Java update

[bernard]

Terwijl ik een beetje aan het neuzen was op internet , komt er een scherm dat er een java update was , en of ik  wilde doorgaan of wachten .

Ik heb op doorgaan geklikt .

Daarna komt er het bekende scherm om toestemming  te geven , en dat heb ik dus .

Na een tijdje komt er een scherm om op : voltooien te klikken .Dat heb ik gedaan , en toen kwam er gelijk een scherm over een scherm dat er iets mis was gegaan met downloaden .

Ik heb dit weg geklikt op het rode kruisje .

Ik heb in configuratie scherm gecontroleerd of de java update er bij stond in : programma en onderdelen .

En daar staat het dus wel als geupdated.

Met het afsluiten van de laptop kreeg ik de melding dat er updates waren , dus de computer niet afsluiten .

Daarna met het opnieuw opstarten  eerst weer de updates configureren .

Volgens mij de normale procedure.

 

Achteraf , heb ik dit al eens eerder met Java gehad .

En ook als ik jullie een probleem stuurde kreeg ik een paar keer de melding dat java verouderd was .

 

Kunnen jullie wat met dit verhaal ?

 

[kape]

Voer het onderstaande eens uit, dan kunnen we eens bekijken hoe (intern) de huidige toestand van JAVA op je PC is.

 

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
• RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de

.

[bernard]

Logfile of random's system information tool 1.10 (written by random/random)
Run by Bernardus at 2015-07-16 19:22:50
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 322 GB (70%) free of 463 GB
Total RAM: 4063 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:05, on 16-7-2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe
c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files\trend micro\Bernardus.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startpagina.nl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Adobe PDF Reader Help bij koppelingen - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPCam_Menu] "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "c:\Program Files (x86)\Hewlett-Packard\Media\Webcam" UpdateWithCreateOnce "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [brStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Google Update] "C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://82.176.121.75:8080/activex/AMC.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: TeamViewer 7 (TeamViewer7) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12451 bytes

======Listing Processes======

 

\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
C:\Windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe

