ik krijg een blanco scherm op bepaalde sites ?

joderoo · 13 april 2015

Hallo, sinds 2 weken krijg ik een blanco scherm als ik bv. naar "Knack.be" ga of naar "beleggerscompetitie.be"

Ik snap er de ballen van(sorry) Ik heb denkelijk geen virus of malware.

Ik gebruik NOD32 en Malwarebytes Anti-Malware.

Ik heb java en flash-player geupdated.

Ik gebruik Mozilla,Chrome,Opera en in geen enkele browser worden sommige pagina's meer geladen.

Kan er mij iemand AUB uit de nood helpen.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:55:16, on 13/04/2015
Platform: Unknown Windows (WinNT 6.01.3505 SP1)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\XM MT4\terminal.exe
C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe
C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe
C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe
C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DT HPC] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: Converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASUS\ROG GameFirst II\spd.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Network Virtual Bridge - www.otp.ccc - C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe
O23 - Service: Network Virtual Bridge S - Unknown owner - C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe
O23 - Service: Network Virtual Bridge Update Protocol - Unknown owner - C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 15975 bytes

Asus · 13 april 2015

Je topic werd verplaatst naar Bestrijding malware & virussen, zo blijft het forum overzichtelijk.

Kan je het onderstaande uitvoeren en het gevraagde logje hier in je topic posten ? ...

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een

.

joderoo · 14 april 2015

Heel fel bedankt om zo snel te reageren.

Zoals u gevraagd heb ,zend ik in bijlage de "log.txt" van RSIT.

Bedankt want ik lees het nieuwsblad altijd online en dit is nu niet meer mogelijk.

Sorry dat ik het log.txt hier plaats ,ik kan geen bestand bijvoegen.Het venstertje tussen ""bestanden bijvoegen en voeg dit bestand bij""Wordt nirt getoond bij mij.

mijn exuses.

Logfile of random's system information tool 1.10 (written by random/random)
Run by joderoo at 2015-04-14 22:06:30
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 100 GB (58%) free of 172 GB
Total RAM: 16285 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:06:32, on 14/04/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17689)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\XM MT4\terminal.exe
C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe
C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe
C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe
C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\trend micro\joderoo.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [DT HPC] C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: Converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Geselecteerde koppelingen converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Koppelingsdoel converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Koppelingsdoel converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Selectie converteren naar Adobe PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Selectie converteren naar bestaande PDF - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Toevoegen aan bestaand PDF-bestand - res://D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\network virtual bridge\lsp\win7\ifslsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O17 - HKLM\System\CS2\Services\Tcpip\..\{40CA2271-C14A-436B-906F-ECA665362E3E}: NameServer = 192.168.1.1
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Version Cue CS3 {nl_NL} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: ASUS Com Service (asComSvc) - Unknown owner - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
O23 - Service: ASDiskUnlocker - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe
O23 - Service: ASUS HM Com Service (asHmComSvc) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
O23 - Service: ASUS System Control Service (AsSysCtrlService) - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
O23 - Service: AsusFanControlService - ASUSTeK Computer Inc. - C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: cFosSpeed System Service (cFosSpeedS) - cFos Software GmbH - C:\Program Files\ASUS\ROG GameFirst II\spd.exe
O23 - Service: DTSAudioSvc - DTS, Inc - C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Canon Inkjet Printer/Scanner/Fax Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Network Virtual Bridge - www.otp.ccc - C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe
O23 - Service: Network Virtual Bridge S - Unknown owner - C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe
O23 - Service: Network Virtual Bridge Update Protocol - Unknown owner - C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Sony PC Companion - Avanquest Software - C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Wise Boot Assistant (WiseBootAssistant) - WiseCleaner.com - C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 16365 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
winlogon.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
"C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe"
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe" /launchService
"C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe"
"C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe"
"C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe"
"C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe"
"C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe"
"C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service
"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service
"C:\Program Files\ASUS\ROG GameFirst II\spd.exe" -service
"C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe"
"C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe"
"C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE"
C:\Windows\system32\IProsetMonitor.exe
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
"C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe" --service
"C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe"
"C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"
taskeng.exe {939E80F2-4593-49C7-922A-2A8D5A9C89E0}
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe" -StartTray
"C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe"
"C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe" -open
"C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe" -Init
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe -Embedding
"C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe" -Init
"C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe" -hide
"C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe" -hide
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --parent-handle=304
"C:\Program Files (x86)\Hewlett-Packard\HP My Display\DTHtml.exe" -Customer=HPC -startup_folder -DT_Startup
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="812.0.1626909397\353157273" --supports-dual-gpus=false --gpu-driver-bug-workarounds=1,18,40 --gpu-vendor-id=0x1002 --gpu-device-id=0x6739 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=14.501.1003.0 --ignored=" --type=renderer " /prefetch:822062411
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Portrait Displays\Shared\HookManager.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.1.1156638684\437143004" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.3.516090807\1460118434" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.4.722185593\416438280" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.5.752696230\2084455962" /prefetch:673131151
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
-dumy -customer=HPC -install
"C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\DP\DPHelper64.exe" -customer=HPC -install
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray
"C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
"C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe"
"C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe"
"C:\Program Files (x86)\XM MT4\terminal.exe"
"C:\Program Files (x86)\FX Choice - MetaTrader 4\terminal.exe"
"C:\Program Files (x86)\KSF Trade MetaTrader 4 Terminal\terminal.exe"
"C:\Program Files (x86)\MetaTrader 4 Terminal\terminal.exe"
taskmgr.exe /3
"C:\Program Files (x86)\FXPRIMUS - MetaTrader 4 Platform\terminal.exe"
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
"C:\Users\joderoo\AppData\Local\Hola\firefox\app\hola_plugin.exe" --no-root --no-kernel --workdir C:\Users\joderoo\AppData\Local\Hola\firefox --firefox
"C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Phone\Skype.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.32.355628989\2131590175" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.35.1248701553\537762616" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.38.1168584976\1888849411" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=ppapi --channel="812.39.1591010747\1851838758" --ppapi-flash-args=enable_hw_video_decode=1 --lang=nl --ignored=" --type=renderer " /prefetch:-632637702
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.42.1032881769\1371539221" /prefetch:673131151
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-deferred-image-decoding --lang=nl --force-fieldtrials="BrowserBlacklist/Enabled/CTRequiredForEVTrial/RequirementEnforced/ChromeSuggestions/Default/DomRel-Enable/enable/EmbeddedSearch/Group1 pct:10a stable:pp2 prefetch_results:1 reuse_instant_search_base_page:1/EnhancedBookmarks/Default/ExtensionContentVerification/Enforce/ExtensionInstallVerification/Enforce/GoogleNow/Enable/NewProfileManagement/Enabled/OmniboxBundledExperimentV1/StandardR4/PasswordGeneration/Disabled/QUIC/EnabledNoIdForLargePopulation/RefreshTokenDeviceId/Disabled/RememberCertificateErrorDecisions/Default/SRTPromptFieldTrial/Default/SafeBrowsingIncidentReportingService/Enabled/SettingsEnforcement/enforce_always_with_extensions_and_dse/ShowAppLauncherPromo/ShowPromoUntilDismissed/UMA-Dynamic-Binary-Uniformity-Trial/default/UMA-Dynamic-Uniformity-Trial/Group6/UMA-Population-Restrict/normal/UMA-Uniformity-Trial-1-Percent/group_01/UMA-Uniformity-Trial-10-Percent/default/UMA-Uniformity-Trial-100-Percent/group_01/UMA-Uniformity-Trial-20-Percent/group_01/UMA-Uniformity-Trial-5-Percent/group_13/UMA-Uniformity-Trial-50-Percent/default/UwSInterstitialStatus/On/VoiceTrigger/Install/WebRTC-IPv6Default/Enabled/" --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --device-scale-factor=1 --font-cache-shared-mem-suffix=812 --enable-pinch-virtual-viewport --enable-delegated-renderer --num-raster-threads=2 --channel="812.45.1649725071\1794463725" /prefetch:673131151

C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
"D:\Joderoo(D)\Rapget\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\FHIGIC.job - C:\Users\joderoo\AppData\Roaming\FHIGIC.exe /infocmdline=BIq7BpQIE5ZHrlW1qDoAq8sMc0e0eMzy6h1swb6yUzJshj59DJ/4IIhasb/zhtO/GWHkpYoMf1T5GsDxqGUelD2Oeb46wsdmnS3VCKa7arblpHW73ELE1Bz3O9LW4v/6L3YafCmBOBV+0BO6C5y55CG/iDSmBGCZw+ocAQNFTUMVE29tAnpTQzkQ5Ua16b5nvltV1bd9N4+6++MkKWof9glBg9slC/Z2YjwhA2BSTZdoUoeWJ/tRlhh0WgmimdWxLbteg0lUbK4bCgsV0W82+a2ken+At5h7Du36u28p4RDRTEpDBI5oXNCoW45mueCazddW/6LqrufvBtpSbDR8OgFhgJ0Yfti/j+sZHRUOrMvN+bdfg8unD8EELw+g94E2DxwarpSJQO0m0/K3pDPukopIoSsdQxQsJ7zhhIjgoRhxbjit/p6wPhuPNIzSzSQ6I4som91rCHnXmbi6tMXRiaLuyajeVcDZr4M2x0SjJ2GHw3h/ZxAZ7DGKK8b+yAx+
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000.job - C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\OEM.job - C:\Users\joderoo\AppData\Roaming\OEM.exe /infocmdline=hmr9X0ZNoSxa+hLMFzEAuwwzKgHwjPsFu2tVT2buubrMKW1jCZ/iESrSBrkszfUNeyrAYNnjH6cI/E1BvdOcYVX0CeuRvMCQMRjrjususOluhAJrYvzidhTYaHN6VZRyzcvjHZFLnG9v6+qBLQe6IFlvuLHazL5ZGecR2bgD7gMfsF97Z+Nywh5WILDr5E+1tjy+Xytzr/sL7+MyyDwqH0A1i8wHvLdWakx+xygdWdEk8Tvy+p0F12kv30CjLOKyVSZzZHgJ+GqPUPbEv4Iqd8dI/d5JV0UbL3ccCapWVPOfQ35Wrz5bcdxXTTjCzyyBDPpF2akUWCUIYKprFV08HBGLxGWjegj8+BtJEDUOhRuVjlcZkO/Uh9s8bFWAxaUY++LKiuJzWY8AAUU7vV7WQGoKZqt6XCkaGVW7E5k2ThaGtlpvbQ+wuAruKwnmPUkKOBNUE51OH6qXjxbhHDbzSYjbL9TFx3rT5ltK8zEKPjj5pgPFBk6Hut41PL6+y/ys
C:\Windows\tasks\Wise Care 365 PC Checkup Task.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe -silent
C:\Windows\tasks\Wise Care 365.job - C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe -StartTray

=========Mozilla firefox=========

ProfilePath - C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.google.be/?gws_rd=ssl"

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@canon.com/EPPEX]
"Description"=Canon Easy-PhotoPrint EX
"Path"=C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 17.0.0.134 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.40.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.40.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=C:\Windows\system32\Wat\npWatWeb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL

C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\
artur.dubovoy@gmail.com
clickclean@hotcleaner.com
jid1-4P0kohSJxU1qGg@jetpack

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-12 551848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14 2117216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-12 212904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E421D566-29E5-F629-2C56-E5BC07586950}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-13 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14 1709152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-13 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-01 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - D:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-23 321120]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-01 194504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2014-12-05 39408]
"GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2015-03-30 809288]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"DT HPC"=C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [2014-06-27 122384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=221

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcod64.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"msacm.l3codecp"=l3codecp.acm
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - "D:\Program Files (x86)\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"

