)\Skype 2015-04-09 22:49:39 ----D---- C:\Program Files (x86)\Common Files 2015-04-07 11:16:53 ----D---- C:\Windows\system32\catroot2 2015-04-05 13:02:17 ----D---- C:\Windows\Logs 2015-03-30 09:52:45 ----D---- C:\Windows\system32\NDF ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2014-06-17 190744] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2014-06-17 328984] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2014-10-29 123672] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2014-06-17 31512] R0 mfehidk;McAfee Inc. mfehidk; C:\Windows\system32\drivers\mfehidk.sys [2013-08-07 776168] R0 mfewfpk;McAfee Inc. mfewfpk; C:\Windows\system32\drivers\mfewfpk.sys [2013-08-07 343568] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2014-06-30 152344] R1 Avgfwfd;@oem24.inf,%AvgfwfdService_Desc%;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2013-09-26 57144] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2014-07-21 244504] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2014-10-24 237848] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-12-08 52000] R1 Avgwfpa;AVG Firewall Driver; C:\Windows\system32\DRIVERS\avgwfpa.sys [2014-06-30 270104] R1 dtsoftbus01;@oem20.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\Windows\System32\drivers\dtsoftbus01.sys [2014-07-07 283064] R1 vwififlt;@%SystemRoot%\System32\drivers\vwififlt.sys,-259; C:\Windows\system32\DRIVERS\vwififlt.sys [2014-04-30 71680] R2 APXACC;@oem4.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\Windows\system32\DRIVERS\appexDrv.sys [2013-04-18 219360] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-09-26 12533760] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-09-26 619008] R3 athr;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athwbx.sys [2013-08-16 3859968] R3 AtiHDAudioService;@oem3.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdWB6.sys [2013-06-23 138240] R3 BTATH_BUS;@oem8.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\Windows\System32\drivers\btath_bus.sys [2013-09-07 34384] R3 BtFilter;BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [2013-09-07 594120] R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2014-10-29 81920] R3 ETD;@oem5.inf,%PS2.DeviceDesc%;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2013-09-06 370504] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2013-08-27 3613528] R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C63x64.sys [2013-06-18 129224] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-24 129752] R3 mfeavfk;McAfee Inc. mfeavfk; C:\Windows\system32\drivers\mfeavfk.sys [2013-08-07 310224] R3 mfefirek;McAfee Inc. mfefirek; C:\Windows\system32\drivers\mfefirek.sys [2013-08-07 519064] R3 usbvideo;@usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2014-06-21 212736] R3 vwifimp;@%SystemRoot%\System32\drivers\vwifimp.sys,-261; C:\Windows\system32\DRIVERS\vwifimp.sys [2014-04-30 38912] S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\Windows\system32\DRIVERS\avgboota.sys [2013-09-04 20496] S0 mfeelamk;McAfee Inc. mfeelamk; C:\Windows\system32\drivers\mfeelamk.sys [2013-08-07 69264] S3 AthBTPort;@oem11.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class; C:\Windows\system32\DRIVERS\btath_flt.sys [2013-09-07 89800] S3 BTATH_A2DP;@oem10.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver; C:\Windows\system32\drivers\btath_a2dp.sys [2013-09-07 338120] S3 btath_avdt;@oem10.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service; C:\Windows\system32\drivers\btath_avdt.sys [2013-09-07 116424] S3 BTATH_HCRP;@oem13.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver; C:\Windows\System32\drivers\btath_hcrp.sys [2013-09-07 179432] S3 BTATH_LWFLT;@oem15.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device; C:\Windows\system32\DRIVERS\btath_lwflt.sys [2013-09-07 77464] S3 BTATH_RCP;@oem17.inf,%BTATH_RCP%;Bluetooth AVRCP Device; C:\Windows\System32\drivers\btath_rcp.sys [2013-09-07 137928] S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\Windows\System32\drivers\BthEnum.sys [2014-10-29 53248] S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\Windows\System32\drivers\BthLEEnum.sys [2013-12-04 226304] S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth-apparaat (Personal Area Network); C:\Windows\System32\drivers\bthpan.sys [2014-07-24 118272] S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2014-10-29 1198080] S3 cfwids;McAfee Inc. cfwids; C:\Windows\system32\drivers\cfwids.sys [2013-08-07 70112] S3 dg_ssudbus;@oem21.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800] S3 LMDriver;@oem1.inf,%LMDriver.SVCDESC%;Launch Manager Wireless Driver; C:\Windows\System32\drivers\LMDriver.sys [2013-07-17 21360] S3 mfeapfk;McAfee Inc. mfeapfk; C:\Windows\system32\drivers\mfeapfk.sys [2013-08-07 179664] S3 RadioShim;@oem1.inf,%RadioShim.SVCDESC%;Shim for HID-KMDF Interface layer; C:\Windows\System32\drivers\RadioShim.sys [2013-07-17 14680] S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\System32\drivers\rfcomm.sys [2015-01-30 167424] S3 ssudmdm;@oem23.inf,%ssud.Service.Name%;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080] S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\Windows\system32\DRIVERS\gtkdrv.sys [2015-01-27 17568] S3 usbscan;@sti.inf,%usbscan.SvcDesc%;Stuurprogramma voor USB-scanner; C:\Windows\System32\drivers\usbscan.sys [2014-10-29 44544] S3 WDC_SAM;@oem12.inf,%WDC_SAM_ServiceName%;WD SCSI Pass Thru driver; C:\Windows\System32\drivers\wdcsam64.sys [2015-01-27 14464] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088] R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-09-26 239616] R2 AtherosSvc;AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [2013-09-07 312448] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [2014-12-16 1417160] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-12-16 3247120] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-12-16 289328] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520] R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2013-09-06 101192] R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272] R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432] R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056] R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2014-10-29 38792] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2013-08-22 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144] S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184] -----------------EOF-----------------