C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\Hpservice.exe
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe 4519152
\??\C:\Windows\system32\conhost.exe "-620576328730119289-1129271049107595016383935104-1267461828229663444866703129
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"taskhost.exe"
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
"C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\svchost.exe -k netsvcs
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
"C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Hp\Digital Imaging\bin\HpqSRmon.exe"
"C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe"
"C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe"
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
WLIDSvcM.exe 3084
"C:\Windows\system32\GWX\GWX.exe"
-BootProc
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
"C:\Program Files (x86)\Browny02\BrYNSvc.exe"
"C:\Program Files\iPod\bin\iPodService.exe"
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
"C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\servicing\TrustedInstaller.exe
-BootProc
taskeng.exe {BB33B84F-2B6B-493A-929F-BA0A15C56BB0}
"c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe"
"c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe" -Embedding
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe" "<hpNotification><Toast><ID>26959</ID><Title>HP Wireless Assistant</Title><Text>WLAN: Aan</Text><IconPath>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\images\wireless_on.ico</IconPath><Path>C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe</Path><Parameters>SHOWSTATUS</Parameters></Toast></hpNotification>"
C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}
"C:\Program Files\Internet Explorer\iexplore.exe"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:267521 /prefetch:2
C:\Windows\system32\Macromed\Flash\FlashUtil64_18_0_0_209_ActiveX.exe -Embedding
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE"
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:1905977 /prefetch:2
"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1368 CREDAT:3544415 /prefetch:2
"C:\Users\Bernardus\Contacts\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe  /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job - C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe  /ua /installsource scheduler
C:\Windows\tasks\HPCeeScheduleForBernardus.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe  HPCeeScheduleForBernardus (null)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Help bij koppelingen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23 72336]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-15 460384]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Aanmeldhulp voor Windows Live ID - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-15 172640]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22 517688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-04 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04 194504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-10-14 2837288]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-03-23 487424]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2015-04-30 1337000]
"Logitech Download Assistant"=C:\Windows\System32\LogiLDA.dll [2012-09-20 1832760]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2009-06-17 2363392]
"Google Update"=C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-13 116648]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07 998104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-07-15 1668664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QlbCtrl.exe]
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2010-02-25 323640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmartMenu]
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [2009-07-21 610872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2015-04-30 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~2\Hp\DIGITA~1\bin\hpqtra08.exe [2009-09-20 270336]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-02 98304]
"HPCam_Menu"=c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe [2009-02-25 218408]
"UpdatePRCShortCut"=C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"APSDaemon"=C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2014-07-31 43816]
"WirelessAssistant"=C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2010-05-20 500792]
"hpqSRMon"=C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
"QuickTime Task"=C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]
"iTunesHelper"=C:\Program Files (x86)\iTunes\iTunesHelper.exe [2014-08-01 152392]
"ControlCenter4"=C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [2012-09-06 143360]
"BrStsMon00"=C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [2012-06-06 3076096]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08 334896]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"WallpaperStyle"=2
"DisableLockWorkstation"=0
"DisableTaskMgr"=0
"DisableChangePassword"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"HideFastUserSwitching"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-07-16 19:22:50 ----D---- C:\rsit
2015-07-15 19:32:35 ----A---- C:\Windows\SYSWOW64\cewmdm.dll
2015-07-15 19:32:35 ----A---- C:\Windows\system32\cewmdm.dll
2015-07-15 19:32:31 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2015-07-15 19:32:31 ----A---- C:\Windows\SYSWOW64\wups.dll
2015-07-15 19:32:31 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2015-07-15 19:32:31 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2015-07-15 19:32:31 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2015-07-15 19:32:31 ----A---- C:\Windows\system32\wucltux.dll
2015-07-15 19:32:31 ----A---- C:\Windows\system32\wuauclt.exe
2015-07-15 19:32:31 ----A---- C:\Windows\system32\wuapp.exe
2015-07-15 19:32:31 ----A---- C:\Windows\system32\wuapi.dll
2015-07-15 19:32:31 ----A---- C:\Windows\system32\WinSetupUI.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wuwebv.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wups2.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wups.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wudriver.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wuaueng.dll
2015-07-15 19:32:30 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 19:32:24 ----A---- C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 19:32:24 ----A---- C:\Windows\system32\rdpcorets.dll
2015-07-15 19:32:23 ----A---- C:\Windows\system32\win32k.sys
2015-07-15 19:32:21 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2015-07-15 19:32:21 ----A---- C:\Windows\system32\gdi32.dll
2015-07-15 19:32:20 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2015-07-15 19:32:20 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2015-07-15 19:32:20 ----A---- C:\Windows\system32\jscript9diag.dll
2015-07-15 19:32:20 ----A---- C:\Windows\system32\jscript9.dll
2015-07-15 19:32:18 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2015-07-15 19:32:17 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2015-07-15 19:32:17 ----A---- C:\Windows\SYSWOW64\ieui.dll
2015-07-15 19:32:17 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2015-07-15 19:32:15 ----A---- C:\Windows\system32\urlmon.dll
2015-07-15 19:32:14 ----A---- C:\Windows\system32\ieui.dll
2015-07-15 19:32:14 ----A---- C:\Windows\system32\ieframe.dll
2015-07-15 19:32:13 ----A---- C:\Windows\system32\mshtml.dll
2015-07-15 19:32:12 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2015-07-15 19:32:12 ----A---- C:\Windows\system32\iertutil.dll
2015-07-15 19:32:06 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2015-07-15 19:32:06 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2015-07-15 19:32:06 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2015-07-15 19:32:06 ----A---- C:\Windows\system32\ieetwproxystub.dll
2015-07-15 19:32:06 ----A---- C:\Windows\system32\ieetwcollector.exe
2015-07-15 19:32:05 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2015-07-15 19:32:05 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2015-07-15 19:32:05 ----A---- C:\Windows\system32\iernonce.dll
2015-07-15 19:32:05 ----A---- C:\Windows\system32\ie4uinit.exe
2015-07-15 19:32:04 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2015-07-15 19:32:04 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2015-07-15 19:32:04 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2015-07-15 19:32:04 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2015-07-15 19:32:04 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 19:32:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2015-07-15 19:32:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2015-07-15 19:32:01 ----A---- C:\Windows\SYSWOW64\jscript.dll
2015-07-15 19:32:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 19:32:01 ----A---- C:\Windows\system32\iedkcs32.dll
2015-07-15 19:32:00 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2015-07-15 19:32:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2015-07-15 19:32:00 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 19:31:59 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2015-07-15 19:31:59 ----A---- C:\Windows\system32\msfeeds.dll
2015-07-15 19:31:59 ----A---- C:\Windows\system32\dxtrans.dll
2015-07-15 19:31:58 ----A---- C:\Windows\system32\iesetup.dll
2015-07-15 19:31:58 ----A---- C:\Windows\system32\ieapfltr.dll
2015-07-15 19:31:56 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2015-07-15 19:31:56 ----A---- C:\Windows\system32\vbscript.dll
2015-07-15 19:31:55 ----A---- C:\Windows\SYSWOW64\wininet.dll
2015-07-15 19:31:55 ----A---- C:\Windows\system32\jsproxy.dll
2015-07-15 19:31:55 ----A---- C:\Windows\system32\ieUnatt.exe
2015-07-15 19:31:54 ----A---- C:\Windows\SYSWOW64\msrating.dll
2015-07-15 19:31:53 ----A---- C:\Windows\system32\dxtmsft.dll
2015-07-15 19:31:52 ----A---- C:\Windows\system32\mshtmlmedia.dll
2015-07-15 19:31:52 ----A---- C:\Windows\system32\mshtmled.dll
2015-07-15 19:31:51 ----A---- C:\Windows\system32\jscript.dll
2015-07-15 19:31:50 ----A---- C:\Windows\system32\wininet.dll
2015-07-15 19:31:49 ----A---- C:\Windows\system32\msrating.dll
2015-07-15 19:31:49 ----A---- C:\Windows\system32\MshtmlDac.dll
2015-07-15 19:29:11 ----A---- C:\Windows\system32\wksprt.exe
2015-07-15 19:29:11 ----A---- C:\Windows\system32\mstscax.dll
2015-07-15 19:29:09 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2015-07-15 19:29:06 ----A---- C:\Windows\SYSWOW64\rdvidcrl.dll
2015-07-15 19:29:05 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2015-07-15 19:29:05 ----A---- C:\Windows\system32\tsgqec.dll
2015-07-15 19:29:05 ----A---- C:\Windows\system32\rdvidcrl.dll
2015-07-15 19:29:01 ----A---- C:\Windows\system32\ole32.dll
2015-07-15 19:29:00 ----A---- C:\Windows\SYSWOW64\ole32.dll
2015-07-15 19:28:52 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2015-07-15 19:28:52 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2015-07-15 19:28:52 ----A---- C:\Windows\system32\cryptsvc.dll
2015-07-15 19:28:52 ----A---- C:\Windows\system32\crypt32.dll
2015-07-15 19:28:51 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2015-07-15 19:28:51 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2015-07-15 19:28:51 ----A---- C:\Windows\system32\wintrust.dll
2015-07-15 19:28:51 ----A---- C:\Windows\system32\cryptnet.dll
2015-07-15 19:28:30 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2015-07-15 19:28:30 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2015-07-15 19:28:30 ----A---- C:\Windows\system32\rpcrt4.dll
2015-07-15 19:28:30 ----A---- C:\Windows\system32\msv1_0.dll
2015-07-15 19:28:30 ----A---- C:\Windows\system32\kerberos.dll
2015-07-15 19:28:30 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2015-07-15 19:28:29 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2015-07-15 19:28:29 ----A---- C:\Windows\SYSWOW64\schannel.dll
2015-07-15 19:28:29 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2015-07-15 19:28:29 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2015-07-15 19:28:29 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\wdigest.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\TSpkg.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\schannel.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\ncrypt.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\lsasrv.dll
2015-07-15 19:28:29 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2015-07-15 19:28:29 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2015-07-15 19:28:29 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2015-07-15 19:28:29 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2015-07-15 19:28:29 ----A---- C:\Windows\system32\cryptbase.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\secur32.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\credssp.dll
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2015-07-15 19:28:28 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2015-07-15 19:28:28 ----A---- C:\Windows\system32\sspisrv.dll
2015-07-15 19:28:28 ----A---- C:\Windows\system32\sspicli.dll
2015-07-15 19:28:28 ----A---- C:\Windows\system32\secur32.dll
2015-07-15 19:28:28 ----A---- C:\Windows\system32\lsass.exe
2015-07-15 19:28:28 ----A---- C:\Windows\system32\credssp.dll
2015-07-15 19:28:28 ----A---- C:\Windows\system32\auditpol.exe
2015-07-15 19:28:28 ----A---- C:\Windows\system32\adtschema.dll
2015-07-15 19:28:27 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2015-07-15 19:28:27 ----A---- C:\Windows\system32\msobjs.dll
2015-07-15 19:28:27 ----A---- C:\Windows\system32\msaudite.dll
2015-07-15 19:28:07 ----A---- C:\Windows\system32\msi.dll
2015-07-15 19:28:06 ----A---- C:\Windows\SYSWOW64\msi.dll
2015-07-15 19:28:06 ----A---- C:\Windows\system32\authui.dll
2015-07-15 19:28:05 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2015-07-15 19:28:05 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2015-07-15 19:28:05 ----A---- C:\Windows\SYSWOW64\authui.dll
2015-07-15 19:28:05 ----A---- C:\Windows\system32\msihnd.dll
2015-07-15 19:28:05 ----A---- C:\Windows\system32\msiexec.exe
2015-07-15 19:28:05 ----A---- C:\Windows\system32\consent.exe
2015-07-15 19:28:05 ----A---- C:\Windows\system32\appinfo.dll
2015-07-15 19:28:04 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2015-07-15 19:28:04 ----A---- C:\Windows\system32\msimsg.dll
2015-07-15 19:27:51 ----A---- C:\Windows\system32\generaltel.dll
2015-07-15 19:27:51 ----A---- C:\Windows\system32\appraiser.dll
2015-07-15 19:27:50 ----A---- C:\Windows\system32\invagent.dll
2015-07-15 19:27:50 ----A---- C:\Windows\system32\aeinv.dll
2015-07-15 19:27:49 ----A---- C:\Windows\system32\devinv.dll
2015-07-15 19:27:49 ----A---- C:\Windows\system32\CompatTelRunner.exe
2015-07-15 19:27:49 ----A---- C:\Windows\system32\aepdu.dll
2015-07-15 19:27:49 ----A---- C:\Windows\system32\acmigration.dll
2015-07-15 19:27:47 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2015-07-15 19:27:47 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2015-07-15 19:27:47 ----A---- C:\Windows\system32\lpk.dll
2015-07-15 19:27:47 ----A---- C:\Windows\system32\atmlib.dll
2015-07-15 19:27:47 ----A---- C:\Windows\system32\atmfd.dll
2015-07-15 19:27:46 ----A---- C:\Windows\SYSWOW64\lpk.dll
2015-07-15 19:27:46 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2015-07-15 19:27:46 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2015-07-15 19:27:46 ----A---- C:\Windows\system32\fontsub.dll
2015-07-15 19:27:46 ----A---- C:\Windows\system32\dciman32.dll
2015-06-22 14:05:32 ----A---- C:\Windows\SYSWOW64\WindowsAccessBridge-32.dll
2015-06-17 01:01:52 ----A---- C:\Windows\SYSWOW64\FM20.DLL