======List of files/folders created in the last 1 month======

2015-04-14 22:06:30 ----D---- C:\rsit
2015-04-14 22:06:30 ----D---- C:\Program Files\trend micro
2015-04-13 23:54:59 ----D---- C:\Program Files (x86)\Trend Micro
2015-04-13 20:47:27 ----D---- C:\Users\joderoo\AppData\Roaming\Oracle
2015-04-13 20:45:05 ----A---- C:\Windows\SYSWOW64\RENBF1E.tmp
2015-04-13 20:44:04 ----D---- C:\Program Files (x86)\Java
2015-04-13 00:47:24 ----A---- C:\Windows\SYSWOW64\XAudio2_7.dll
2015-04-13 00:47:24 ----A---- C:\Windows\SYSWOW64\XAPOFX1_5.dll
2015-04-13 00:47:24 ----A---- C:\Windows\system32\XAudio2_7.dll
2015-04-13 00:47:24 ----A---- C:\Windows\system32\XAPOFX1_5.dll
2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\xactengine3_7.dll
2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\d3dcsx_43.dll
2015-04-13 00:47:23 ----A---- C:\Windows\SYSWOW64\D3DCompiler_43.dll
2015-04-13 00:47:23 ----A---- C:\Windows\system32\xactengine3_7.dll
2015-04-13 00:47:23 ----A---- C:\Windows\system32\d3dcsx_43.dll
2015-04-13 00:47:23 ----A---- C:\Windows\system32\D3DCompiler_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\D3DX9_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\d3dx11_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\SYSWOW64\d3dx10_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\system32\D3DX9_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\system32\d3dx11_43.dll
2015-04-13 00:47:22 ----A---- C:\Windows\system32\d3dx10_43.dll
2015-04-13 00:47:21 ----A---- C:\Windows\SYSWOW64\XAudio2_6.dll
2015-04-13 00:47:21 ----A---- C:\Windows\SYSWOW64\XAPOFX1_4.dll
2015-04-13 00:47:21 ----A---- C:\Windows\system32\XAudio2_6.dll
2015-04-13 00:47:21 ----A---- C:\Windows\system32\XAPOFX1_4.dll
2015-04-13 00:47:19 ----A---- C:\Windows\SYSWOW64\xactengine3_6.dll
2015-04-13 00:47:19 ----A---- C:\Windows\SYSWOW64\X3DAudio1_7.dll
2015-04-13 00:47:19 ----A---- C:\Windows\system32\xactengine3_6.dll
2015-04-13 00:47:19 ----A---- C:\Windows\system32\X3DAudio1_7.dll
2015-04-13 00:47:18 ----A---- C:\Windows\SYSWOW64\XAudio2_5.dll
2015-04-13 00:47:18 ----A---- C:\Windows\system32\XAudio2_5.dll
2015-04-13 00:47:16 ----A---- C:\Windows\SYSWOW64\xactengine3_5.dll
2015-04-13 00:47:16 ----A---- C:\Windows\SYSWOW64\D3DCompiler_42.dll
2015-04-13 00:47:16 ----A---- C:\Windows\system32\xactengine3_5.dll
2015-04-13 00:47:16 ----A---- C:\Windows\system32\D3DCompiler_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\D3DX9_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dx11_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dx10_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\SYSWOW64\d3dcsx_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\system32\D3DX9_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dx11_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dx10_42.dll
2015-04-13 00:47:15 ----A---- C:\Windows\system32\d3dcsx_42.dll
2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\D3DX9_41.dll
2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\d3dx10_41.dll
2015-04-13 00:47:14 ----A---- C:\Windows\SYSWOW64\D3DCompiler_41.dll
2015-04-13 00:47:14 ----A---- C:\Windows\system32\D3DX9_41.dll
2015-04-13 00:47:14 ----A---- C:\Windows\system32\d3dx10_41.dll
2015-04-13 00:47:14 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2015-04-13 00:47:12 ----A---- C:\Windows\SYSWOW64\XAudio2_4.dll
2015-04-13 00:47:12 ----A---- C:\Windows\SYSWOW64\XAPOFX1_3.dll
2015-04-13 00:47:12 ----A---- C:\Windows\system32\XAudio2_4.dll
2015-04-13 00:47:12 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\xactengine3_4.dll
2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\X3DAudio1_6.dll
2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\d3dx10_40.dll
2015-04-13 00:47:11 ----A---- C:\Windows\SYSWOW64\D3DCompiler_40.dll
2015-04-13 00:47:11 ----A---- C:\Windows\system32\xactengine3_4.dll
2015-04-13 00:47:11 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2015-04-13 00:47:11 ----A---- C:\Windows\system32\d3dx10_40.dll
2015-04-13 00:47:11 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2015-04-13 00:47:10 ----A---- C:\Windows\SYSWOW64\D3DX9_40.dll
2015-04-13 00:47:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2015-04-13 00:47:09 ----A---- C:\Windows\SYSWOW64\XAudio2_3.dll
2015-04-13 00:47:09 ----A---- C:\Windows\SYSWOW64\XAPOFX1_2.dll
2015-04-13 00:47:09 ----A---- C:\Windows\system32\XAudio2_3.dll
2015-04-13 00:47:09 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2015-04-13 00:47:07 ----A---- C:\Windows\SYSWOW64\xactengine3_3.dll
2015-04-13 00:47:07 ----A---- C:\Windows\SYSWOW64\X3DAudio1_5.dll
2015-04-13 00:47:07 ----A---- C:\Windows\system32\xactengine3_3.dll
2015-04-13 00:47:07 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2015-04-13 00:47:06 ----A---- C:\Windows\SYSWOW64\XAudio2_2.dll
2015-04-13 00:47:06 ----A---- C:\Windows\SYSWOW64\XAPOFX1_1.dll
2015-04-13 00:47:06 ----A---- C:\Windows\system32\XAudio2_2.dll
2015-04-13 00:47:06 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\xactengine3_2.dll
2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\D3DX9_39.dll
2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\d3dx10_39.dll
2015-04-13 00:47:04 ----A---- C:\Windows\SYSWOW64\D3DCompiler_39.dll
2015-04-13 00:47:04 ----A---- C:\Windows\system32\xactengine3_2.dll
2015-04-13 00:47:04 ----A---- C:\Windows\system32\D3DX9_39.dll
2015-04-13 00:47:04 ----A---- C:\Windows\system32\d3dx10_39.dll
2015-04-13 00:47:04 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2015-04-13 00:47:02 ----A---- C:\Windows\SYSWOW64\XAudio2_1.dll
2015-04-13 00:47:02 ----A---- C:\Windows\SYSWOW64\XAPOFX1_0.dll
2015-04-13 00:47:02 ----A---- C:\Windows\system32\XAudio2_1.dll
2015-04-13 00:47:02 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2015-04-13 00:47:01 ----A---- C:\Windows\SYSWOW64\xactengine3_1.dll
2015-04-13 00:47:01 ----A---- C:\Windows\SYSWOW64\X3DAudio1_4.dll
2015-04-13 00:47:01 ----A---- C:\Windows\system32\xactengine3_1.dll
2015-04-13 00:47:01 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\D3DX9_38.dll
2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\d3dx10_38.dll
2015-04-13 00:47:00 ----A---- C:\Windows\SYSWOW64\D3DCompiler_38.dll
2015-04-13 00:47:00 ----A---- C:\Windows\system32\D3DX9_38.dll
2015-04-13 00:47:00 ----A---- C:\Windows\system32\d3dx10_38.dll
2015-04-13 00:47:00 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2015-04-13 00:46:58 ----A---- C:\Windows\SYSWOW64\XAudio2_0.dll
2015-04-13 00:46:58 ----A---- C:\Windows\system32\XAudio2_0.dll
2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\xactengine3_0.dll
2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\X3DAudio1_3.dll
2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\d3dx10_37.dll
2015-04-13 00:46:57 ----A---- C:\Windows\SYSWOW64\D3DCompiler_37.dll
2015-04-13 00:46:57 ----A---- C:\Windows\system32\xactengine3_0.dll
2015-04-13 00:46:57 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2015-04-13 00:46:57 ----A---- C:\Windows\system32\d3dx10_37.dll
2015-04-13 00:46:57 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2015-04-13 00:46:56 ----A---- C:\Windows\SYSWOW64\D3DX9_37.dll
2015-04-13 00:46:56 ----A---- C:\Windows\system32\D3DX9_37.dll
2015-04-13 00:46:55 ----A---- C:\Windows\SYSWOW64\xactengine2_10.dll
2015-04-13 00:46:55 ----A---- C:\Windows\system32\xactengine2_10.dll
2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\d3dx9_36.dll
2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\d3dx10_36.dll
2015-04-13 00:46:54 ----A---- C:\Windows\SYSWOW64\D3DCompiler_36.dll
2015-04-13 00:46:54 ----A---- C:\Windows\system32\d3dx9_36.dll
2015-04-13 00:46:54 ----A---- C:\Windows\system32\d3dx10_36.dll
2015-04-13 00:46:54 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\xactengine2_9.dll
2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\d3dx9_35.dll
2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\d3dx10_35.dll
2015-04-13 00:46:52 ----A---- C:\Windows\SYSWOW64\D3DCompiler_35.dll
2015-04-13 00:46:52 ----A---- C:\Windows\system32\xactengine2_9.dll
2015-04-13 00:46:52 ----A---- C:\Windows\system32\d3dx9_35.dll
2015-04-13 00:46:52 ----A---- C:\Windows\system32\d3dx10_35.dll
2015-04-13 00:46:52 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\xactengine2_8.dll
2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\X3DAudio1_2.dll
2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\d3dx10_34.dll
2015-04-13 00:46:50 ----A---- C:\Windows\SYSWOW64\D3DCompiler_34.dll
2015-04-13 00:46:50 ----A---- C:\Windows\system32\xactengine2_8.dll
2015-04-13 00:46:50 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2015-04-13 00:46:50 ----A---- C:\Windows\system32\d3dx10_34.dll
2015-04-13 00:46:50 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2015-04-13 00:46:49 ----A---- C:\Windows\SYSWOW64\xinput1_3.dll
2015-04-13 00:46:49 ----A---- C:\Windows\SYSWOW64\d3dx9_34.dll
2015-04-13 00:46:49 ----A---- C:\Windows\system32\xinput1_3.dll
2015-04-13 00:46:49 ----A---- C:\Windows\system32\d3dx9_34.dll
2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\xactengine2_7.dll
2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\d3dx10_33.dll
2015-04-13 00:46:48 ----A---- C:\Windows\SYSWOW64\D3DCompiler_33.dll
2015-04-13 00:46:48 ----A---- C:\Windows\system32\xactengine2_7.dll
2015-04-13 00:46:48 ----A---- C:\Windows\system32\d3dx10_33.dll
2015-04-13 00:46:48 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2015-04-13 00:46:47 ----A---- C:\Windows\SYSWOW64\d3dx9_33.dll
2015-04-13 00:46:47 ----A---- C:\Windows\system32\d3dx9_33.dll
2015-04-13 00:46:46 ----A---- C:\Windows\SYSWOW64\xactengine2_6.dll
2015-04-13 00:46:46 ----A---- C:\Windows\system32\xactengine2_6.dll
2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\xactengine2_5.dll
2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\d3dx9_32.dll
2015-04-13 00:46:44 ----A---- C:\Windows\SYSWOW64\d3dx10.dll
2015-04-13 00:46:44 ----A---- C:\Windows\system32\xactengine2_5.dll
2015-04-13 00:46:44 ----A---- C:\Windows\system32\d3dx9_32.dll
2015-04-13 00:46:44 ----A---- C:\Windows\system32\d3dx10.dll
2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\xactengine2_4.dll
2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\x3daudio1_1.dll
2015-04-13 00:46:42 ----A---- C:\Windows\SYSWOW64\d3dx9_31.dll
2015-04-13 00:46:42 ----A---- C:\Windows\system32\xactengine2_4.dll
2015-04-13 00:46:42 ----A---- C:\Windows\system32\x3daudio1_1.dll
2015-04-13 00:46:42 ----A---- C:\Windows\system32\d3dx9_31.dll
2015-04-13 00:46:41 ----A---- C:\Windows\SYSWOW64\xactengine2_3.dll
2015-04-13 00:46:41 ----A---- C:\Windows\system32\xactengine2_3.dll
2015-04-13 00:46:40 ----A---- C:\Windows\SYSWOW64\xinput1_2.dll
2015-04-13 00:46:40 ----A---- C:\Windows\system32\xinput1_2.dll
2015-04-13 00:46:39 ----A---- C:\Windows\SYSWOW64\xinput1_1.dll
2015-04-13 00:46:39 ----A---- C:\Windows\SYSWOW64\xactengine2_2.dll
2015-04-13 00:46:39 ----A---- C:\Windows\system32\xinput1_1.dll
2015-04-13 00:46:39 ----A---- C:\Windows\system32\xactengine2_2.dll
2015-04-13 00:46:38 ----A---- C:\Windows\SYSWOW64\xactengine2_1.dll
2015-04-13 00:46:38 ----A---- C:\Windows\system32\xactengine2_1.dll
2015-04-13 00:46:36 ----A---- C:\Windows\SYSWOW64\d3dx9_30.dll
2015-04-13 00:46:36 ----A---- C:\Windows\system32\d3dx9_30.dll
2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\xactengine2_0.dll
2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\x3daudio1_0.dll
2015-04-13 00:46:35 ----A---- C:\Windows\SYSWOW64\d3dx9_29.dll
2015-04-13 00:46:35 ----A---- C:\Windows\system32\xactengine2_0.dll
2015-04-13 00:46:35 ----A---- C:\Windows\system32\x3daudio1_0.dll
2015-04-13 00:46:35 ----A---- C:\Windows\system32\d3dx9_29.dll
2015-04-13 00:46:34 ----A---- C:\Windows\SYSWOW64\d3dx9_28.dll
2015-04-13 00:46:34 ----A---- C:\Windows\SYSWOW64\d3dx9_27.dll
2015-04-13 00:46:34 ----A---- C:\Windows\system32\d3dx9_28.dll
2015-04-13 00:46:34 ----A---- C:\Windows\system32\d3dx9_27.dll
2015-04-13 00:46:33 ----A---- C:\Windows\SYSWOW64\d3dx9_26.dll
2015-04-13 00:46:33 ----A---- C:\Windows\SYSWOW64\d3dx9_25.dll
2015-04-13 00:46:33 ----A---- C:\Windows\system32\d3dx9_26.dll
2015-04-13 00:46:33 ----A---- C:\Windows\system32\d3dx9_25.dll
2015-04-13 00:46:32 ----A---- C:\Windows\SYSWOW64\d3dx9_24.dll
2015-04-13 00:46:32 ----A---- C:\Windows\system32\d3dx9_24.dll
2015-04-13 00:43:43 ----D---- C:\Windows\SYSWOW64\directx
2015-04-12 23:41:45 ----A---- C:\Windows\SYSWOW64\REN5EC2.tmp
2015-04-12 23:05:16 ----A---- C:\Windows\SYSWOW64\MRT.exe
2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-04-12 23:04:21 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuwebv.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wups2.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wups.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wudriver.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wucltux.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuaueng.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuauclt.exe
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuapp.exe
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wuapi.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-04-12 23:04:21 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\invagent.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\generaltel.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\devinv.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\appraiser.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\aepic.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\aepdu.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\aeinv.dll
2015-04-12 23:04:19 ----A---- C:\Windows\system32\acmigration.dll
2015-04-12 22:47:01 ----A---- C:\Windows\system32\FNTCACHE.DAT
2015-04-10 20:57:24 ----D---- C:\Windows\Minidump
2015-04-08 21:57:24 ----D---- C:\Program Files\Unlocker
2015-04-07 21:05:09 ----D---- C:\Program Files (x86)\Mozilla Firefox
2015-04-06 17:36:50 ----D---- C:\Program Files\Network Virtual Bridge
2015-04-06 17:36:38 ----D---- C:\Users\joderoo\AppData\Roaming\InAppBrowser
2015-04-06 17:36:34 ----D---- C:\Program Files\Network Virtual Bridge Update Protocol
2015-04-06 17:35:46 ----D---- C:\Users\joderoo\AppData\Roaming\InAppBrowserInstaller
2015-04-06 10:23:56 ----D---- C:\Users\joderoo\AppData\Roaming\idesktop
2015-04-05 03:00:33 ----SD---- C:\Windows\SYSWOW64\GWX
2015-04-05 03:00:33 ----SD---- C:\Windows\system32\GWX
2015-04-02 22:01:06 ----HD---- C:\ProgramData\CanonIJEPPEX
2015-04-02 21:24:17 ----D---- C:\Program Files (x86)\Mozilla Thunderbird
2015-03-23 23:28:06 ----D---- C:\ProgramData\{20797b0b-ff14-a8ec-2079-97b0bff1ec2f}
2015-03-19 01:28:03 ----A---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2015-03-19 01:06:58 ----D---- C:\Windows\system32\log
2015-03-16 22:34:16 ----D---- C:\Program Files (x86)\43d45ddb-733d-4a4f-9d91-4e3253112627
2015-03-16 21:33:58 ----D---- C:\Users\joderoo\AppData\Roaming\2BrightSparks