gelukt Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24/04/2015 Scan Time: 11:25:34 Logfile: tyhhhhhhh.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.04.24.01 Rootkit Database: v2015.04.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: moederjeanne Scan Type: Threat Scan Result: Completed Objects Scanned: 405998 Time Elapsed: 30 min, 52 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-3968276687-3847870925-728767108-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Quarantined, [6001a0d072182a0c76c948e1ad58e21e], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 3 PUP.Optional.Multiplug.A, C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll, Quarantined, [b2af4a26b5d50f27ec51292323df9b65], PUP.Optional.MultiPlug, C:\Users\moederjeanne\AppData\Local\Temp\F0C0.exe, Quarantined, [055c1a5688021224e820fb4db74b6d93], PUP.Optional.MultiPlug, C:\Users\moederjeanne\Downloads\Download trojan killer Torrents - KickassTorrents.exe, Quarantined, [352c353bb2d8b68010f83d0bdd25f40c], Physical Sectors: 0 (No malicious items detected) (end)

heel raar met de knop export ,staat onderaan aan mijn werkbalk ik kan er dus niet op klikken ,kan ook de werkbalk niet wegdoen zo dat ik eraan kan

ik kan het niet krijgen in een txt file ik heb een afbeelding gemaakt

Malwarebytes Anti-Malware www.malwarebytes.org Update, 24/04/2015 11:24:33, SYSTEM, HANS, Manual, Rootkit Database, 2014.2.20.1, 2015.4.21.1, Update, 24/04/2015 11:24:35, SYSTEM, HANS, Manual, Remediation Database, 2013.10.16.1, 2015.4.22.1, Update, 24/04/2015 11:24:39, SYSTEM, HANS, Manual, Malware Database, 2014.3.4.9, 2015.4.24.1, Update, 24/04/2015 11:24:41, SYSTEM, HANS, Manual, program, 2.0.0.1000, 2.0.4.1028, Update, 24/04/2015 11:25:18, SYSTEM, HANS, Manual, Remediation Database, 2013.10.16.1, 2015.4.22.1, Update, 24/04/2015 11:25:18, SYSTEM, HANS, Manual, Rootkit Database, 2014.11.18.1, 2015.4.21.1, Update, 24/04/2015 11:25:21, SYSTEM, HANS, Manual, Malware Database, 2014.11.20.6, 2015.4.24.1, Scan, 24/04/2015 12:16:25, SYSTEM, HANS, Manual, Start:24/04/2015 11:25:34, Duration:30 min 52 sec, Threat Scan, Completed, 0 Malware Detections, 4 Non-Malware Detections, (end)

# AdwCleaner v4.202 - Logbestand aangemaakt 24/04/2015 op 10:45:06 # Laatste update 23/04/2015 door Xplode # Database : 2015-04-23.2 [server] # Besturingssysteem : Windows 8.1 (x64) # Gebruikersnaam : moederjeanne - HANS # Gestart vanuit : C:\Users\moederjeanne\Desktop\adwcleaner_4.202 (1).exe # Optie : Verwijderen ***** [ Services ] ***** [#] Service Verwijderd : vToolbarUpdater18.4.0 ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\ProgramData\{7220312b-a83e-6efb-7220-0312ba83c4ae} Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_worldcraft.en.softonic.com_0.localstorage Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_worldcraft.en.softonic.com_0.localstorage-journal Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage Bestand Verwijderd : C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.reimageplus.com_0.localstorage-journal ***** [ Geplande taken ] ***** ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL Sleutel Verwijderd : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 Sleutel Verwijderd : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} Sleutel Verwijderd : HKCU\Software\Local AppWizard-Generated Applications Sleutel Verwijderd : HKU\.DEFAULT\Software\TornTv Downloader Sleutel Verwijderd : HKU\.DEFAULT\Software\Local AppWizard-Generated Applications Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Reimage ***** [ Webbrowsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Mozilla Firefox v [so4plgdq.default\prefs.js] - Regel Verwijderd : user_pref("browser.search.selectedEngine", "AVG Secure Search"); -\\ Google Chrome v42.0.2311.90 [C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Verwijderd [Default_Search_Provider_Data] : ************************* AdwCleaner[R0].txt - [18238 bytes] - [11/01/2015 23:12:31] AdwCleaner[R1].txt - [7041 bytes] - [11/02/2015 19:41:30] AdwCleaner[R2].txt - [3185 bytes] - [09/04/2015 22:38:28] AdwCleaner[R3].txt - [9703 bytes] - [24/04/2015 10:39:39] AdwCleaner[s0].txt - [16275 bytes] - [11/01/2015 23:15:55] AdwCleaner[s1].txt - [6143 bytes] - [11/02/2015 21:09:51] AdwCleaner[s2].txt - [3249 bytes] - [09/04/2015 22:49:38] AdwCleaner[s3].txt - [3392 bytes] - [24/04/2015 10:45:06] ########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [3451 bytes] ##########

ik krijg dan : 404 Not Found