======List of files/folders modified in the last 1 month======

2015-07-16 19:23:03 ----D---- C:\Program Files\trend micro
2015-07-16 19:20:33 ----D---- C:\Windows\Temp
2015-07-16 19:01:16 ----SHD---- C:\Windows\Installer
2015-07-16 19:01:15 ----HD---- C:\Config.Msi
2015-07-16 18:56:24 ----RD---- C:\Program Files (x86)
2015-07-16 18:56:19 ----D---- C:\Windows\Tasks
2015-07-16 18:53:39 ----A---- C:\ProgramData\HPWALog.txt
2015-07-16 18:53:38 ----HD---- C:\ProgramData
2015-07-16 18:53:04 ----D---- C:\Windows\system32\config
2015-07-16 08:42:02 ----D---- C:\Windows\winsxs
2015-07-16 08:41:41 ----SD---- C:\Windows\SYSWOW64\GWX
2015-07-16 08:41:41 ----SD---- C:\Windows\system32\GWX
2015-07-16 08:41:39 ----SHD---- C:\System Volume Information
2015-07-15 21:14:35 ----D---- C:\Windows\SysWOW64
2015-07-15 21:14:35 ----D---- C:\Windows\System32
2015-07-15 21:14:34 ----D---- C:\Windows\SYSWOW64\nl-NL
2015-07-15 21:14:34 ----D---- C:\Windows\system32\nl-NL
2015-07-15 21:14:34 ----D---- C:\Windows\PolicyDefinitions
2015-07-15 21:14:32 ----D---- C:\Windows\SYSWOW64\en-US
2015-07-15 21:14:32 ----D---- C:\Windows\system32\en-US
2015-07-15 21:14:32 ----D---- C:\Program Files\Internet Explorer
2015-07-15 21:14:32 ----D---- C:\Program Files (x86)\Internet Explorer
2015-07-15 21:14:20 ----D---- C:\Windows\system32\drivers
2015-07-15 19:43:34 ----SD---- C:\Windows\system32\CompatTel
2015-07-15 19:43:34 ----D---- C:\Windows\system32\wbem
2015-07-15 19:43:34 ----D---- C:\Windows\system32\appraiser
2015-07-15 19:43:34 ----D---- C:\Windows\AppPatch
2015-07-15 19:40:14 ----D---- C:\ProgramData\Microsoft Help
2015-07-15 19:30:02 ----D---- C:\Windows\system32\MRT
2015-07-15 19:26:18 ----D---- C:\Windows\system32\catroot2
2015-07-15 19:00:30 ----D---- C:\ProgramData\Oracle
2015-07-15 19:00:20 ----D---- C:\Program Files (x86)\Java
2015-07-15 13:19:45 ----D---- C:\Windows\system32\Tasks
2015-07-14 21:02:31 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2015-07-10 21:00:56 ----D---- C:\Windows\inf
2015-07-10 21:00:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
2015-07-05 12:08:23 ----N---- C:\Windows\system32\MpSigStub.exe
2015-07-03 08:43:04 ----A---- C:\Windows\system32\MRT.exe
2015-06-20 15:27:19 ----D---- C:\Windows\system32\NDF
2015-06-20 14:23:28 ----D---- C:\Program Files (x86)\TomTom HOME 2

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 hpdskflt;HP Filter; C:\Windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2015-03-04 280376]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2015-03-04 124568]
R3 Accelerometer;HP Mobile Data Protection Sensor; C:\Windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-06-29 116752]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-02 6036480]
R3 BCM43XX;Stuurprogramma voor de Broadcom 802.11-netwerkadapter; C:\Windows\system32\DRIVERS\bcmwl664.sys [2009-08-25 2769400]
R3 enecir;ENE CIR Receiver; C:\Windows\system32\DRIVERS\enecir.sys [2009-06-29 70656]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 33240]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\Windows\system32\DRIVERS\HpqKbFiltr.sys [2009-04-29 18432]
R3 JMCR;JMCR; C:\Windows\system32\DRIVERS\jmcr.sys [2009-07-21 140712]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-07-14 233472]
R3 STHDA;IDT High Definition Audio CODEC; C:\Windows\system32\DRIVERS\stwrt64.sys [2010-03-23 505344]
R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-10-14 396848]
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 145920]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\drivers\Dot4Prt.sys [2010-11-20 19968]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 43008]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-06-10 6108416]
S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2015-07-09 129752]
S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS [2009-06-10 292864]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS [2009-06-10 1485312]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS [2009-06-10 740864]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WinUsb;WinUsb; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]
S3 WSDPrintDevice;WSD-ondersteuning voor afdrukken via UMB; C:\Windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
S3 WSDScan;Ondersteuning voor WSD-scan via UMB; C:\Windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-07-07 82128]
R2 AESTFilters;Andrea ST Filters Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe [2009-03-02 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-02 203264]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2014-06-12 43336]
R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-31 462184]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ezSharedSvc;Easybits Shared Services for Windows; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpqddsvc;HP CUE DeviceDiscovery-service; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R2 hpsrv;HP Service; C:\Windows\system32\Hpservice.exe [2011-05-13 30520]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2009-06-17 73728]
R2 MDM;Machine Debug Manager; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2015-04-30 23816]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2009-01-21 247152]
R2 STacSV;Audio Service; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe [2010-03-23 247808]
R2 TeamViewer7;TeamViewer 7; C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-31 2754984]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2015-04-30 93040]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 2292096]
R3 BrYNSvc;BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-06-05 266240]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 27136]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2011-03-28 799800]
R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2014-08-01 641352]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2015-04-30 366544]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Google Updateservice (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-14 268976]
S3 Com4QLBEx;Com4QLBEx; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2010-02-25 227896]
S3 GameConsoleService;GameConsoleService; C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe [2009-05-22 250616]
S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-04-14 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-06-20 114688]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-22 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

[kape]

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
• Dubbelklik op Zoek.exe om de tool te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43};c
{DBC80044-A445-435b-BC74-9C25C1C588A9};c
[SunJavaUpdateSched];s
C:\Program Files (x86)\Common Files\Java\Java Update;fs
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}];r64
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}];r64
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run];r64
"SunJavaUpdateSched"=-;r64
C:\Program Files (x86)\Java;fs
emptyfolderscheck;delete
startupall;
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
• Do a Quick Scan
• Installed Programs
• Auto Clean
• De optie "Scan All Users" staat standaard aangevinkt.
• Klik nu op de knop "Run script".
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
• Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

[bernard]

Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Bernardus on do 16-07-2015 at 21:10:56,30.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K2ZRQKM\zoek.exe [scan all users]  [Checkboxes used]