======List of files/folders modified in the last 1 month======

2015-04-14 22:06:33 ----D---- C:\Windows\Temp
2015-04-14 22:06:30 ----RD---- C:\Program Files
2015-04-14 22:05:13 ----D---- C:\Windows\system32\config
2015-04-14 22:02:11 ----D---- C:\Users\joderoo\AppData\Roaming\Skype
2015-04-13 23:54:59 ----D---- C:\Program Files (x86)
2015-04-13 22:07:49 ----D---- C:\Windows\System32
2015-04-13 22:07:49 ----D---- C:\Windows\inf
2015-04-13 22:07:49 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-04-13 21:31:25 ----D---- C:\Users\joderoo\AppData\Roaming\Wise Care 365
2015-04-13 21:31:10 ----HD---- C:\ProgramData
2015-04-13 21:30:10 ----A---- C:\Windows\PE_Rom.dll
2015-04-13 21:29:31 ----D---- C:\Windows\system32\wbem
2015-04-13 21:29:31 ----D---- C:\Windows
2015-04-13 21:28:53 ----SHD---- C:\Windows\Installer
2015-04-13 21:28:53 ----D---- C:\Windows\Tasks
2015-04-13 21:28:53 ----D---- C:\Windows\SysWOW64
2015-04-13 21:28:53 ----D---- C:\Windows\system32\DriverStore
2015-04-13 21:28:53 ----D---- C:\Windows\system32\drivers
2015-04-13 21:28:53 ----D---- C:\Windows\system32\catroot2
2015-04-13 21:28:53 ----D---- C:\Windows\registration
2015-04-13 21:21:25 ----SHD---- C:\System Volume Information
2015-04-13 20:45:23 ----D---- C:\ProgramData\Oracle
2015-04-13 02:43:17 ----D---- C:\Windows\Logs
2015-04-13 00:46:37 ----RSD---- C:\Windows\assembly
2015-04-13 00:46:31 ----D---- C:\Windows\Microsoft.NET
2015-04-13 00:24:18 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-04-12 23:38:48 ----D---- C:\Program Files\CCleaner
2015-04-12 23:38:47 ----D---- C:\Windows\system32\Tasks
2015-04-12 23:30:32 ----A---- C:\Windows\system32\WindowsAccessBridge-64.dll
2015-04-12 23:30:27 ----D---- C:\Program Files\Java
2015-04-12 23:27:32 ----D---- C:\Program Files (x86)\Common Files
2015-04-12 23:20:07 ----D---- C:\Program Files (x86)\Google
2015-04-12 23:14:51 ----D---- C:\Users\joderoo\AppData\Roaming\Google
2015-04-12 23:08:02 ----D---- C:\Windows\winsxs
2015-04-12 23:05:53 ----SD---- C:\Windows\system32\CompatTel
2015-04-12 23:05:53 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-04-12 23:05:53 ----D---- C:\Windows\system32\nl-NL
2015-04-12 23:05:53 ----D---- C:\Windows\system32\appraiser
2015-04-12 23:05:53 ----D---- C:\Windows\PolicyDefinitions
2015-04-12 23:05:53 ----D---- C:\Windows\AppPatch
2015-04-12 23:05:18 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2015-04-12 22:47:07 ----D---- C:\Windows\debug
2015-04-12 22:46:05 ----D---- C:\Windows\SYSWOW64\config
2015-04-12 22:36:50 ----D---- C:\Windows\SoftwareDistribution
2015-04-12 22:20:08 ----D---- C:\Users\joderoo\AppData\Roaming\TeamViewer
2015-04-12 22:16:47 ----D---- C:\Windows\pss
2015-04-12 19:45:37 ----D---- C:\Users\joderoo\AppData\Roaming\WiseUpdate
2015-04-12 15:29:04 ----D---- C:\Windows\system32\LogFiles
2015-04-09 03:31:30 ----D---- C:\Program Files (x86)\Opera
2015-04-08 20:01:53 ----D---- C:\ProgramData\Skype
2015-04-07 21:13:23 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-07 20:48:28 ----HD---- C:\ProgramData\CanonIJScan
2015-04-07 20:48:28 ----D---- C:\ProgramData\FLEXnet
2015-04-07 20:48:28 ----D---- C:\ProgramData\CanonIJ
2015-04-06 17:39:16 ----D---- C:\ProgramData\Package Cache
2015-04-06 10:20:32 ----D---- C:\Program Files (x86)\Aiseesoft Studio
2015-04-06 10:17:03 ----RHD---- C:\MSOCache
2015-04-02 22:09:09 ----D---- C:\ProgramData\CanonIJPLM
2015-04-02 22:01:06 ----D---- C:\Windows\system32\FxsTmp
2015-03-30 08:01:50 ----D---- C:\Users\joderoo\AppData\Roaming\MyPhoneExplorer
2015-03-29 20:04:44 ----D---- C:\Program Files (x86)\Skype
2015-03-27 22:45:49 ----D---- C:\Program Files\MPC-HC
2015-03-27 22:44:27 ----D---- C:\Users\joderoo\AppData\Roaming\MPC-HC
2015-03-23 21:25:52 ----D---- C:\Users\joderoo\AppData\Roaming\uTorrent
2015-03-23 21:25:49 ----D---- C:\Windows\Panther
2015-03-19 01:08:19 ----D---- C:\Windows\Prefetch
2015-03-18 09:46:39 ----D---- C:\Windows\system32\MRT
2015-03-18 09:43:06 ----A---- C:\Windows\system32\MRT.exe
2015-03-16 01:49:12 ----D---- C:\Program Files (x86)\MyDrive Connect

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 amd_sata;amd_sata; C:\Windows\system32\DRIVERS\amd_sata.sys [2012-02-29 82560]
R0 amd_xata;amd_xata; C:\Windows\system32\DRIVERS\amd_xata.sys [2012-02-29 42624]
R0 asahci64;asahci64; C:\Windows\system32\DRIVERS\asahci64.sys [2012-01-06 49760]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys [2014-12-05 513080]
R1 AsIO;AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [2010-08-24 13440]
R1 AsUpIO;AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [2010-08-03 14464]
R1 cFosSpeed;cFosSpeed for faster Internet connections (NDIS 6); C:\Windows\system32\DRIVERS\cfosspeed6.sys [2012-04-27 1671552]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2014-10-10 243440]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2014-10-10 169280]
R1 VDiskBus;ASUS Disk Unlocker; C:\Windows\system32\DRIVERS\VDiskBus64.sys [2012-06-01 42656]
R2 AODDriver4.3;AODDriver4.3; \??\C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [2014-02-11 59616]
R2 cpuz135;cpuz135; \??\C:\Windows\system32\drivers\cpuz135_x64.sys [2012-03-09 23816]
R2 epfwwfpr;epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [2014-10-10 158968]
R2 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2014-11-21 93400]
R3 AiCharger;AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [2012-03-22 14848]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2014-11-21 18959360]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2014-11-21 589312]
R3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [2013-06-02 31920]
R3 ASFLTDrv.sys;ASFLTDrv.sys; \??\C:\Program Files (x86)\ASUS\Disk Unlocker\ASFLTDrv64.sys [2010-09-16 16512]
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys [2011-11-03 130536]
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys [2011-11-03 395752]
R3 ASUSFILTER;ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [2011-09-20 46152]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver); C:\Windows\system32\DRIVERS\ASUSstpt.sys [2011-09-15 24648]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM); C:\Windows\system32\DRIVERS\ASUSumsc.sys [2011-09-15 141896]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2014-06-21 94720]
R3 e1qexpress;Intel® PCI Express Network Connection Driver Q; C:\Windows\system32\DRIVERS\e1q62x64.sys [2011-10-13 356016]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2012-06-12 4060560]
R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2011-12-15 351392]
R3 LVUVC64;Logitech HD Pro Webcam C920(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2011-12-15 4862368]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-11-21 25816]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-04-14 129752]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-11-21 63704]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2011-12-13 56448]
S3 A38CCID;CCID USB Smart Card Reader; C:\Windows\system32\DRIVERS\a38ccid.sys [2014-11-13 62976]
S3 DIRECTIO;DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [2014-04-24 31160]
S3 EsgScanner;EsgScanner; C:\Windows\system32\DRIVERS\EsgScanner.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usb_rndisx;USB RNDIS-adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 19968]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;Sony sa0107 ADB Interface; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2014-11-21 244736]
R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [2014-11-20 344064]
R2 asComSvc;ASUS Com Service; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2012-06-01 920736]
R2 ASDiskUnlocker;ASDiskUnlocker; C:\Program Files (x86)\ASUS\Disk Unlocker\ASPFSVS64.exe [2012-06-18 262816]
R2 asHmComSvc;ASUS HM Com Service; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2012-06-01 951936]
R2 AsSysCtrlService;ASUS System Control Service; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2012-02-17 149120]
R2 AsusFanControlService;AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.15\AsusFanControlService.exe [2012-06-19 1457664]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]
R2 cFosSpeedS;cFosSpeed System Service; C:\Program Files\ASUS\ROG GameFirst II\spd.exe [2012-06-28 756648]
R2 DTSAudioSvc;DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [2012-01-23 233328]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [2014-06-27 138768]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2014-10-01 1349576]
R2 IJPLMSVC;Canon Inkjet Printer/Scanner/Fax Extended Survey Program; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [2010-04-05 116104]
R2 Intel® PROSet Monitoring Service;Intel® PROSet Monitoring Service; C:\Windows\system32\IProsetMonitor.exe [2011-11-09 189608]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-11-21 1871160]
R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-11-21 969016]
R2 Network Virtual Bridge S;Network Virtual Bridge S; C:\Program Files\Network Virtual Bridge\SERVICE\SNetwork Virtual Bridge.exe [2015-03-31 129024]
R2 Network Virtual Bridge Update Protocol;Network Virtual Bridge Update Protocol; C:\Program Files\Network Virtual Bridge Update Protocol\Network Virtual Bridge Update Protocol.exe [2015-04-03 131072]
R2 Network Virtual Bridge;Network Virtual Bridge; C:\Program Files\Network Virtual Bridge\PROXY\adsentinel.exe [2014-12-07 505364]
R2 PdiService;Portrait Displays SDK Service; C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [2014-01-22 122384]
R2 TeamViewer;TeamViewer 10; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-01-30 5429520]
R2 UMVPFSrv;UMVPFSrv; C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-12-15 450848]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-04-12 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-04-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Users\joderoo\Desktop\Joderoo(D)\Program Files (x86)\Updater\Updater.exe [2015-02-18 315488]
S2 WiseBootAssistant;Wise Boot Assistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [2014-10-28 580232]
S3 Adobe Version Cue CS3;Adobe Version Cue CS3 {nl_NL} ; C:\Program Files (x86)\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [2007-03-20 153792]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-13 268464]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2014-12-18 654848]
S3 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-05 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-12-05 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-02-20 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2015-04-07 148080]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 Sony PC Companion;Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2015-01-05 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2014-04-11 50864]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2014-04-12 139944]
S4 PuranDefrag;PuranDefrag; C:\Windows\system32\PuranDefragS.exe [2013-08-15 292736]

-----------------EOF-----------------

met vriendelijke groeten.

Asus · 14 april 2015

Goed zo.

Zodra één van de malware-experts online komt gebeurt de analyse van je logje en krijg je persoonlijke begeleiding.

kape · 15 april 2015

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\Windows\tasks\FHIGIC.job;f
C:\Users\joderoo\AppData\Roaming\FHIGIC.exe;f
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\artur.dubovoy@gmail.com;fs
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\clickclean@hotcleaner.com;fs
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-4P0kohSJxU1qGg@jetpack;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E421D566-29E5-F629-2C56-E5BC07586950}];r
C:\Windows\SYSWOW64\RENBF1E.tmp;f
CHRdefaults;
C:\ProgramData\{20797b0b-ff14-a8ec-2079-97b0bff1ec2f};fs
C:\Program Files (x86)\43d45ddb-733d-4a4f-9d91-4e3253112627;fs
emptyfolderscheck;delete
startupall;
filesrcm;

Klik op de knop "More options" en vink nu de onderstaande opties aan.
Do a Quick Scan
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

joderoo · 15 april 2015

hallo ik stuur u het logje van ""Zoek.exe"" langs deze weg want ik kan nikske uploaden via jullie site

bedankt voor de medewerking.

joery,

Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by joderoo on wo 15/04/2015 at 23:58:10,24.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Joderoo(D)\Rapget\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

15/04/2015 23:59:37 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Citrix deleted successfully
C:\PROGRA~2\Gecko Software deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Bitrix deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\joderoo\AppData\Roaming\Awesomium deleted successfully
C:\Users\joderoo\AppData\Roaming\idesktop deleted successfully
C:\Users\joderoo\AppData\Roaming\Vso deleted successfully
C:\Users\joderoo\AppData\Roaming\WiseUpdate deleted successfully
C:\Users\joderoo\AppData\Local\Canon Easy-PhotoPrint EX deleted successfully
C:\Users\joderoo\AppData\Local\Unity deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E421D566-29E5-F629-2C56-E5BC07586950}]