==== System Restore Info ======================

16-7-2015 21:13:32 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\Bernardus\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Bernardus\AppData\Local\EmieSiteList deleted successfully
C:\Users\Bernardus\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\PROGRA~2\MP3 Rocket Downloader deleted
C:\Users\Bernardus\AppData\Roaming\calibre deleted
C:\Users\Bernardus\AppData\Roaming\RHEng deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\BERNAR~1\AppData\Local\Temp ====
2015-07-15 16:58:15 F327703F5351BB4A512E8CE9F66ABB9F 563808 ----a-w- C:\Users\Bernardus\AppData\Local\Temp\jre-8u51-windows-au.exe
====== Java Cache =====
2015-06-22 11:31:53 A36AC3B82AC586C469886912B705B732 62595 ----a-w- C:\Users\Bernardus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\2\51bf47c2-1d916820
2015-06-22 11:30:44 6884075D7A08A6BC5D971AEA7807DF20 360 ----a-w- C:\Users\Bernardus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\483ed718-6a9f9ef7c46c3945c2757f7e641a00ae28f533d7866d6c7eab3a9cc16680fddf-6.0.lap
2015-06-22 11:32:23 7B9BAEB255636B3B9AB0592617054361 1932 ----a-w- C:\Users\Bernardus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\2473b823-68ccfd1c
2015-06-22 11:32:02 80EF72885F266068835CC9A22E517278 338 ----a-w- C:\Users\Bernardus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\56b45bab-539740782b28930032d391dc21b2de8dae6cea76800f3ca6e097e204aa772e8b-6.0.lap
====== C:\Windows\SysWOW64 =====
2015-07-15 17:32:35 6E91F67335D57DDFFE798C815444B0E3 210432 ----a-w- C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 17:32:31 E2A2B221A47271DD4176FB9B93F670E6 93184 ----a-w- C:\Windows\SysWOW64\wudriver.dll
2015-07-15 17:32:31 CBC91E2E6158358E82D153D811B73C38 30208 ----a-w- C:\Windows\SysWOW64\wups.dll
2015-07-15 17:32:31 7F13188A9656355F664313334971DA22 173056 ----a-w- C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 17:32:31 1728A7831E95BCEEEA3F0D07AE6F74EE 566784 ----a-w- C:\Windows\SysWOW64\wuapi.dll
2015-07-15 17:32:31 13810657EE732C2F5453C0C877FD5DB2 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2015-07-15 17:32:21 143046AC227C193B5B2E0E20BC0CF1DD 312320 ----a-w- C:\Windows\SysWOW64\gdi32.dll
2015-07-15 17:32:20 3D73FC0D0997DA1EF6F705EF9936AB20 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 17:32:20 31165F9D71D3C249AB97FBAE55DE4B49 4520448 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2015-07-15 17:32:18 116F506573B59B85CD0DC18527E9951A 19877376 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2015-07-15 17:32:17 AFAEB9E4269846C64DC9721B1BFA5CEC 12855296 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2015-07-15 17:32:17 37BC6BC6CFC38A6202B28459F7CCE4CD 479232 ----a-w- C:\Windows\SysWOW64\ieui.dll
2015-07-15 17:32:17 05CA106A1B68770BDABB9AA7AEAE516A 1310720 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2015-07-15 17:32:16 4E4B3CAC5C62415AF5C6B0167A376EB8 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 17:32:12 8EDF7B6D3A563DAA06DD87053C734168 2279424 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2015-07-15 17:32:06 E42BB0E02C8F6C8D1CCBFE6AB8EB199F 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll
2015-07-15 17:32:06 E3883C13DB4D19E29095C9F4BC27B755 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 17:32:06 1A04239A054D810CF32C46F2B70C47B7 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 17:32:05 E8F3572F002B556D19AC3AE4A11CAC2E 342736 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 17:32:05 D503616B296B869486AA84D6DB8FB6A5 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 17:32:04 95C40DFE3B3CFCEBA2DF9E493945A7B5 689152 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 17:32:04 87E5B70C9F0DE7E3D620E1E3A60AA274 504320 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2015-07-15 17:32:04 18465944F711AD3FDE58675C3C42FA99 285696 ----a-w- C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 17:32:04 019019007E6980EACAC80DE04B5D330A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 17:32:02 442DB5B16073DE2E79E1912D0B77F343 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 17:32:02 2CC6836C44C84583386702468125654F 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll
2015-07-15 17:32:01 CC044CFF6018AD0368AF3A8149721407 2052608 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 17:32:01 81ED1F775E5DDBE990D9C3AFF507DAC2 664064 ----a-w- C:\Windows\SysWOW64\jscript.dll
2015-07-15 17:32:00 E475D4B65088F4F7FABF7D427CD3D30E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 17:32:00 43CF584D989A4A0EA6B5D3EBFAD260B7 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 17:31:59 0CB44ADB09C5BE7CE9D1D1F04E909067 418304 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 17:31:56 0DE5FE06603CF80238EFD9D67AB45A56 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 17:31:55 63B01F72FD727D5736DBEF54174D8F93 1951232 ----a-w- C:\Windows\SysWOW64\wininet.dll
2015-07-15 17:31:54 72D524ED31A2FBA7432801361CE41FC3 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll
2015-07-15 17:31:54 17DFCBA042195666632C889E04913E19 341504 ----a-w- C:\Windows\SysWOW64\html.iec
2015-07-15 17:29:09 5E3ED0FB3D07258A72C27CAFAA9D0101 6131200 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2015-07-15 17:29:06 603ADCCAA52D1E0675C63646AFBBA992 856064 ----a-w- C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 17:29:05 2CECF5A9E952E3165F14267544A2E6A6 53248 ----a-w- C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 17:29:00 4548507ED3C17DB4739DBBEAF6378004 1414656 ----a-w- C:\Windows\SysWOW64\ole32.dll
2015-07-15 17:28:52 F4AFDB5ABEA0C9079E8193E24D1DB21D 1174528 ----a-w- C:\Windows\SysWOW64\crypt32.dll
2015-07-15 17:28:52 33F67BBCC3C0499D3F3382473114CFA8 143872 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 17:28:51 D864C283FFD7C080FDC25FD4C798FF8D 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 17:28:51 588D52C2D0E60EE71FD5A64407865B10 179200 ----a-w- C:\Windows\SysWOW64\wintrust.dll
2015-07-15 17:28:30 E344031017D52F5F1A4C759A815625CC 259584 ----a-w- C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 17:28:30 4466D67AC240FE1CCCB32BE743BCB488 552960 ----a-w- C:\Windows\SysWOW64\kerberos.dll
2015-07-15 17:28:29 E97B4515FC3846CB5C6853C40E71EF28 36864 ----a-w- C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 17:28:29 CA017983095846BFCFBE9C02B40958B3 221184 ----a-w- C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 17:28:29 98226182583DF1715F1BE6CCEA6E8D95 248832 ----a-w- C:\Windows\SysWOW64\schannel.dll
2015-07-15 17:28:29 393FDE87F56A8E98AC1B37ADB2181332 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 17:28:29 02CD86D59807467D065F521BE81BB858 665088 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 17:28:28 E6F375BAA4F839592627DA3E95BF3977 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll
2015-07-15 17:28:28 A41BF25E4F145E1BC00445B6421B9E11 686080 ----a-w- C:\Windows\SysWOW64\adtschema.dll
2015-07-15 17:28:28 96741CBB4CC3638A2BCB11F93B92B738 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll
2015-07-15 17:28:28 81E207D09B2A7723A549EFB34B47C7EA 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll
2015-07-15 17:28:28 6AE6E08938D5BA9D8BA305506620B48D 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll
2015-07-15 17:28:28 2E8C9C3223E05F4B42FB89C03DD09C1D 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll
2015-07-15 17:28:28 2B4A31319D74B3D3407AB64942B7FF32 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-07-15 17:28:27 A719B9156A6DCDBACC201D9163AFF8D1 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll
2015-07-15 17:28:06 D7C4ABB0F1FFA371928EED0C7A6E24DC 2364416 ----a-w- C:\Windows\SysWOW64\msi.dll
2015-07-15 17:28:05 F61A069A5517F85662ED9A6C5AD5445A 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe
2015-07-15 17:28:05 C08582E7F8EA706A2D4A3C7BD5AC35C1 337408 ----a-w- C:\Windows\SysWOW64\msihnd.dll
2015-07-15 17:28:05 7B4277F9E9F48D5D8E6AEA341F8048E8 1805824 ----a-w- C:\Windows\SysWOW64\authui.dll
2015-07-15 17:28:04 A344B1EFA7DB86AE1407039CD596FB1E 25088 ----a-w- C:\Windows\SysWOW64\msimsg.dll
2015-07-15 17:27:47 E5D33416F2BA5E11C11215439DD3BF23 299008 ----a-w- C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:27:47 B1BD587DE3E077CBB9F749C2CC3B8D6C 34304 ----a-w- C:\Windows\SysWOW64\atmlib.dll
2015-07-15 17:27:46 94815184BAAB8518F4027E92C6025505 70656 ----a-w- C:\Windows\SysWOW64\fontsub.dll
2015-07-15 17:27:46 5945A57802C6641478AF680FF839287E 10240 ----a-w- C:\Windows\SysWOW64\dciman32.dll
2015-07-15 17:27:46 4644A3B2AFDDAEA57C3EC30F8D079E54 25600 ----a-w- C:\Windows\SysWOW64\lpk.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-07-15 17:32:35 60696836CAD56F1B47059E1BA739787D 254976 ----a-w- C:\Windows\Sysnative\cewmdm.dll
2015-07-15 17:32:31 84CEF9B2D8ED8006B3975DC1D8109B3D 696320 ----a-w- C:\Windows\Sysnative\wuapi.dll
2015-07-15 17:32:31 80381DD7C4797A601E59F8E001B46793 3154944 ----a-w- C:\Windows\Sysnative\wucltux.dll
2015-07-15 17:32:31 3F9239D5F65F1318A53EBAEC01C092F1 139776 ----a-w- C:\Windows\Sysnative\wuauclt.exe
2015-07-15 17:32:31 3EDB01024BA86C5B4D2CB307DC5D3AC0 37376 ----a-w- C:\Windows\Sysnative\wuapp.exe
2015-07-15 17:32:31 2896A06239E19379CE44FAFCDB1675B1 91136 ----a-w- C:\Windows\Sysnative\WinSetupUI.dll
2015-07-15 17:32:30 F56E83C1EFEDEF919033CBFF071602B6 36864 ----a-w- C:\Windows\Sysnative\wups.dll
2015-07-15 17:32:30 D79E3C2D45315ADCAA267A05355DFBF5 12288 ----a-w- C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-07-15 17:32:30 BC80574FF264848F8613A3F6F7AF7642 192000 ----a-w- C:\Windows\Sysnative\wuwebv.dll
2015-07-15 17:32:30 AA3E844A2595B1AA5825C70CA50D963E 2603008 ----a-w- C:\Windows\Sysnative\wuaueng.dll
2015-07-15 17:32:30 00DCC688DF459A9FEE42C7397668C62B 98304 ----a-w- C:\Windows\Sysnative\wudriver.dll
2015-07-15 17:32:30 00383E521D3D039968B92A0998BA76FD 37888 ----a-w- C:\Windows\Sysnative\wups2.dll
2015-07-15 17:32:24 F6D23F6707CAEA235E4C84A4AC87EB2A 3180544 ----a-w- C:\Windows\Sysnative\rdpcorets.dll
2015-07-15 17:32:24 960D313FFBC9C4C14D9DFDB1FEB21CBD 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2015-07-15 17:32:23 C4EA3D63E8BF077ECD1E93BF6556AE99 3207168 ----a-w- C:\Windows\Sysnative\win32k.sys
2015-07-15 17:32:21 EFFFE1C77ACCE66C82CCFD18A9687F48 404992 ----a-w- C:\Windows\Sysnative\gdi32.dll
2015-07-15 17:32:20 837BD6BB879405B416A4326C8B723D83 5923840 ----a-w- C:\Windows\Sysnative\jscript9.dll
2015-07-15 17:32:20 2A795629E0746D82A229A01EEE75FCE5 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll
2015-07-15 17:32:17 FC165889E97E37BCB55C5B79BEB3D331 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2015-07-15 17:32:15 78E4D3781E5632BA88E5153510BEB625 1545728 ----a-w- C:\Windows\Sysnative\urlmon.dll
2015-07-15 17:32:14 6A70888EEC05B45C8990E8977C480019 14453248 ----a-w- C:\Windows\Sysnative\ieframe.dll
2015-07-15 17:32:14 120E3CE08505A9637CAB72D35A2D2E8C 615936 ----a-w- C:\Windows\Sysnative\ieui.dll
2015-07-15 17:32:13 D74E2BE157B8A2A9CF29BEBB052B8A42 25193984 ----a-w- C:\Windows\Sysnative\mshtml.dll
2015-07-15 17:32:12 41D59904967A4033FB4497DCED7320AD 2885632 ----a-w- C:\Windows\Sysnative\iertutil.dll
2015-07-15 17:32:06 A51BF63E9EA6DDED50A69797EAD23576 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll
2015-07-15 17:32:06 50AAC6B4AFD93060456134A29C35FB1E 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe
2015-07-15 17:32:05 44D98BF1ED7B520602A55446E28D8840 720384 ----a-w- C:\Windows\Sysnative\ie4uinit.exe
2015-07-15 17:32:05 3A46FC42EDE2021399FCD9E4A7A406F8 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll
2015-07-15 17:32:04 4887D79B5CE61A00FCC5C53AA2216007 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-07-15 17:32:01 DAECFA33350D863D49157506587D5EF8 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll
2015-07-15 17:32:01 7EEC52D1B800230A4E8EC81B92D61118 389832 ----a-w- C:\Windows\Sysnative\iedkcs32.dll
2015-07-15 17:32:00 80E899C111219316B94BBA72FAFF7D11 968704 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-07-15 17:31:59 BCE51D1B0F7BC8977CDAECD24A0D4C88 801280 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2015-07-15 17:31:59 434CBA59035C4F3A02E5AB92FD6C816B 316928 ----a-w- C:\Windows\Sysnative\dxtrans.dll
2015-07-15 17:31:58 BB33A140CA61A22B5882486881E2191A 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll
2015-07-15 17:31:58 AF3D4DA49A9C9C9778953CE9D7470C11 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll
2015-07-15 17:31:57 58243D92748201D38AACDAEA22527412 2125824 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2015-07-15 17:31:56 B5164F4515C4BC4F45FBF5B3A99685C0 584192 ----a-w- C:\Windows\Sysnative\vbscript.dll
2015-07-15 17:31:55 9B9D2B99A865CB3B9BAA9BE77A300680 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2015-07-15 17:31:55 142D20CA55870589B009D53C37C0B75C 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2015-07-15 17:31:53 4024752E6B341B07F3823B7DA72C45D2 490496 ----a-w- C:\Windows\Sysnative\dxtmsft.dll
2015-07-15 17:31:52 F30702F2607AEE462A6AB8715E72FC03 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll
2015-07-15 17:31:52 74F367C596EEF3106EBC65625F04C807 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2015-07-15 17:31:51 796A89701B2560FF453FF08FF941A169 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2015-07-15 17:31:50 E066FDC3A2074D926903B8C31EF3B347 2427392 ----a-w- C:\Windows\Sysnative\wininet.dll
2015-07-15 17:31:50 88E26FC9F8BDE0635F379BB8FE6BFFF1 417792 ----a-w- C:\Windows\Sysnative\html.iec
2015-07-15 17:31:49 C95EE658B7816B3588418E948EF55F83 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll
2015-07-15 17:31:49 8DA3623D372E5147914973383D998980 199680 ----a-w- C:\Windows\Sysnative\msrating.dll
2015-07-15 17:29:11 823BAE27CBF54C1E3E0CD964909A253E 7077376 ----a-w- C:\Windows\Sysnative\mstscax.dll
2015-07-15 17:29:11 673CF0DA2BE5D86282FC7C5BE3172470 429568 ----a-w- C:\Windows\Sysnative\wksprt.exe
2015-07-15 17:29:05 18B16B510258DEBE6121CA25CFCD2AE8 1057792 ----a-w- C:\Windows\Sysnative\rdvidcrl.dll
2015-07-15 17:29:05 04A5640833EE276AA4E8C71EB56613AF 62976 ----a-w- C:\Windows\Sysnative\tsgqec.dll
2015-07-15 17:29:01 E3EB94B45A2735D4559558B5899732E8 2087424 ----a-w- C:\Windows\Sysnative\ole32.dll
2015-07-15 17:28:52 7BC3E861F7E8EB543A630090FAE779E0 188416 ----a-w- C:\Windows\Sysnative\cryptsvc.dll
2015-07-15 17:28:52 71187FA11F58012C188453877E16EB8B 1480192 ----a-w- C:\Windows\Sysnative\crypt32.dll
2015-07-15 17:28:51 C5752F5CE47B6B00F914AE91087C0CB4 229376 ----a-w- C:\Windows\Sysnative\wintrust.dll
2015-07-15 17:28:51 7EE0A3B9E904AF4744E4D8F00CB5CA32 140288 ----a-w- C:\Windows\Sysnative\cryptnet.dll
2015-07-15 17:28:30 F66102F990EE913261ED7907403718ED 729088 ----a-w- C:\Windows\Sysnative\kerberos.dll
2015-07-15 17:28:30 A66FF313F2F8A6CBF9BB2B0CC92D5ACD 1216512 ----a-w- C:\Windows\Sysnative\rpcrt4.dll
2015-07-15 17:28:30 750C44D6F7A708F0C6618F075A0A68A7 315392 ----a-w- C:\Windows\Sysnative\msv1_0.dll
2015-07-15 17:28:29 E8560BC8E1B85A5A081AEF43626187B1 44032 ----a-w- C:\Windows\Sysnative\cryptbase.dll
2015-07-15 17:28:29 D5844B744F7BAF826965DD634FF8DB00 1461760 ----a-w- C:\Windows\Sysnative\lsasrv.dll
2015-07-15 17:28:29 9F2CCDE3F30C224C082984B6F95D3D95 309760 ----a-w- C:\Windows\Sysnative\ncrypt.dll
2015-07-15 17:28:29 9EA6DA45B95599C27B1661C1D99307D7 342016 ----a-w- C:\Windows\Sysnative\schannel.dll
2015-07-15 17:28:29 3B96392CBE54FF44BEAEB0B4BCC65487 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll
2015-07-15 17:28:29 09730D830B2B69B626817F4A95945308 210944 ----a-w- C:\Windows\Sysnative\wdigest.dll