==== Deleting Files \ Folders ======================

"C:\Users\joderoo\AppData\Roaming\FHIGIC.exe" not found
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\artur.dubovoy@gmail.com deleted
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\clickclean@hotcleaner.com deleted
C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-4P0kohSJxU1qGg@jetpack deleted
C:\ProgramData\{20797b0b-ff14-a8ec-2079-97b0bff1ec2f} deleted
C:\Program Files (x86)\43d45ddb-733d-4a4f-9d91-4e3253112627 deleted
"C:\Windows\tasks\FHIGIC.job" deleted
"C:\Windows\SYSWOW64\RENBF1E.tmp" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\joderoo\AppData\Local\Temp ====
2015-04-13 20:12:56   E82AB1F1B22D4AE5A38B28F94BF7888F   15252424   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.455.exe
2015-04-12 21:30:10   0944AF122EF33168F38D858DAE0CF263   561576   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\jre-8u40-windows-au.exe
2015-04-12 20:56:53   F76D4ECF94DC677C13061EAEE9D6745A   312832   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\IntlProvider.dll
2015-04-12 20:56:53   EC664AAB47C27667256DDFBD13986239   127488   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\OSProvider.dll
2015-04-12 20:56:53   CD564F5637BBBEB6E5F3464EDD573C80   438272   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DmiProvider.dll
2015-04-12 20:56:53   CCF6EC908566900E9626DC3360B9E35E   112128   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismCorePS.dll
2015-04-12 20:56:53   A909643B215FC0587A043C9C15959D41   186368   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismProv.dll
2015-04-12 20:56:53   A77A8EB5E9BA6D63A121811F0830F565   302080   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\UnattendProvider.dll
2015-04-12 20:56:53   8DF4C8E300C8D32468F6141D22BBAF24   271360   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\SmiProvider.dll
2015-04-12 20:56:53   7B38D7916A7CD058C16A0A6CA5077901   271360   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\wdscore.dll
2015-04-12 20:56:53   739968678548BA15F6B9372E8760C012   444416   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\TransmogProvider.dll
2015-04-12 20:56:53   6EBC2138A3C9B3B7D1E69E0629B6C815   289792   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismCore.dll
2015-04-12 20:56:53   64B66A41B61D511E8EBE94625EC0E45A   53760   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\FolderProvider.dll
2015-04-12 20:56:53   516A5FCE06BB388499238A5F9286CB74   96768   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismHost.exe
2015-04-12 20:56:53   45FF4FA5CA5432BFCCDED4433FE2A85B   216576   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\MsiProvider.dll
2015-04-12 20:56:53   3A9C49943047DE6C6F8DC68CB986A0EC   183296   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\CompatProvider.dll
2015-04-12 20:56:53   2961AB067AE61440ADF11C4BFE085151   1672192   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\CbsProvider.dll
2015-04-12 20:56:53   27EC9795973FB7790059892EF2F363B1   107008   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\LogProvider.dll
2015-04-12 20:56:53   26981358EA5F82938387F6998F861978   471040   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\WimProvider.dll
====== Java Cache =====
2015-04-12 21:28:05   C1BBA7F1278F193AB584FFF460DB5E2A   17878   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-123db069
2015-04-12 21:28:02   415FC9732A3F4D89A0E01251CD66E136   646   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-376d0312
2015-04-12 21:28:02   A8D75DB9A0808D3A3DAC0B4CE70CDD1E   425   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-04-12 21:28:01   415FC9732A3F4D89A0E01251CD66E136   646   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\19\3d7894d3-7cbeae23
2015-04-12 21:28:02   34FA8033B50A3F99D3AB8209C72C0ABA   6860   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-706d8bff
2015-04-13 18:47:20   B5484710FD46B5204FB01AE9F3F3E8BE   286754   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\7e60542d-761599d1
2015-04-13 18:47:19   67911F367EC150BDC8F2CB46397F0925   845   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\61\11dd5f3d-50f85066
2015-04-13 18:47:19   67911F367EC150BDC8F2CB46397F0925   845   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-7603798a
2015-04-13 18:47:20   246ADA1B4B3367C8A1F00C3B2D748E32   438   ----a-w-   C:\Users\joderoo\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\2bbaaf87-e2e4c8970372d2fb4193a7ef29d16f6c3f08527947fcb9208b3a0e48820369fd-6.0.lap
====== C:\Windows\SysWOW64 =====
2015-04-12 22:47:24   8A4CEBF34370D689E198E6673C1F2C40   74072   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_5.dll
2015-04-12 22:47:24   81DFDDFB401D663BA7E6AD1C80364216   527192   ----a-w-   C:\Windows\SysWOW64\XAudio2_7.dll
2015-04-12 22:47:23   83EBA442F07AAB8D6375D2EEC945C46C   1868128   ----a-w-   C:\Windows\SysWOW64\d3dcsx_43.dll
2015-04-12 22:47:23   4FD7BCB9D8AF6A165E9BA0C2EB702E7C   239960   ----a-w-   C:\Windows\SysWOW64\xactengine3_7.dll
2015-04-12 22:47:23   1C9B45E87528B8BB8CFA884EA0099A85   2106216   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_43.dll
2015-04-12 22:47:22   8E0BB968FF41D80E5F2C747C04DB79AE   248672   ----a-w-   C:\Windows\SysWOW64\d3dx11_43.dll
2015-04-12 22:47:22   86E39E9161C3D930D93822F1563C280D   1998168   ----a-w-   C:\Windows\SysWOW64\D3DX9_43.dll
2015-04-12 22:47:22   20C835843FCEC4DEDFCD7BFFA3B91641   470880   ----a-w-   C:\Windows\SysWOW64\d3dx10_43.dll
2015-04-12 22:47:21   E4CE2AF32F501A7F7DDDD908704A0EE6   74072   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_4.dll
2015-04-12 22:47:21   4976243BD70FAE3D1D24E49739AB2710   528216   ----a-w-   C:\Windows\SysWOW64\XAudio2_6.dll
2015-04-12 22:47:19   F81C4678A55FFEE585AC75825FAF5582   238936   ----a-w-   C:\Windows\SysWOW64\xactengine3_6.dll
2015-04-12 22:47:19   C811E70C8804CFFF719038250A43B464   22360   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_7.dll
2015-04-12 22:47:18   8B01FB723F3B30AB3DEBDDBF97CFE577   515416   ----a-w-   C:\Windows\SysWOW64\XAudio2_5.dll
2015-04-12 22:47:16   DB3C93E87452B8DAB4F58ED1FD2B1998   238936   ----a-w-   C:\Windows\SysWOW64\xactengine3_5.dll
2015-04-12 22:47:16   B33B21DB610116262D906305CE65C354   1974616   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_42.dll
2015-04-12 22:47:15   D09AC80A4B5312239852836C84DF3392   235344   ----a-w-   C:\Windows\SysWOW64\d3dx11_42.dll
2015-04-12 22:47:15   C6A44FC3CF2F5801561804272217B14D   1892184   ----a-w-   C:\Windows\SysWOW64\D3DX9_42.dll
2015-04-12 22:47:15   B337306DFB508A1BCEF1974BFBB8D924   5501792   ----a-w-   C:\Windows\SysWOW64\d3dcsx_42.dll
2015-04-12 22:47:15   501AC862517C5445742BEE8A2B88414E   453456   ----a-w-   C:\Windows\SysWOW64\d3dx10_42.dll
2015-04-12 22:47:14   781E8B5B6FDB3C9B4E4A4A9FB019960D   1846632   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_41.dll
2015-04-12 22:47:14   3FA06CF5079B84155D18B05C08F7131B   4178264   ----a-w-   C:\Windows\SysWOW64\D3DX9_41.dll
2015-04-12 22:47:14   1AA571774936717EE776DBED51E9EDF4   453456   ----a-w-   C:\Windows\SysWOW64\d3dx10_41.dll
2015-04-12 22:47:12   E684C5FA18ADF9EA14737757413BF727   517448   ----a-w-   C:\Windows\SysWOW64\XAudio2_4.dll
2015-04-12 22:47:12   30686ECE80545E06D78D156EB9F7D463   69464   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_3.dll
2015-04-12 22:47:11   E763798CAD2A90B6AB61854F50CD47DD   22360   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_6.dll
2015-04-12 22:47:11   91B4AAD4412BB223B466F3DFB43E86DA   452440   ----a-w-   C:\Windows\SysWOW64\d3dx10_40.dll
2015-04-12 22:47:11   686F8D1B4926D48227A06ACD4D41CD1E   235352   ----a-w-   C:\Windows\SysWOW64\xactengine3_4.dll
2015-04-12 22:47:11   3384134EEB8F223178C2EB8323003EC0   2036576   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_40.dll
2015-04-12 22:47:10   EEA5E428CE63804F9B12D21C97B5968F   4379984   ----a-w-   C:\Windows\SysWOW64\D3DX9_40.dll
2015-04-12 22:47:09   47ED15DC87AE334C13C4DACD1BE2CCED   514384   ----a-w-   C:\Windows\SysWOW64\XAudio2_3.dll
2015-04-12 22:47:09   295E47A75F278580F9441041EAAEA3D2   70992   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_2.dll
2015-04-12 22:47:07   8BA296419AF3417D1E9806B83166E472   235856   ----a-w-   C:\Windows\SysWOW64\xactengine3_3.dll
2015-04-12 22:47:07   350FEFE18B86BD4D9AB2A96D00215A49   23376   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_5.dll
2015-04-12 22:47:06   D95EAABF5D277EF91D9CA70151209E56   68616   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_1.dll
2015-04-12 22:47:06   50F4A0D5E6A0BAFEFA78F353533B8E06   509448   ----a-w-   C:\Windows\SysWOW64\XAudio2_2.dll
2015-04-12 22:47:04   F3C6BE26949CAADB11DBF0086082FAC9   238088   ----a-w-   C:\Windows\SysWOW64\xactengine3_2.dll
2015-04-12 22:47:04   E6C2F1D8B667DDC04CB55B9F0159EF97   467984   ----a-w-   C:\Windows\SysWOW64\d3dx10_39.dll
2015-04-12 22:47:04   C4F1972497FE2CEB7D900938C97FCF91   1493528   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-04-12 22:47:04   8CB3DEFB8887C4F0846DB1FC1304D6D2   3851784   ----a-w-   C:\Windows\SysWOW64\D3DX9_39.dll
2015-04-12 22:47:02   E34FF0115B1EE3B4E03D22AE9840EE03   507400   ----a-w-   C:\Windows\SysWOW64\XAudio2_1.dll
2015-04-12 22:47:02   DD165760F1B95200A3DA2D9DFDB84234   65032   ----a-w-   C:\Windows\SysWOW64\XAPOFX1_0.dll
2015-04-12 22:47:01   E3832514BD21236067B7227F6165EF95   25608   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_4.dll
2015-04-12 22:47:01   2E0E25252E1D41752876E9FE12ADE175   238088   ----a-w-   C:\Windows\SysWOW64\xactengine3_1.dll
2015-04-12 22:47:00   A2650B27472C21CDD817EEEDE65648E1   467984   ----a-w-   C:\Windows\SysWOW64\d3dx10_38.dll
2015-04-12 22:47:00   8F3EB548AC4ED90252394F60C77E3196   3850760   ----a-w-   C:\Windows\SysWOW64\D3DX9_38.dll
2015-04-12 22:47:00   103CBFC5591008AD33046E20E8E1EEBE   1491992   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_38.dll
2015-04-12 22:46:58   418CDC57E55EE79C3F86C13A19B3D5E3   479752   ----a-w-   C:\Windows\SysWOW64\XAudio2_0.dll
2015-04-12 22:46:57   EA752DBCE35045D3C830DC16578CC8AB   1420824   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_37.dll
2015-04-12 22:46:57   C593FD0A96EE4B6390B653C4C641313F   25608   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_3.dll
2015-04-12 22:46:57   8A83673F0AB001870583FDE2B004FA59   238088   ----a-w-   C:\Windows\SysWOW64\xactengine3_0.dll
2015-04-12 22:46:57   4A43E9A2B17E4CAFA9CB5FEC0B5B686B   462864   ----a-w-   C:\Windows\SysWOW64\d3dx10_37.dll
2015-04-12 22:46:56   AC3C517FB0FBBE45FE44007BCD3625A7   3786760   ----a-w-   C:\Windows\SysWOW64\D3DX9_37.dll
2015-04-12 22:46:55   73E055AF78A64F9B2779D44407CA2AB6   267272   ----a-w-   C:\Windows\SysWOW64\xactengine2_10.dll
2015-04-12 22:46:54   FB4299688A0D3A37687C015AC2B9922D   1374232   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_36.dll
2015-04-12 22:46:54   D9158E78A368B08D9133043EB3058C12   444776   ----a-w-   C:\Windows\SysWOW64\d3dx10_36.dll
2015-04-12 22:46:54   44BFEC5C9C82A2EE9871D88FD3B9A0E2   3734536   ----a-w-   C:\Windows\SysWOW64\d3dx9_36.dll
2015-04-12 22:46:52   F3764552E45880DC49B82F38699AA87C   444776   ----a-w-   C:\Windows\SysWOW64\d3dx10_35.dll
2015-04-12 22:46:52   5B441670A4F5F8BCCE76741902B8AF56   1358192   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_35.dll
2015-04-12 22:46:52   46EE68F04A75A1CCF40235EA6F1CBA05   267112   ----a-w-   C:\Windows\SysWOW64\xactengine2_9.dll
2015-04-12 22:46:52   3EF18B78D17C962F2B71AC1CB7757684   3727720   ----a-w-   C:\Windows\SysWOW64\d3dx9_35.dll
2015-04-12 22:46:50   F6A9FC2AD2F9111372B5AB3BBA3707EC   17928   ----a-w-   C:\Windows\SysWOW64\X3DAudio1_2.dll
2015-04-12 22:46:50   75F206C195BBACA6EF28565B1C0CD75C   1124720   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_34.dll
2015-04-12 22:46:50   5AA9987F2E62B56D7661B6901901F927   443752   ----a-w-   C:\Windows\SysWOW64\d3dx10_34.dll
2015-04-12 22:46:50   499210C45AFEAADEE8CF4DCF7D5E570B   266088   ----a-w-   C:\Windows\SysWOW64\xactengine2_8.dll
2015-04-12 22:46:49   77F595DEE5FFACEA72B135B1FCE1312E   81768   ----a-w-   C:\Windows\SysWOW64\xinput1_3.dll
2015-04-12 22:46:49   1CA939918ED1B930059B3A882DE6F648   3497832   ----a-w-   C:\Windows\SysWOW64\d3dx9_34.dll
2015-04-12 22:46:48   FAE7E1D578C42A7C3D9D61A99D178BD5   1123696   ----a-w-   C:\Windows\SysWOW64\D3DCompiler_33.dll
2015-04-12 22:46:48   7FEBB8CE2233CBAE738B16D42ED29674   261480   ----a-w-   C:\Windows\SysWOW64\xactengine2_7.dll
2015-04-12 22:46:48   37A8171ACCF46A9C196054066C28827F   443752   ----a-w-   C:\Windows\SysWOW64\d3dx10_33.dll
2015-04-12 22:46:47   CDB1CD22BAFF21F48606B3C1A18B000B   3495784   ----a-w-   C:\Windows\SysWOW64\d3dx9_33.dll
2015-04-12 22:46:46   39000E033D39D19CCCE21AEAFCCE2476   255848   ----a-w-   C:\Windows\SysWOW64\xactengine2_6.dll
2015-04-12 22:46:44   86C93789E9006F1AC47ED9DD47D4C8A1   251672   ----a-w-   C:\Windows\SysWOW64\xactengine2_5.dll
2015-04-12 22:46:44   6F34F7405807DCBF0B9BF6811C94C6D9   440080   ----a-w-   C:\Windows\SysWOW64\d3dx10.dll
2015-04-12 22:46:44   26AF232140C88B42D92A88F2198EDF6A   3426072   ----a-w-   C:\Windows\SysWOW64\d3dx9_32.dll
2015-04-12 22:46:42   797E24743937D67D69F28F2CF5052EE8   2414360   ----a-w-   C:\Windows\SysWOW64\d3dx9_31.dll
2015-04-12 22:46:42   6550E1A0A7BE611592C31222FCB981FB   237848   ----a-w-   C:\Windows\SysWOW64\xactengine2_4.dll
2015-04-12 22:46:42   121B131EAA369D8F58DACC5C39A77D80   15128   ----a-w-   C:\Windows\SysWOW64\x3daudio1_1.dll
2015-04-12 22:46:41   69D841744B2BAE38FBB2D40A230A549C   236824   ----a-w-   C:\Windows\SysWOW64\xactengine2_3.dll
2015-04-12 22:46:40   33B62BE226934E1B01F5043870C70427   62744   ----a-w-   C:\Windows\SysWOW64\xinput1_2.dll
2015-04-12 22:46:39   F1726346E583442541FE73429F8E9C10   62672   ----a-w-   C:\Windows\SysWOW64\xinput1_1.dll
2015-04-12 22:46:39   5C4D3843B491C047B7A619901FBD2EC1   230168   ----a-w-   C:\Windows\SysWOW64\xactengine2_2.dll
2015-04-12 22:46:38   7C9952111F4C743B9F0D8B68B6ED93C9   229584   ----a-w-   C:\Windows\SysWOW64\xactengine2_1.dll
2015-04-12 22:46:36   E415862612E65F10D7D888443ECD7594   2388176   ----a-w-   C:\Windows\SysWOW64\d3dx9_30.dll
2015-04-12 22:46:35   99F4FC172A5ACE36CF00AA7038D23F2C   2332368   ----a-w-   C:\Windows\SysWOW64\d3dx9_29.dll
2015-04-12 22:46:35   4E961525CC7FF0E5D7DA19E170B7C14C   14032   ----a-w-   C:\Windows\SysWOW64\x3daudio1_0.dll
2015-04-12 22:46:35   2112FE0C46662D429347A7D7B49E3ECE   230096   ----a-w-   C:\Windows\SysWOW64\xactengine2_0.dll
2015-04-12 22:46:34   BE19B603DFBAA829EE5B7749B3BA97DB   2323664   ----a-w-   C:\Windows\SysWOW64\d3dx9_28.dll
2015-04-12 22:46:34   852EDC778A7A50077694F84D8E601234   2319568   ----a-w-   C:\Windows\SysWOW64\d3dx9_27.dll
2015-04-12 22:46:33   5B48FE9D6686F0D54B26A005ACE24D1D   2337488   ----a-w-   C:\Windows\SysWOW64\d3dx9_25.dll
2015-04-12 22:46:33   523AB607EEF81CC4D909E7FEBD8A788E   2297552   ----a-w-   C:\Windows\SysWOW64\d3dx9_26.dll
2015-04-12 22:46:32   BC831661963763AC4D504C5CABB1FDD9   2222800   ----a-w-   C:\Windows\SysWOW64\d3dx9_24.dll
2015-04-12 21:41:45   D41D8CD98F00B204E9800998ECF8427E   0   ----a-w-   C:\Windows\SysWOW64\REN5EC2.tmp
2015-04-12 21:05:16   5AD80C5A295030C3657AB25BE587E9F5   119837704   ----a-w-   C:\Windows\SysWOW64\MRT.exe
2015-04-12 21:04:21   E981C27FA6C2F45C135DB4AF78D6FE1F   92672   ----a-w-   C:\Windows\SysWOW64\wudriver.dll
2015-04-12 21:04:21   C7E498E41D92CF8C2EAED9995781A7F7   29696   ----a-w-   C:\Windows\SysWOW64\wups.dll
2015-04-12 21:04:21   9D68CE45935C439D5082ECB56902124D   566784   ----a-w-   C:\Windows\SysWOW64\wuapi.dll
2015-04-12 21:04:21   751C4859FD46A1461B3FB57252F541D8   33792   ----a-w-   C:\Windows\SysWOW64\wuapp.exe
2015-04-12 21:04:21   031C03C9639CE0D294695968C68A5775   173056   ----a-w-   C:\Windows\SysWOW64\wuwebv.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-04-12 22:47:24   E9739AE8B2FA28DCD6F2EF5525DA8827   77656   ----a-w-   C:\Windows\Sysnative\XAPOFX1_5.dll
2015-04-12 22:47:24   4F7513FF4DE6303088DB28DCBCEF372C   518488   ----a-w-   C:\Windows\Sysnative\XAudio2_7.dll
2015-04-12 22:47:23   BDEC09A032DB44D9CDB3A0D97224D64E   176984   ----a-w-   C:\Windows\Sysnative\xactengine3_7.dll
2015-04-12 22:47:23   ADA0C39D4EACDC81FD84163A95D62079   2526056   ----a-w-   C:\Windows\Sysnative\D3DCompiler_43.dll
2015-04-12 22:47:23   5F1DA86286A2DFB01C4FED55C2DD1D61   1907552   ----a-w-   C:\Windows\Sysnative\d3dcsx_43.dll
2015-04-12 22:47:22   AD7FA9485059F4DC53C98B49CAB13F0B   511328   ----a-w-   C:\Windows\Sysnative\d3dx10_43.dll
2015-04-12 22:47:22   9D6429F410597750B2DC2579B2347303   276832   ----a-w-   C:\Windows\Sysnative\d3dx11_43.dll
2015-04-12 22:47:22   7160FC226391C0B50C85571FA1A546E5   2401112   ----a-w-   C:\Windows\Sysnative\D3DX9_43.dll
2015-04-12 22:47:21   A9724EB3D6CC032D0C4ECAFF4AD8C17F   78680   ----a-w-   C:\Windows\Sysnative\XAPOFX1_4.dll
2015-04-12 22:47:21   05E88C8D8E652DFF03B469331F474CCE   530776   ----a-w-   C:\Windows\Sysnative\XAudio2_6.dll
2015-04-12 22:47:19   B4FF2A39685C1A6D43F0E56EB350AF3A   24920   ----a-w-   C:\Windows\Sysnative\X3DAudio1_7.dll
2015-04-12 22:47:19   936DCC640B2991905D909395E03B64F9   176984   ----a-w-   C:\Windows\Sysnative\xactengine3_6.dll
2015-04-12 22:47:18   C291AEFD47A587FF5F509E2F96613F7D   517960   ----a-w-   C:\Windows\Sysnative\XAudio2_5.dll
2015-04-12 22:47:16   E92D2E4AFA43CD39A8C1C2C2DB59667E   2582888   ----a-w-   C:\Windows\Sysnative\D3DCompiler_42.dll
2015-04-12 22:47:16   51D65BE2F794B944CADAF287B34EF603   176968   ----a-w-   C:\Windows\Sysnative\xactengine3_5.dll
2015-04-12 22:47:15   F13B90F5090EBA9041558BC6AAED79B8   5554512   ----a-w-   C:\Windows\Sysnative\d3dcsx_42.dll
2015-04-12 22:47:15   B739C423276AE62D7AC91773226EC13B   523088   ----a-w-   C:\Windows\Sysnative\d3dx10_42.dll
2015-04-12 22:47:15   522749761B6CC69F8630F4B472DCA623   285024   ----a-w-   C:\Windows\Sysnative\d3dx11_42.dll
2015-04-12 22:47:15   1AF7AE1FDE027A30B9097280819A0A86   2475352   ----a-w-   C:\Windows\Sysnative\D3DX9_42.dll
2015-04-12 22:47:14   ECDDB13BC805B9F3EF3A855E6FD85C69   5425496   ----a-w-   C:\Windows\Sysnative\D3DX9_41.dll
2015-04-12 22:47:14   E730967811E3702499446FFC8A432607   520544   ----a-w-   C:\Windows\Sysnative\d3dx10_41.dll
2015-04-12 22:47:14   A59A5BADE4AF200C720D99EAE6E04E0E   2430312   ----a-w-   C:\Windows\Sysnative\D3DCompiler_41.dll
2015-04-12 22:47:12   B94F08069EFE2F8151DEF350E526E063   521560   ----a-w-   C:\Windows\Sysnative\XAudio2_4.dll
2015-04-12 22:47:12   37B348A79C4C9B8AB925B18FFD241E96   73544   ----a-w-   C:\Windows\Sysnative\XAPOFX1_3.dll
2015-04-12 22:47:11   EEE871CC4F5563FF8B3C8385B32B0C5F   24920   ----a-w-   C:\Windows\Sysnative\X3DAudio1_6.dll
2015-04-12 22:47:11   862586AD4B1355F7DCDE111EE0AAF350   519000   ----a-w-   C:\Windows\Sysnative\d3dx10_40.dll
2015-04-12 22:47:11   37309B833480DC69FDE7DB68F9B8BC20   2605920   ----a-w-   C:\Windows\Sysnative\D3DCompiler_40.dll
2015-04-12 22:47:11   1BA01062450BD1F052C54C01C12248F6   174936   ----a-w-   C:\Windows\Sysnative\xactengine3_4.dll
2015-04-12 22:47:10   29A79F0B607FAF5722D7BAF2485F632A   5631312   ----a-w-   C:\Windows\Sysnative\D3DX9_40.dll
2015-04-12 22:47:09   758139A39AECC1B512576275A27C1177   518480   ----a-w-   C:\Windows\Sysnative\XAudio2_3.dll
2015-04-12 22:47:09   2F8F9B707FED2405A787380230CC6FA9   74576   ----a-w-   C:\Windows\Sysnative\XAPOFX1_2.dll
2015-04-12 22:47:07   CFF1C1F7B9F855DDEE431D7B5DCACDF8   25936   ----a-w-   C:\Windows\Sysnative\X3DAudio1_5.dll
2015-04-12 22:47:07   84B41FD03CAFC5048346B3B2AB92D199   175440   ----a-w-   C:\Windows\Sysnative\xactengine3_3.dll
2015-04-12 22:47:06   E335DF094836EE7030F1B9CE7429E884   513544   ----a-w-   C:\Windows\Sysnative\XAudio2_2.dll
2015-04-12 22:47:06   0F2DB378FBE2D124E4D3631B329688AE   72200   ----a-w-   C:\Windows\Sysnative\XAPOFX1_1.dll
2015-04-12 22:47:04   EAA692FDC990ED0407DF957316DA33C2   540688   ----a-w-   C:\Windows\Sysnative\d3dx10_39.dll
2015-04-12 22:47:04   CC8399A9E51B2AF1C2C20A26D85EB60E   177672   ----a-w-   C:\Windows\Sysnative\xactengine3_2.dll
2015-04-12 22:47:04   7741A0A6CED6C441B97D625B730D6075   1942552   ----a-w-   C:\Windows\Sysnative\D3DCompiler_39.dll
2015-04-12 22:47:04   7505C133FC704B40CFDDFD38777BAAC3   4992520   ----a-w-   C:\Windows\Sysnative\D3DX9_39.dll
2015-04-12 22:47:02   E9C0F926D7C9082A805F4FEF81DEEB30   511496   ----a-w-   C:\Windows\Sysnative\XAudio2_1.dll
2015-04-12 22:47:02   0E92D8C0ECA74B6D0A55ABAD53226113   68104   ----a-w-   C:\Windows\Sysnative\XAPOFX1_0.dll
2015-04-12 22:47:01   DE6004D16DBACD781ED4596C4FEA7D14   28168   ----a-w-   C:\Windows\Sysnative\X3DAudio1_4.dll
2015-04-12 22:47:01   A2A098BF5A8C255A0090818AD8E87B0F   177672   ----a-w-   C:\Windows\Sysnative\xactengine3_1.dll
2015-04-12 22:47:00   E5EC2AB7156A752F9614CDA4BE66EFE8   4991496   ----a-w-   C:\Windows\Sysnative\D3DX9_38.dll
2015-04-12 22:47:00   A7E59BB6FAC119FABB83F18BD72AA1D7   1941528   ----a-w-   C:\Windows\Sysnative\D3DCompiler_38.dll
2015-04-12 22:47:00   72CB653CECF4EA670E7F5A8D74358423   540688   ----a-w-   C:\Windows\Sysnative\d3dx10_38.dll
2015-04-12 22:46:58   29AF48F6C894328A58DEFDC560A70CF3   489480   ----a-w-   C:\Windows\Sysnative\XAudio2_0.dll
2015-04-12 22:46:57   C4C2ED69B18EE1C60026877FCC470FA7   28168   ----a-w-   C:\Windows\Sysnative\X3DAudio1_3.dll
2015-04-12 22:46:57   A8C5688BBA00C1630550F26260AB5CAE   529424   ----a-w-   C:\Windows\Sysnative\d3dx10_37.dll
2015-04-12 22:46:57   A8B5370B7B61D3777D840DA1C64A1C2D   177672   ----a-w-   C:\Windows\Sysnative\xactengine3_0.dll
2015-04-12 22:46:57   31026CEA5AFA2798292179102C06FE40   1860120   ----a-w-   C:\Windows\Sysnative\D3DCompiler_37.dll
2015-04-12 22:46:56   8A10974DC6E1E42BDC635C2C2AFBD2CC   4910088   ----a-w-   C:\Windows\Sysnative\D3DX9_37.dll
2015-04-12 22:46:55   E8932AF24786765859558CB79E385AC2   411656   ----a-w-   C:\Windows\Sysnative\xactengine2_10.dll
2015-04-12 22:46:54   BBB6C6833C30E323B41860D6DF61972D   5081608   ----a-w-   C:\Windows\Sysnative\d3dx9_36.dll
2015-04-12 22:46:54   7299DF5CF81135934740211D9A946737   2006552   ----a-w-   C:\Windows\Sysnative\D3DCompiler_36.dll
2015-04-12 22:46:54   570FDAE7041775DE0C67747BB7081939   508264   ----a-w-   C:\Windows\Sysnative\d3dx10_36.dll
2015-04-12 22:46:52   B21427EDF0449E92000FF497DAAF89C9   1985904   ----a-w-   C:\Windows\Sysnative\D3DCompiler_35.dll
2015-04-12 22:46:52   A69C32C2BD01522A088D254342826866   411496   ----a-w-   C:\Windows\Sysnative\xactengine2_9.dll
2015-04-12 22:46:52   84116AA94672D623B95217648AE5B5B9   508264   ----a-w-   C:\Windows\Sysnative\d3dx10_35.dll
2015-04-12 22:46:52   1B3AF16A27D390096925576202A64037   5073256   ----a-w-   C:\Windows\Sysnative\d3dx9_35.dll
2015-04-12 22:46:50   FA485E76F94B7457767E372F47757733   409960   ----a-w-   C:\Windows\Sysnative\xactengine2_8.dll
2015-04-12 22:46:50   BC78D5328541410510DDE06B9FA92024   21000   ----a-w-   C:\Windows\Sysnative\X3DAudio1_2.dll
2015-04-12 22:46:50   9D9407F52B8E24E99358D9944B0D5FA3   1401200   ----a-w-   C:\Windows\Sysnative\D3DCompiler_34.dll
2015-04-12 22:46:50   1ED4E7A82BD5C7DEED082F00E63BB7A0   506728   ----a-w-   C:\Windows\Sysnative\d3dx10_34.dll
2015-04-12 22:46:49   BFB3091B167550EC6E6454813D3DB244   107368   ----a-w-   C:\Windows\Sysnative\xinput1_3.dll
2015-04-12 22:46:49   AE5D5439525B4A4CBF206058D493685D   4496232   ----a-w-   C:\Windows\Sysnative\d3dx9_34.dll
2015-04-12 22:46:48   8C970509E0AE10061E3ED6D51E34FEB9   403304   ----a-w-   C:\Windows\Sysnative\xactengine2_7.dll
2015-04-12 22:46:48   839C3921005BB41D441E3752C74F2292   506728   ----a-w-   C:\Windows\Sysnative\d3dx10_33.dll
2015-04-12 22:46:48   3EBF620536A13CA343E52ECA4F0DE7F8   1400176   ----a-w-   C:\Windows\Sysnative\D3DCompiler_33.dll
2015-04-12 22:46:47   3172C3CAC8EA7CA1B5D5AF6699C037D6   4494184   ----a-w-   C:\Windows\Sysnative\d3dx9_33.dll
2015-04-12 22:46:46   4837A54574A6105D404A8560984B93DD   393576   ----a-w-   C:\Windows\Sysnative\xactengine2_6.dll
2015-04-12 22:46:44   A4DDFE5DC4E73D1FED9B1B3A3D885612   4398360   ----a-w-   C:\Windows\Sysnative\d3dx9_32.dll
2015-04-12 22:46:44   8251826F04BA0822D08AD9B92C65A3D5   469264   ----a-w-   C:\Windows\Sysnative\d3dx10.dll
2015-04-12 22:46:44   398FF46FF7354FED2F0F1AECDB546866   390424   ----a-w-   C:\Windows\Sysnative\xactengine2_5.dll
2015-04-12 22:46:42   FAAA0BB9CD2905B25334132E5BA093EB   3977496   ----a-w-   C:\Windows\Sysnative\d3dx9_31.dll
2015-04-12 22:46:42   58BB51253427A834A8807B9245CC5965   364824   ----a-w-   C:\Windows\Sysnative\xactengine2_4.dll
2015-04-12 22:46:42   489E5B8BB1BD1028FF1C798EAAEC65E4   17688   ----a-w-   C:\Windows\Sysnative\x3daudio1_1.dll
2015-04-12 22:46:41   0396D2A98B0CCD4419B572EBF618E81E   363288   ----a-w-   C:\Windows\Sysnative\xactengine2_3.dll
2015-04-12 22:46:40   06F15D3CB1AE0EAFA50F595B3FF8D9F5   83736   ----a-w-   C:\Windows\Sysnative\xinput1_2.dll
2015-04-12 22:46:39   DC5A914C34EB12056531777D4DD0F44E   354072   ----a-w-   C:\Windows\Sysnative\xactengine2_2.dll
2015-04-12 22:46:39   6F9D3289D8B166E478AFFF9EFA92C42C   83664   ----a-w-   C:\Windows\Sysnative\xinput1_1.dll
2015-04-12 22:46:38   0CC809422AB40974DFF8078392E4D507   352464   ----a-w-   C:\Windows\Sysnative\xactengine2_1.dll
2015-04-12 22:46:36   E09A9CF383ACF4A28038561E62277377   3927248   ----a-w-   C:\Windows\Sysnative\d3dx9_30.dll
2015-04-12 22:46:35   F77D5AB654881E683CFF6650916C424E   16592   ----a-w-   C:\Windows\Sysnative\x3daudio1_0.dll
2015-04-12 22:46:35   CE5753F9A27837259EB52F3F47F39593   355536   ----a-w-   C:\Windows\Sysnative\xactengine2_0.dll
2015-04-12 22:46:35   68B35CBDB4A8CC424718BBCC894FEEEA   3830992   ----a-w-   C:\Windows\Sysnative\d3dx9_29.dll
2015-04-12 22:46:34   914C3237E4D145A18DCD1D0D4C8659E1   3807440   ----a-w-   C:\Windows\Sysnative\d3dx9_27.dll
2015-04-12 22:46:34   88BAC8306D4EC79A82B1FFA17DC8CF4A   3815120   ----a-w-   C:\Windows\Sysnative\d3dx9_28.dll
2015-04-12 22:46:33   4C56E7C5B2A61353E534C7D15D05856D   3823312   ----a-w-   C:\Windows\Sysnative\d3dx9_25.dll
2015-04-12 22:46:33   44F5C5E27D6825E4E62420BC29B8B533   3767504   ----a-w-   C:\Windows\Sysnative\d3dx9_26.dll
2015-04-12 22:46:32   B165DF72E13E6AF74D47013504319921   3544272   ----a-w-   C:\Windows\Sysnative\d3dx9_24.dll
2015-04-12 21:04:21   C5D90D20035928387FE27E4485EE463F   36864   ----a-w-   C:\Windows\Sysnative\wuapp.exe
2015-04-12 21:04:21   AECC03D0A794619E15FF1CB92D65EF9E   191488   ----a-w-   C:\Windows\Sysnative\wuwebv.dll
2015-04-12 21:04:21   AEA602B4036CF95522818E911654F52E   135168   ----a-w-   C:\Windows\Sysnative\wuauclt.exe
2015-04-12 21:04:21   95A9A336CFF6AC51B33BBFDBEA6D848B   60416   ----a-w-   C:\Windows\Sysnative\WinSetupUI.dll
2015-04-12 21:04:21   6C21C983C1F83900DBEDE51DCA247B72   696320   ----a-w-   C:\Windows\Sysnative\wuapi.dll
2015-04-12 21:04:21   6BAC8DCC6C58755A1B9E6D3B04C28FC5   12288   ----a-w-   C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-04-12 21:04:21   2ADEA6F221BBF0992FDF9A3E25BA9F59   98304   ----a-w-   C:\Windows\Sysnative\wudriver.dll
2015-04-12 21:04:21   2A77BD58F0A8D3743D4299434390922E   35328   ----a-w-   C:\Windows\Sysnative\wups.dll
2015-04-12 21:04:21   21DF773EF8EFEF531E7E0BF477E03047   3298816   ----a-w-   C:\Windows\Sysnative\wucltux.dll
2015-04-12 21:04:21   21CA4277E6918B019525ECCD748EF401   37376   ----a-w-   C:\Windows\Sysnative\wups2.dll
2015-04-12 21:04:21   0814A74C853F50B354F08F83DDA9F7FB   2553856   ----a-w-   C:\Windows\Sysnative\wuaueng.dll
2015-04-12 21:04:19   E72C92A252EC4B230287BC6E06F24296   957952   ----a-w-   C:\Windows\Sysnative\appraiser.dll
2015-04-12 21:04:19   826A7F422014E4762C700B4254F5C588   1111552   ----a-w-   C:\Windows\Sysnative\aeinv.dll
2015-04-12 21:04:19   5D0A492C42A43DCF73284F2865519712   30720   ----a-w-   C:\Windows\Sysnative\acmigration.dll
2015-04-12 21:04:19   3FCD3FE7F58935A85ACC33019129358E   419840   ----a-w-   C:\Windows\Sysnative\devinv.dll
2015-04-12 21:04:19   3F0FFBA1765470F979D57F88248070CA   227328   ----a-w-   C:\Windows\Sysnative\aepdu.dll
2015-04-12 21:04:19   205EE22E14A9848FB2266FF035BE0C9C   192000   ----a-w-   C:\Windows\Sysnative\aepic.dll
2015-04-12 21:04:19   0E0723E6D064ACD3D603BEF93EE0B950   769536   ----a-w-   C:\Windows\Sysnative\invagent.dll
2015-04-12 21:04:19   05ED759DD0821294F05A41F6A8F1E18F   726528   ----a-w-   C:\Windows\Sysnative\generaltel.dll
2015-04-12 20:47:01   1094F9E5D3E47B806E7E4F999D4CB5B1   2337976   ----a-w-   C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
2015-04-13 00:04:49   7A054959CE0F51BFA4459FE7045E4595   1360   ----a-w-   C:\Windows\Tasks\OEM.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-14 20:06:30   --------   d-----w-   C:\Program Files\trend micro
2015-04-08 19:57:24   --------   d-----w-   C:\Program Files\Unlocker
2015-04-06 15:36:50   --------   d-----w-   C:\Program Files\Network Virtual Bridge
2015-04-06 15:36:34   --------   d-----w-   C:\Program Files\Network Virtual Bridge Update Protocol
======= C:\PROGRA~2 =====
2015-04-13 21:54:59   --------   d-----w-   C:\PROGRA~2\Trend Micro
2015-04-13 18:44:04   --------   d-----w-   C:\PROGRA~2\Java
2015-04-12 21:27:32   --------   d-----w-   C:\PROGRA~2\COMMON~1\Java
2015-04-02 19:24:17   --------   d-----w-   C:\PROGRA~2\Mozilla Thunderbird
======= C: =====
====== C:\Users\joderoo\AppData\Roaming ======
2015-04-13 18:47:27   --------   d-----w-   C:\Users\joderoo\AppData\Roaming\Oracle
2015-04-12 21:36:18   62BA01F498400DD1518D045BDC2C8E11   110168   ----a-w-   C:\Users\joderoo\AppData\Local\GDIPFONTCACHEV1.DAT
2015-04-12 21:21:22   --------   d-----w-   C:\Users\joderoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-04-08 19:57:24   --------   d-----w-   C:\Users\joderoo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2015-04-06 15:36:38   --------   d-----w-   C:\Users\joderoo\AppData\Roaming\InAppBrowser
2015-04-06 15:35:46   --------   d-----w-   C:\Users\joderoo\AppData\Roaming\InAppBrowserInstaller
2015-03-25 21:07:34   --------   d-----w-   C:\Users\joderoo\AppData\Local\Hola
====== C:\Users\joderoo ======
2015-04-13 20:09:50   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
2015-04-12 21:20:12   --------   d-----w-   C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-02 20:01:06   --------   d--h--w-   C:\ProgramData\CanonIJEPPEX
2015-03-29 18:05:02   --------   d-----w-   C:\Users\joderoo\Tracing
2015-03-22 15:50:48   --------   d-----w-   C:\Users\joderoo\dwhelper