2015-07-15 17:28:28 F01A58E45BB8E28CCE6BCF272FF0F9A8 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe
2015-07-15 17:28:28 C3F6A9A41CC8591EF0370708E54DE474 28160 ----a-w- C:\Windows\Sysnative\secur32.dll
2015-07-15 17:28:28 C3F0594AF92FE71B13A44177FDB80784 29184 ----a-w- C:\Windows\Sysnative\sspisrv.dll
2015-07-15 17:28:28 B1D191D0EDEB86197A5FD5030B65420F 22016 ----a-w- C:\Windows\Sysnative\credssp.dll
2015-07-15 17:28:28 97D879A884E7CDFED51AD63348A35254 31232 ----a-w- C:\Windows\Sysnative\lsass.exe
2015-07-15 17:28:28 7C26CACB82ECA09874B984B155B06AD4 686080 ----a-w- C:\Windows\Sysnative\adtschema.dll
2015-07-15 17:28:28 48A88348F1539CC7C8CB4E032DD79DAA 136192 ----a-w- C:\Windows\Sysnative\sspicli.dll
2015-07-15 17:28:27 EEB192537935BB12A998CAB8F5A07E78 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll
2015-07-15 17:28:27 55750A7588D91B102EB17E69BFF2AAF1 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll
2015-07-15 17:28:07 D9A91A779B5059E72D7FAD2B38275EA4 3242496 ----a-w- C:\Windows\Sysnative\msi.dll
2015-07-15 17:28:06 5489E74E56C0255159C8AE2C70744458 1941504 ----a-w- C:\Windows\Sysnative\authui.dll
2015-07-15 17:28:05 CDAD406033C31DB34185DDAECDD35FE2 504320 ----a-w- C:\Windows\Sysnative\msihnd.dll
2015-07-15 17:28:05 978DC0A1FBE9CC91B21B40AF66CB396A 70656 ----a-w- C:\Windows\Sysnative\appinfo.dll
2015-07-15 17:28:05 81CB8D34112178CE1826C86BA5F268C3 128000 ----a-w- C:\Windows\Sysnative\msiexec.exe
2015-07-15 17:28:05 0D9514850CC3A99A6600643F2888858B 112064 ----a-w- C:\Windows\Sysnative\consent.exe
2015-07-15 17:28:04 91593D4FB7D89249014564A5F3EC389B 25088 ----a-w- C:\Windows\Sysnative\msimsg.dll
2015-07-15 17:27:51 782C216AFEE0561680706698F70B2A93 1085440 ----a-w- C:\Windows\Sysnative\appraiser.dll
2015-07-15 17:27:51 5D507961F680D0A0392CC5EB6515E70A 726528 ----a-w- C:\Windows\Sysnative\generaltel.dll
2015-07-15 17:27:50 D236055773550118989C0C81CBE79A29 765440 ----a-w- C:\Windows\Sysnative\invagent.dll
2015-07-15 17:27:50 474EA5201E3883F747D540D3EF57C1F2 1145856 ----a-w- C:\Windows\Sysnative\aeinv.dll
2015-07-15 17:27:49 BBA5CB528CB7482E118D0FEAF808987A 17856 ----a-w- C:\Windows\Sysnative\CompatTelRunner.exe
2015-07-15 17:27:49 658B5EC540CD94D76889D0E8390B1C04 433664 ----a-w- C:\Windows\Sysnative\devinv.dll
2015-07-15 17:27:49 5663847B3DCC8382B1D1F1EEB4A92994 227328 ----a-w- C:\Windows\Sysnative\aepdu.dll
2015-07-15 17:27:49 0919F433ED64E6CD1912C016F1E80BE7 67584 ----a-w- C:\Windows\Sysnative\acmigration.dll
2015-07-15 17:27:47 690FE1D790C8C7E94EAA55B669BC5CE0 46080 ----a-w- C:\Windows\Sysnative\atmlib.dll
2015-07-15 17:27:47 44F32DF903B984B4C6A164E99A39FC58 372224 ----a-w- C:\Windows\Sysnative\atmfd.dll
2015-07-15 17:27:47 373CB9C184589E3BE07412DFD5DF3D4F 41984 ----a-w- C:\Windows\Sysnative\lpk.dll
2015-07-15 17:27:46 AE7E9E9581E2B874348A0DF38AD04722 100864 ----a-w- C:\Windows\Sysnative\fontsub.dll
2015-07-15 17:27:46 2C4AD63E4D89661C9FED77E81053735D 14336 ----a-w- C:\Windows\Sysnative\dciman32.dll
====== C:\Windows\Sysnative\drivers =====
2015-07-15 17:28:30 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-07-15 17:28:29 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys
2015-07-15 17:28:29 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-07-15 17:28:29 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-07-15 17:28:29 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys
====== C:\Windows\Tasks ======
2015-06-22 11:41:02 1B1E182FB80EA6EF2B8615E9482BE34D 3298 ----a-w- C:\Windows\Sysnative\Tasks\{AB219553-DC2B-42F7-AA84-3F5B84927EB0}
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Bernardus\AppData\Roaming ======
====== C:\Users\Bernardus ======
2015-06-22 12:05:04 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2015-07-16 17:20:32 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bernardus\Contacts\Downloads\RSITx64.exe
2015-07-16 17:04:42 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62JQYWHK\RSITx64.exe
2015-07-16 16:56:16 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
2015-07-16 16:56:16 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
2015-07-16 16:56:16 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
2015-07-16 16:56:14 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 16:56:04 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
2015-07-16 16:56:04 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
2015-07-16 16:56:04 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
2015-07-16 16:56:03 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
2015-07-16 16:55:59 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\Install\{5303DA76-4A32-469E-BBCE-AFD5B493E3E2}\GoogleUpdateSetup.exe
2015-07-16 16:55:57 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 06:37:44 621FC2FCBB852684C1F1106E28CCC84F 438784 ----a-w- C:\Windows\SysWOW64\GWX\GWX.exe
2015-07-16 06:37:44 1608E63BD26C74BEBB31BCAFDFC96BD6 343040 ----a-w- C:\Windows\System32\GWX\GWXDetector.exe
2015-07-16 06:37:43 B3DBD6A2286BA43018F58349E51EC8B1 691712 ----a-w- C:\Windows\System32\GWX\GWXConfigManager.exe
2015-07-16 06:37:43 7B375C10CACC2FEBEC978D023ADBAB9C 513024 ----a-w- C:\Windows\System32\GWX\GWX.exe
2015-07-16 06:37:43 6008147E0BDAC5C23A0A314E96783F72 413696 ----a-w- C:\Windows\System32\GWX\GWXUX.exe
2015-07-16 06:37:43 0A31B851379818A8ECF1F7643FFA3F5A 382768 ----a-w- C:\Windows\System32\GWX\GWXUXWorker.exe
2015-07-16 06:29:22 93EE27EEA252951660682E891B72D7F5 88392 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
2015-07-16 06:29:21 D7E523E6F4C911EDFF6A8325ACAEE56C 88392 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
2015-07-16 06:29:21 81A1D591D429FF81D443A993B9B91301 88392 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
2015-07-16 06:29:14 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 06:28:26 FC8EE235C4F75C96907C25EF1349CB81 130888 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
2015-07-16 06:28:25 C6FF00DA1605982E616C03BE809FFE2D 144200 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleUpdate.exe
2015-07-16 06:28:25 92D840650F95EB60659952AEECAFCE85 305992 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
2015-07-16 06:28:25 54FB3B0B29F76E839C648D2F5983A22C 245576 ----atw- C:\Users\Bernardus\AppData\Local\Google\Update\1.3.28.1\GoogleCrashHandler.exe
2015-07-16 06:28:04 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\Install\{A54F2143-216F-4FA7-B886-0A1CF91F30C3}\GoogleUpdateSetup.exe
2015-07-16 06:28:03 C42B77A66A4B794A56DFCD2FBEA5AD01 931408 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
2015-07-15 17:32:31 3F9239D5F65F1318A53EBAEC01C092F1 139776 ----a-w- C:\Windows\System32\wuauclt.exe
2015-07-15 17:32:31 3EDB01024BA86C5B4D2CB307DC5D3AC0 37376 ----a-w- C:\Windows\System32\wuapp.exe
2015-07-15 17:32:31 13810657EE732C2F5453C0C877FD5DB2 34816 ----a-w- C:\Windows\SysWOW64\wuapp.exe
2015-07-15 17:32:17 26492D0AE6279B60A3801EDBE3CB794C 473600 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2015-07-15 17:32:15 3698C298719803F6502612D651A852B2 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe
2015-07-15 17:32:06 50AAC6B4AFD93060456134A29C35FB1E 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2015-07-15 17:32:05 8EA2ED812E996D95DE37CD2CE3158C2C 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2015-07-15 17:32:05 44D98BF1ED7B520602A55446E28D8840 720384 ----a-w- C:\Windows\System32\ie4uinit.exe
2015-07-15 17:32:02 C899B9E60D663BE24B35EFBC29192A7C 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe
2015-07-15 17:32:01 A7B6589F92C9CB498CDBA42EBEB23EE4 815312 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe
2015-07-15 17:32:00 E475D4B65088F4F7FABF7D427CD3D30E 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 17:32:00 80E899C111219316B94BBA72FAFF7D11 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2015-07-15 17:31:56 D295049B06D31020A88B170445123D33 814280 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe
2015-07-15 17:31:55 142D20CA55870589B009D53C37C0B75C 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2015-07-15 17:29:11 673CF0DA2BE5D86282FC7C5BE3172470 429568 ----a-w- C:\Windows\System32\wksprt.exe
2015-07-15 17:28:28 F01A58E45BB8E28CCE6BCF272FF0F9A8 64000 ----a-w- C:\Windows\System32\auditpol.exe
2015-07-15 17:28:28 97D879A884E7CDFED51AD63348A35254 31232 ----a-w- C:\Windows\System32\lsass.exe
2015-07-15 17:28:28 2B4A31319D74B3D3407AB64942B7FF32 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe
2015-07-15 17:28:05 F61A069A5517F85662ED9A6C5AD5445A 73216 ----a-w- C:\Windows\SysWOW64\msiexec.exe
2015-07-15 17:28:05 81CB8D34112178CE1826C86BA5F268C3 128000 ----a-w- C:\Windows\System32\msiexec.exe
2015-07-15 17:28:05 0D9514850CC3A99A6600643F2888858B 112064 ----a-w- C:\Windows\System32\consent.exe
2015-07-15 17:27:49 BBA5CB528CB7482E118D0FEAF808987A 17856 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2015-07-15 16:58:51 F3D19B026E09B8150D9FF40D537C8F2A 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmid.exe
2015-07-15 16:58:51 EF442149A0502661D49628A66A69F33C 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\policytool.exe
2015-07-15 16:58:51 D50189686D9D144CB4EC807652640FC0 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ktab.exe
2015-07-15 16:58:51 C4B3393396204E759E6EDFF92A9CAA50 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\tnameserv.exe
2015-07-15 16:58:51 8B09EF707CE0895D5478300CC2CE90DB 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\rmiregistry.exe
2015-07-15 16:58:51 8516D08420A7AB22A9B722FAF631E320 50784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssvagent.exe
2015-07-15 16:58:51 76BD4372DD5C5A316F64D562C2404BF8 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\orbd.exe
2015-07-15 16:58:51 5E1561548895218973EB5C833D96BD60 159328 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\unpack200.exe
2015-07-15 16:58:51 56C175D9B0D7EE7D1DA92B8D8A12772A 15968 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\servertool.exe
2015-07-15 16:58:51 46AD9258E9B6EA56AFC8723CEFDF8425 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\pack200.exe
2015-07-15 16:58:50 BC66611222047778694C7650B7814978 68192 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javacpl.exe
2015-07-15 16:58:50 B5AA17A9ACE57080909B9CB47CD74C39 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\kinit.exe
2015-07-15 16:58:50 A4D1AC4078F1A819ECECC546F64907A1 190560 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java.exe
2015-07-15 16:58:50 9A474C07C5242EF2AE12FF6BF387F334 273504 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaws.exe
2015-07-15 16:58:50 6790CB3F51E280A2A3EEAA3C5BD58EFF 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\keytool.exe
2015-07-15 16:58:50 547F9D4CB6FAAC8E941F1689D5555CDB 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jjs.exe
2015-07-15 16:58:50 4E022C0940633A9538892CB26B65BD0D 191584 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\javaw.exe
2015-07-15 16:58:50 235015745A6A6FE26BCDA8F227C9132B 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\klist.exe
2015-07-15 16:58:50 0CFCEE90C8711D4DEAD9EC7046918A45 77920 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2launcher.exe
2015-07-15 16:58:49 F52607E7F53DA8FE1C4A3C1F11CE2AE7 15456 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\java-rmi.exe
2015-07-15 16:58:49 E7ABC6445E6A2F1EDE5F8BB082ECEEA1 30304 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\bin\jabswitch.exe
2015-07-15 16:58:15 F327703F5351BB4A512E8CE9F66ABB9F 563808 ----a-w- C:\Users\Bernardus\AppData\Local\Temp\jre-8u51-windows-au.exe
2015-07-14 16:44:31 E06EB83F9B05760B54FAEA13063C5833 1080912 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\Install\{1C16AA6E-3943-426D-95CC-4462FD44EECE}\43.0.2357.134_43.0.2357.132_chrome_updater.exe
2015-07-14 16:44:31 E06EB83F9B05760B54FAEA13063C5833 1080912 ----a-w- C:\Users\Bernardus\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.134\43.0.2357.134_43.0.2357.132_chrome_updater.exe
=== C: other files ==
2015-07-15 17:32:23 C4EA3D63E8BF077ECD1E93BF6556AE99 3207168 ----a-w- C:\Windows\System32\win32k.sys
2015-07-15 17:28:30 21AF322605D8C7F2A627C22634D1C9C9 290816 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2015-07-15 17:28:29 C0A6C3D6E02B61B5D100FE17306C276F 95680 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2015-07-15 17:28:29 7A7328E427694CC7244235C3BC299F80 155584 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2015-07-15 17:28:29 45A03A0B6461EFBEE77E0A6AC2816EDA 129024 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2015-07-15 17:28:29 1877EB1495CFBDAB27D6A32F6DDF3818 159232 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2015-07-15 16:58:52 5F7B14A65C88D4AEB0E3DF49C6A0941F 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_51\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1615721754-973694573-1832378917-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"HPCam_Menu"="c:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe c:\Program Files (x86)\Hewlett-Packard\Media\Webcam UpdateWithCreateOnce Software\Hewlett-Packard\Media\Webcam"
"UpdatePRCShortCut"="C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Hewlett-Packard\Recovery UpdateWithCreateOnce Software\CyberLink\PowerRecover"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"Google Update"="C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPADVISOR"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QlbCtrl.exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QlbCtrl.exe"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SmartMenu]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SmartMenu"
"hkey"="HKLM"
"command"="C:\\Program Files\\Hewlett-Packard\\HP MediaSmart\\SmartMenu.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk"
"backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\Hp\\DIGITA~1\\bin\\hpqtra08.exe "
"item"="HP Digital Imaging Monitor"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-07-2015 21:02]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 12:43]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19-10-2014 12:43]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core.job --a------ C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [13-09-2012 20:45]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA.job --a------ C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe [13-09-2012 20:45]
C:\Windows\tasks\HPCeeScheduleForBernardus.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [07-10-2009 05:22]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CapSchedInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe]
"C:\Windows\SysNative\tasks\CapSvcInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe]
"C:\Windows\SysNative\tasks\CapUninst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000Core" [C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1615721754-973694573-1832378917-1000UA" [C:\Users\Bernardus\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForBernardus" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\TVAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe]
"C:\Windows\SysNative\tasks\{669B02A7-B98D-46F0-A5B2-4AA307623D79}" [C:\Users\Bernardus\Downloads\Scrabble Deluxe NL\scrabbledownload.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade" [C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\Mozilla\Firefox\Profiles\rdot3j7h.default
user_pref("browser.search.defaulturl", "");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [20-04-2013 21:04]