====== C: exe-files ==
2015-04-14 20:06:31   9A2347903D6EDB84C10F288BC0578C1C   388608   ----a-w-   C:\Program Files\trend micro\joderoo.exe
2015-04-13 20:13:04   E82AB1F1B22D4AE5A38B28F94BF7888F   15252424   ----a-w-   C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.2.exe
2015-04-13 20:13:04   CC29FDF0E680C0F3531C9F2A834CA2A6   126995   ----a-w-   C:\Users\joderoo\AppData\Local\Hola\firefox\app\vlc\vlc.exe
2015-04-13 20:12:56   E82AB1F1B22D4AE5A38B28F94BF7888F   15252424   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.7.455.exe
2015-04-13 20:10:25   7ED2DCC0DC8D3086BBF0827AE7DBF8B9   158000   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\FlashGot.exe
2015-04-13 20:08:59   7ED2DCC0DC8D3086BBF0827AE7DBF8B9   158000   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\FlashGot.exe
2015-04-13 18:52:09   7ED2DCC0DC8D3086BBF0827AE7DBF8B9   158000   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\FlashGot.exe
2015-04-13 18:44:11   F95C5163F6D8955BEF59A896C7F7112D   159656   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\unpack200.exe
2015-04-13 18:44:11   DFB1F31DD4A08FA5892886DC7117064A   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmid.exe
2015-04-13 18:44:11   AF28DAA2B4EB3AD87203202264A2491C   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\klist.exe
2015-04-13 18:44:11   A29B7A1BAD1A1EB608ACF7684F1F1E37   16296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\tnameserv.exe
2015-04-13 18:44:11   946FD6292EAE3FBB93CC3BB01BA8763D   76712   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-04-13 18:44:11   7833052815087E5BF9346AC78FDCED68   51112   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssvagent.exe
2015-04-13 18:44:11   751E8649890CC42727D80F8D6DE1F1CB   16296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\servertool.exe
2015-04-13 18:44:11   7162180C98D1BE5D1315FC05B3C91E9D   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\pack200.exe
2015-04-13 18:44:11   689916BDF4F58C7F7AD25F8B3ABB783A   16296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-04-13 18:44:11   3DB4CD42B36FD2C98E9B51E3CBC1670E   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\jjs.exe
2015-04-13 18:44:11   32700B34EE49959FAF64EC46D96B3630   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\ktab.exe
2015-04-13 18:44:11   1FA2D0F07730F502A857BFC63DA6C193   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\kinit.exe
2015-04-13 18:44:11   0A9C7408BADBA5D2C841817C22ACBF07   16296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\policytool.exe
2015-04-13 18:44:11   08363434BEC1B0AE6420C77820BC12E9   16296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\orbd.exe
2015-04-13 18:44:11   042B789E469D238D5FA9DEC4241CE3FD   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\keytool.exe
2015-04-13 18:44:10   A07427A93E1133A7F0F4691CC54B9294   272296   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaws.exe
2015-04-13 18:44:10   94017ABBDE345580542D8301793EFF7A   191400   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\javaw.exe
2015-04-13 18:44:10   79B6403F5BD398BB9880F00FAF7C69DA   68520   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\javacpl.exe
2015-04-13 18:44:10   6031BACB59D93E5ECB4ACDE6E12565EA   30632   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\jabswitch.exe
2015-04-13 18:44:10   30E9397C2F0C8FF128219D6A25E172BB   190888   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\java.exe
2015-04-13 18:44:10   2794D464D89260B0316C16A9FE24C660   15784   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\bin\java-rmi.exe
2015-04-12 21:56:09   2FBC280F4028CA1A5846403E1A893C2C   560456   ----a-w-   C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\SwReporter\2.16.3\software_reporter_tool.exe
2015-04-12 21:30:32   EF73E92A6AF97EFFB2A122059A20F059   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\ktab.exe
2015-04-12 21:30:32   DF4FA42B945892EF7FB77632D203AA0F   66472   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\ssvagent.exe
2015-04-12 21:30:32   C8D289E47F1BB5C23023610A777B03CB   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\keytool.exe
2015-04-12 21:30:32   C8341BEA099FB527B9B2835EEDC85D22   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\orbd.exe
2015-04-12 21:30:32   7F97D98DC620D8E8205666D3DA269F92   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\pack200.exe
2015-04-12 21:30:32   746D1F93A6F74973FBB1A0CFC0E7012B   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\kinit.exe
2015-04-12 21:30:32   5890696E88BDAFEC29E98C798C9C1260   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\tnameserv.exe
2015-04-12 21:30:32   4E86870309E0A22DCA1B7E0A1EFDAD9B   16296   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\klist.exe
2015-04-12 21:30:32   47D7A95EC56EA2AADC7BF56C50779811   16808   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\servertool.exe
2015-04-12 21:30:32   2B6D67C8E051F8A7964320BEB7D4D759   15784   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\rmid.exe
2015-04-12 21:30:32   2A2678E9BDA1F7857CD24371B96D3F93   16808   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\policytool.exe
2015-04-12 21:30:32   1DDA585AA916C69C0232E5D5515DEBE6   197544   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\unpack200.exe
2015-04-12 21:30:32   02FAF51F9BC84BD23D8F83FA9AF1CBBC   16808   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\rmiregistry.exe
2015-04-12 21:30:31   FC6F9DD57A52CE0D880F183BF9AA0553   99752   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\jp2launcher.exe
2015-04-12 21:30:31   C7725999CDF552180F2315F792794A32   319912   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\javaws.exe
2015-04-12 21:30:31   A16556165ACA24F0E9154C6AB674CAFB   15784   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\java-rmi.exe
2015-04-12 21:30:31   7D3683A6B418DAA49FD72EAB69E251E6   207272   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\javaw.exe
2015-04-12 21:30:31   7D2E7B9CE4BA09107CEF46F9CDDD55DF   34216   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\jabswitch.exe
2015-04-12 21:30:31   5AF9591C94C23E6F4128C525BAAC24EE   77224   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\javacpl.exe
2015-04-12 21:30:31   57F35EE5C0526435035B5BFBBEE1064D   206760   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\java.exe
2015-04-12 21:30:31   5016BB70E6ABF17D19E90AB85331D547   15784   ----a-w-   C:\Program Files\Java\jre1.8.0_40\bin\jjs.exe
2015-04-12 21:30:10   0944AF122EF33168F38D858DAE0CF263   561576   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\jre-8u40-windows-au.exe
2015-04-12 21:20:06   DA8AC392E864489F127D64048D12E043   41460816   ----a-w-   C:\Program Files (x86)\Google\Update\Install\{47D95103-0ADA-4C74-BFC4-B792891F8CE6}\41.0.2272.118_chrome_installer.exe
2015-04-12 21:20:06   DA8AC392E864489F127D64048D12E043   41460816   ----a-w-   C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\41.0.2272.118\41.0.2272.118_chrome_installer.exe
2015-04-12 21:05:16   5AD80C5A295030C3657AB25BE587E9F5   119837704   ----a-w-   C:\Windows\SysWOW64\MRT.exe
2015-04-12 21:04:21   C5D90D20035928387FE27E4485EE463F   36864   ----a-w-   C:\Windows\System32\wuapp.exe
2015-04-12 21:04:21   AEA602B4036CF95522818E911654F52E   135168   ----a-w-   C:\Windows\System32\wuauclt.exe
2015-04-12 21:04:21   751C4859FD46A1461B3FB57252F541D8   33792   ----a-w-   C:\Windows\SysWOW64\wuapp.exe
2015-04-12 21:04:19   17D815AD21D4325CD589E57A9582E311   70840   ----a-w-   C:\Windows\System32\CompatTel\diagtrackrunner.exe
2015-04-12 20:56:53   516A5FCE06BB388499238A5F9286CB74   96768   ----a-w-   C:\Users\joderoo\AppData\Local\Temp\5361B706-6C4C-46F6-BD71-00285FBAB90F\DismHost.exe
2015-04-12 17:21:08   E82AB1F1B22D4AE5A38B28F94BF7888F   15252424   ----a-w-   C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.exe
2015-04-12 17:21:08   E82AB1F1B22D4AE5A38B28F94BF7888F   15252424   ----a-w-   C:\Users\joderoo\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.7.455.1.exe
2015-04-09 01:31:30   FF5275C3F6B8EF5AFA93D3885C46AE00   73336   ----a-w-   C:\Program Files (x86)\Opera\28.0.1750.51\wow_helper.exe
2015-04-09 01:31:30   5DD9CBD42308CA43E0009FDE7DB92E2F   484472   ----a-w-   C:\Program Files (x86)\Opera\28.0.1750.51\opera_crashreporter.exe
2015-04-09 01:31:30   199C1A5195BFF2CBF11DFD8F5F691911   1862776   ----a-w-   C:\Program Files (x86)\Opera\28.0.1750.51\opera_autoupdate.exe
2015-04-09 01:31:29   8BDBFBB4223DC15039E33A6ED94F3F48   51807864   ----a-w-   C:\Program Files (x86)\Opera\28.0.1750.51\opera.exe
2015-04-09 01:31:29   4EAF7AB20CF42F7F349E5950E7C1AD7A   1255544   ----a-w-   C:\Program Files (x86)\Opera\28.0.1750.51\installer.exe
=== C: other files ==
2015-04-15 20:12:37   26A741CF18BEC27E2A4A63FED3E3C53A   54374   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\staged\yesscript@userstyles.org.xpi
2015-04-13 20:12:39   ED2B29F52525B29FF9FF26BF68528A23   500930   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
2015-04-13 20:10:25   81E1D982BF67BB23723CDFCA1DA72650   218   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\CT2865317\toolbarImages\storage.conduit.com
2015-04-13 20:10:23   E53CA224EC1BFAD22B97C50FF191C1D9   970672   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2015-04-13 20:10:23   7D7B014579DB7B90E0CD356EF9C18EEF   732089   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
2015-04-13 20:10:23   4155DB098E14F2A8CB7BAC0FD10D9FB0   210138   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi
2015-04-13 20:10:23   36B939ADDA2A8D8D4237F7DDB8387EF1   1004018   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
2015-04-13 20:10:23   1A5763EE52481E9501A13F49ADAF7BA6   53620   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\yesscript@userstyles.org.xpi
2015-04-13 20:10:23   1113D0317013E9635E0CA2612E07268F   21093   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
2015-04-13 20:10:22   2C51403B5E4BC4108BF36717434A865E   97191   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
2015-04-13 20:10:22   1C1E198E95535DF2AF63587E0EBDC702   372693   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\s3download@statusbar.xpi
2015-04-13 20:10:22   1BDE6B9387F77B7DC6A4C6389DC07D05   95142   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\multirevenue@googlemail.com.xpi
2015-04-13 20:10:21   6C702001B52B46BC97434B4CEFDAF55E   20959   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\belgiumeid@eid.belgium.be.xpi
2015-04-13 20:10:19   A6927C4AC46FAEA60D263D87C06062A9   133000   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\adblockpopups@jessehakanen.net.xpi
2015-04-13 20:09:01   F8262859D8BBA81D040A9D9BF1441578   393588   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
2015-04-13 20:09:01   ED2B29F52525B29FF9FF26BF68528A23   500930   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
2015-04-13 20:09:01   E53CA224EC1BFAD22B97C50FF191C1D9   970672   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2015-04-13 20:09:01   CFA30D28CBE46768F911FEB6929F3742   163315   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
2015-04-13 20:09:01   7D7B014579DB7B90E0CD356EF9C18EEF   732089   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
2015-04-13 20:09:01   36B939ADDA2A8D8D4237F7DDB8387EF1   1004018   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
2015-04-13 20:09:01   1C1E198E95535DF2AF63587E0EBDC702   372693   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\s3download@statusbar.xpi
2015-04-13 20:09:01   1A5763EE52481E9501A13F49ADAF7BA6   53620   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\yesscript@userstyles.org.xpi
2015-04-13 20:09:01   1113D0317013E9635E0CA2612E07268F   21093   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
2015-04-13 20:09:00   F0AEF5202F071D8B69B909AB0ABF8BAF   20158   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
2015-04-13 20:09:00   81E1D982BF67BB23723CDFCA1DA72650   218   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\CT2865317\toolbarImages\storage.conduit.com
2015-04-13 20:09:00   6C702001B52B46BC97434B4CEFDAF55E   20959   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\belgiumeid@eid.belgium.be.xpi
2015-04-13 20:09:00   2C51403B5E4BC4108BF36717434A865E   97191   ----a-w-   C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
2015-04-13 19:32:01   F8262859D8BBA81D040A9D9BF1441578   393588   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
2015-04-13 19:31:59   CFA30D28CBE46768F911FEB6929F3742   163315   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
2015-04-13 19:31:57   F0AEF5202F071D8B69B909AB0ABF8BAF   20158   ----a-w-   C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
2015-04-13 18:52:09   F8262859D8BBA81D040A9D9BF1441578   393588   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
2015-04-13 18:52:09   F0AEF5202F071D8B69B909AB0ABF8BAF   20158   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
2015-04-13 18:52:09   ED2B29F52525B29FF9FF26BF68528A23   500930   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
2015-04-13 18:52:09   E53CA224EC1BFAD22B97C50FF191C1D9   970672   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
2015-04-13 18:52:09   CFA30D28CBE46768F911FEB6929F3742   163315   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
2015-04-13 18:52:09   7D7B014579DB7B90E0CD356EF9C18EEF   732089   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
2015-04-13 18:52:09   36B939ADDA2A8D8D4237F7DDB8387EF1   1004018   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
2015-04-13 18:52:09   2C51403B5E4BC4108BF36717434A865E   97191   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
2015-04-13 18:52:09   1C1E198E95535DF2AF63587E0EBDC702   372693   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\s3download@statusbar.xpi
2015-04-13 18:52:09   1A5763EE52481E9501A13F49ADAF7BA6   53620   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\yesscript@userstyles.org.xpi
2015-04-13 18:52:09   1113D0317013E9635E0CA2612E07268F   21093   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
2015-04-13 18:52:07   81E1D982BF67BB23723CDFCA1DA72650   218   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\CT2865317\toolbarImages\storage.conduit.com
2015-04-13 18:52:07   6C702001B52B46BC97434B4CEFDAF55E   20959   ----a-w-   C:\Users\joderoo\Desktop\Oude Firefox-gegevens\2f7at3jy.default-1423050829402\extensions\belgiumeid@eid.belgium.be.xpi
2015-04-13 18:44:12   9DCBFF045A2A43212A4763C3461A50B9   14130   ----a-w-   C:\Program Files (x86)\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-04-12 21:30:32   F0D051E5286557DBFE73842D1CF34A57   14130   ----a-w-   C:\Program Files\Java\jre1.8.0_40\lib\deploy\ffjcext.zip
2015-04-12 21:04:19   7EBB5DAD11B1D0B12317A191C8325991   21128   ----a-w-   C:\Windows\System32\appraiser\nxquery.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1496205931-4010645900-4173059788-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DT HPC"="C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe -HPC"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"GoogleChromeAutoLaunch_54D4FFB713D817007842C29F7FF5E6D5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15/04/2015 02:28]
C:\Windows\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000.job --a------ C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe [29/03/2015 03:37]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/12/2014 06:37]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/12/2014 06:37]
C:\Windows\tasks\OEM.job --a------ C:\Users\joderoo\AppData\Roaming\OEM.exe []
C:\Windows\tasks\Wise Care 365 PC Checkup Task.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe [03/04/2015 18:20]
C:\Windows\tasks\Wise Care 365.job --a------ C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [03/04/2015 18:20]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS.exe]
"C:\Windows\SysNative\tasks\FHIGIC" [C:\Users\joderoo\AppData\Roaming\FHIGIC.exe]
"C:\Windows\SysNative\tasks\G2MUpdateTask-S-1-5-21-1496205931-4010645900-4173059788-1000" [C:\Users\joderoo\AppData\Local\Citrix\GoToMeeting\2492\g2mupdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1d0402d232b31f" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\OEM" [C:\Users\joderoo\AppData\Roaming\OEM.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1418920053" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Wise Care 365" [C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe]
"C:\Windows\SysNative\tasks\Wise Care 365 PC Checkup Task" [C:\Program Files (x86)\Wise\Wise Care 365\WiseCare365.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS AI Suite II Execute" [C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe]
"C:\Windows\SysNative\tasks\ASUS\ASUS DigiPowerControl Help" [C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe]
"C:\Windows\SysNative\tasks\ASUS\RC TweakIt Server Execute" [C:\Program Files (x86)\ASUS\ASUS ROG Connect Plus\RC TweakIt Server\AsBCLK.exe]
"C:\Windows\SysNative\tasks\ASUS\USB 3.0 Boost Service" [C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402
user_pref("browser.startup.homepage", "http://www.google.be/");
user_pref("browser.newtab.url", "http://www.google.com");
user_pref("browser.search.defaultenginename", "Google ");
user_pref("browser.search.selectedEngine", "Google ");
user_pref("services.sync.prefs.sync.browser.search.selectedEngine", true);