==== Firefox Extensions ======================

ProfilePath: C:\Users\BERNAR~1\AppData\Roaming\TomTom\HOME\Profiles\f7e2f2p1.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.010.9369@tomtom.com

==== Firefox Plugins ======================

==== Chromium Look ======================

Google Wallet - Bernardus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
"Start Page Restore"="http://www.startpagina.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
"Start Page Restore"="http://www.startpagina.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7SUNC_nl"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge´mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Geïmporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Microsoft\Windows\Temporary I 77d\Low\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Low\Temporary I 654\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows Live Mail\Storage Folders\Ge?mporteer 7a0\AppData\Local\Temp\Temporary I c4b\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K2ZRQKM will be deleted at reboot
C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62JQYWHK will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Bernardus\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=12 folders=8 350578 bytes)

==== Empty Temp Folders ======================

C:\Users\Bernardus\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\BERNAR~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K2ZRQKM" not found
"C:\Users\Bernardus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62JQYWHK" deleted

==== EOF on do 16-07-2015 at 21:44:10,14 ======================

[kape]

Download AdwCleaner by Xplode naar het bureaublad (verwijder eerst eventuele aanwezige oudere versies van deze tool op je PC, zodat je nu de meest recente database van AdwCleaner kan gebruiken).

Als de link naar AdwCleaner niet werkt, probeer dan deze link.
De download start automatisch na enkele seconden.

• Sluit alle openstaande vensters.
• Dubbelklik op AdwCleaner om hem te starten.
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren,
• Door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
• Klik op Scan.
• Klik vervolgens op Clean.
• Klik bij Herstarten Noodzakelijk op OK
  

Nadat de PC opnieuw is opgestart, opent meestal een logfile.
Anders is het hier terug te vinden C:\AdwCleaner\AdwCleaner[s0].txt.

Logbestand plaatsen

• Voeg het logbestand met de naam C:\AdwCleaner\AdwCleaner[s0].txt als bijlage toe aan het volgende bericht.
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

[bernard]

Hier heb ik even een probleem , want ik blijf maar wachten maar er gebeurt niets .

 

Moet ik na dat ik op scannen heb gedrukt  ook op verwijderen klikken , of moet ik echt nog langer wachten ?

Met bijlage van scherm waar ik naar kijk

[bernard]

Dit is het probleem

[jopke]

Hallo Bernard,ge moet gewoon op verwijderen klikken en dan herstarten en dan komt het logje dat kape vraagt.

Groetjes,Jopke

[bernard]

# AdwCleaner v4.208 - Logbestand aangemaakt 17/07/2015 op 11:06:16
# Laatste update 09/07/2015 door Xplode
# Database : 2015-07-15.1 [server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Bernardus - BERNARDUS-PC
# Gestart vanuit : C:\Users\Bernardus\Contacts\Downloads\adwcleaner_4.208.exe
# Optie : Verwijderen

***** [ Services ] *****

***** [ Bestanden / Mappen ] *****

Map Verwijderd : C:\Users\BERNAR~1\AppData\Local\Temp\Uniblue
Bestand Verwijderd : C:\Users\Bernardus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_incfcgceegpikennjoplhfghaaikdgei_0.localstorage

***** [ Geplande taken ] *****

Taak Verwijderd : LaunchPreSignup

***** [ Snelkoppelingen ] *****

***** [ Register ] *****

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\pc-mechanic
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8AADC8B2-562B-407B-88B3-916140226CBC}
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}
Sleutel Verwijderd : HKLM\SOFTWARE\Uniblue
Sleutel Verwijderd : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Gegevens Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Webbrowsers ] *****

-\\ Internet Explorer v11.0.9600.17909

-\\ Mozilla Firefox v

-\\ Google Chrome v

-\\ Opera v0.0.0.0

*************************

AdwCleaner[R0].txt - [2011 bytes] - [17/07/2015 08:06:42]
AdwCleaner[R1].txt - [2070 bytes] - [17/07/2015 11:05:26]
AdwCleaner[s0].txt - [2011 bytes] - [17/07/2015 11:06:16]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2070  bytes] ##########