ProfilePath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974
user_pref("browser.startup.homepage", "https://www.google.be/?gws_rd=ssl");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");

==== Firefox Extensions ======================

ProfilePath: C:\Users\joderoo\AppData\Local\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402
- Undetermined - C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\2f7at3jy.default-1423050829402\extensions\clickclean@hotcleaner.com
- Clickamp;Clean - %ProfilePath%\extensions\clickclean@hotcleaner.com
- Hola Better Internet - %ProfilePath%\extensions\jid1-4P0kohSJxU1qGg@jetpack
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
- YouTube Flash Player - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
- Download Manager S3 - %ProfilePath%\extensions\s3download@statusbar.xpi
- YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
- Download Status Bar - %ProfilePath%\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

ProfilePath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974
- Undetermined - %ProfilePath%\extensions\staged
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Google Translator - %ProfilePath%\extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi
- YouTube Flash Player - %ProfilePath%\extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi
- betterFox - Make your browsing experience 15 faster. - %ProfilePath%\extensions\multirevenue@googlemail.com.xpi
- Download Manager S3 - %ProfilePath%\extensions\s3download@statusbar.xpi
- YesScript - %ProfilePath%\extensions\yesscript@userstyles.org.xpi
- FlashGot - %ProfilePath%\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
- Download Status Bar - %ProfilePath%\extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi
- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
- JavaScript Debugger - %ProfilePath%\extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\joderoo\AppData\Roaming\Mozilla\Firefox\Profiles\145ce7fk.default-1428951120974
87132527E2256CF6683A18C4EB34DD3B   - C:\Windows\system32\Wat\npWatWeb.dll -   Windows Activation Technologies
9AE02005247DA91AB1743F5208DBEF76   - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll -   Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0   - C:\Users\joderoo\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -   VASCO Card Reader Plugin
2642ACC72BCF9038BAD3CA2719297416   - C:\Users\joderoo\AppData\Local\Hola\firefox\app\vlc\npvlc.dll -   Hola VLC Web Plugin
E3B4EA121F7BDEB0F6366E2BA9608CB5   - C:\Users\joderoo\AppData\Local\Citrix\Plugins\104\npappdetector.dll -   Citrix Online Web Deployment Plugin 1.0.0.104
A7E6EA4CF1A87A235EAC315146CDC1B4   - C:\Users\joderoo\AppData\Roaming\Mozilla\plugins\npatgpc.dll -   ActiveTouch General Plugin Container
1CDD28B47D8198F868349BDFBCD1281B   - C:\Users\joderoo\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll -   VASCO Card Reader Plugin

==== Reset Google Chrome ======================

C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\joderoo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\joderoo\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=695 folders=59 34645446 bytes)

==== EOF on do 16/04/2015 at 0:03:44,65 ======================

kape · 18 april 2015

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Sluit alle openstaande vensters.
Dubbelklik op AdwCleaner om hem te starten.
Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Klik op Scan.
Klik vervolgens op Clean.
Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.

Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

joderoo · 21 april 2015

Hallo,

ik ben echt versteld om hoeveel mensen me hier willen helpen.

KEEP UP THE GOOD JOB people.

Ik heb adware gedraaid en hierbij zend ik jullie het logje.

Ik moet jullie er wel bij vertellen dat ik sindsdien ik "adware" heb laten lopen

dat ik wel terug scherm heb gekregen op bepaalde sites.

Is er ergens een verband en indien ja zou ik dolgraag

willen weten wat het probleem is of was.

Bedankt mensen.

vriendelijke groeten

joery

# AdwCleaner v4.201 - Logbestand aangemaakt 21/04/2015 op 08:34:02
# Laatste update 08/04/2015 door Xplode
# Database : 2015-04-20.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : joderoo - JODEROO-PC
# Gestart vanuit : D:\Joderoo(D)\PC safety\PC-Helpforum 04-2015\adwcleaner_4.201.exe
# Optie : Scannen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Bestand Gevonden : C:\Windows\System32\log\iSafeKrnlCall.log
Map Gevonden : C:\Users\joderoo\AppData\Local\Hola

***** [ Geplande taken ] *****

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Gevonden : HKCU\Software\estdemin
Sleutel Gevonden : [x64] HKCU\Software\estdemin
Sleutel Gevonden : HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt
Sleutel Gevonden : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Sleutel Gevonden : HKLM\SOFTWARE\Classes\PCSU.Registry
Sleutel Gevonden : HKLM\SOFTWARE\Classes\PCSU.SysUtils
Sleutel Gevonden : HKU\.DEFAULT\Software\Elex-tech

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17728

-\\ Mozilla Firefox v38.0 (x86 nl)

[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.defaultenginename,S", "WebSearch");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.order.1", "SearchAlgo");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.order.1,S", "WebSearch");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("browser.search.selectedEngine,S", "WebSearch");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.4vcTV.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.n[...]
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.Resources_meta.value", "%7B%22images/icon_255x255.png%22%3A%7B%22id%22%3A750126%2C%22ver%22%3A1%2C%22status%22%3A1%2C%22name%22%3A%22im[...]
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.asepherdwilburaolcom61752.61752.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%22urls[...]
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.betterff.surfcanyon.ramp.start_time", "1");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.fvd_single.__surfcanyon_disable_time", "1400104413740");
[2f7at3jy.default-1423050829402] - Regel Gevonden : user_pref("extensions.zkVd6S.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.[...]

-\\ Google Chrome v42.0.2311.90

-\\ Opera v28.0.1750.51

*************************

AdwCleaner[R0].txt - [11907 bytes] - [04/02/2015 13:56:56]
AdwCleaner[R1].txt - [3215 bytes] - [20/04/2015 21:14:08]
AdwCleaner[R2].txt - [3094 bytes] - [21/04/2015 08:34:02]
AdwCleaner[s0].txt - [9338 bytes] - [04/02/2015 14:00:24]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3212 bytes] ##########

21 april 2015 aangepast door joderoo

kweezie wabbit · 21 april 2015

Je moet na de scan ook op de knop clean of verwijderen drukken om de gevonden items op te ruimen.

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Sluit alle openstaande vensters.

Dubbelklik op AdwCleaner om hem te starten.

Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,

Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.

Klik op Scan.

Klik vervolgens op Clean.

Klik bij Herstarten Noodzakelijk op OK

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.

Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

kweezie wabbit · 6 mei 2015

Lukt het niet?

Inloggen

ik krijg een blanco scherm op bepaalde sites ?

Aanbevolen berichten

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Link naar reactie

Delen op andere sites

Welkom op PC Helpforum

Leden statistieken

OVER ONS

SITEMAP

Belangrijke informatie