waarschijnlijk virus op mijn pc

moederjeanne · 19 december 2015

Beste ,

sinds een week zit mijn pc veel vast als ik hem dat heropstart is het probleem even weg

soms als ik een map wil openen sluit hij hem , doet hele rare dingen

19 december 2015 aangepast door Passer

Passer · 19 december 2015

Moederjeanne,

'k heb even je HJ-logje gewist omdat de mensen die logjes ontleden méér zijn met een Rsit-logje (en je oud HJ-logje staat er dan toch maar te staan)

Maak je zo eens een Rsit-logje (zie hieronder) - en als het er staat worden de mensen verwittigd en komen ze wel eens langs.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

RSIT 32 bit (RSIT.exe)
RSIT 64 bit (RSITx64.exe)

Dubbelklik op RSIT.exe om de tool te starten.

Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .

RSIT Logbestanden plaatsen

Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\rsit")
Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

Bekijk ook de

. 19 december 2015 aangepast door Passer

moederjeanne · 19 december 2015

Logfile of random's system information tool 1.10 (written by random/random)

Run by moederjeanne at 2015-12-19 11:21:53

Microsoft Windows 10 Home

System drive C: has 600 GB (64%) free of 936 GB

Total RAM: 15813 MB (87% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 11:21:56, on 19-12-2015

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v11.0 (11.00.10240.16603)

Boot mode: Normal

Running processes:

C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe

C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\trend micro\moederjeanne.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={6AD30996-7856-4F05-9FA0-3B6D9392455F}&mid=a0f7a049bf0b47d2a1e2e12caacd3db6-305099513131e3e91d57094a037dd94ea90d0535〈=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:08:34&v=4.2.4.155&pid=wtu&sg=&sap=hp

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly

O4 - HKCU\..\Run: [OneDrive] "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

O4 - HKCU\..\RunOnce: [uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"

O4 - HKLM\..\Policies\Explorer\Run: [btvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)

O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagent.exe

O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing)

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, Inc. - C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - Unknown owner - C:\Windows\system32\mfevtps.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)

O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\System32\ngcsvc.dll,-100 (NgcSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)

O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--

End of file - 11235 bytes

======Listing Processes======

c:\PROGRA~2\AVG\Av\avgrsa.exe /boot

C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-53ac-cf6706ebcd60 /binaryPath="C:\Program Files (x86)\AVG\Av\\"

winlogon.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

"dwm.exe"

C:\WINDOWS\system32\svchost.exe -k netsvcs

"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\atiesrxx.exe

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation

atieclxx

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\System32\spoolsv.exe

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe" /launchService

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"

"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"

"C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe"

"C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service

"C:\Program Files\Bonjour\mDNSResponder.exe"

"C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service

C:\WINDOWS\System32\svchost.exe -k utcsvc

"C:\Program Files\Elantech\ETDService.exe"

dashost.exe {d006d19c-7cca-4a86-a344025b5d989525}

"C:\Windows\system32\mfevtps.exe"

"C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe"

"C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe"

C:\WINDOWS\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe"

C:\WINDOWS\system32\svchost.exe -k appmodel

"C:\Program Files (x86)\AVG\Av\avgnsa.exe"

"C:\Program Files (x86)\AVG\Av\avgemca.exe"

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}

sihost.exe

C:\WINDOWS\Explorer.EXE

"C:\Program Files\Elantech\ETDCtrl.exe"

C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files\Elantech\ETDCtrlHelper.exe"

C:\WINDOWS\system32\SettingSyncHost.exe -Embedding

C:\WINDOWS\system32\SearchIndexer.exe /Embedding

"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca

"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

"C:\Program Files\iTunes\iTunesHelper.exe"

"C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

"C:\Program Files (x86)\AVG\Framework\Common\avguix.exe" /fmw.trayonly

"C:\Program Files\iPod\bin\iPodService.exe"

"C:\Program Files (x86)\Nero\Update\NASvc.exe"

C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="6372.0.1090146018\46870288" --supports-dual-gpus=false --gpu-driver-bug-workarounds=2,23,51 --gpu-vendor-id=0x1002 --gpu-device-id=0x9830 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=15.201.1151.1008 --ignored=" --type=renderer " /prefetch:822062411

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --extension-process --enable-webrtc-hw-h264-encoding --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.2.636081077\79300670" --font-cache-shared-handle=2804 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.4.63105887\1375210933" --font-cache-shared-handle=4800 /prefetch:673131151

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --lang=nl --force-fieldtrials=AffiliationBasedMatching/Enabled/AppBannerTriggering/Aggressive/*AsyncSetAsDefault/Enabled/AudioProcessing48kHzSupport/Default/*AutomaticTabDiscarding/Default/CaptivePortalInterstitial/Enabled/*ChildAccountDetection/Disabled/ChromeDashboard/Default/*ChromeSuggestions/Default/*ClientSideDetectionModel/Model0/*CrossDevicePromo/1DaySingleProfile/*DomRel-Enable/enable/EnableGoogleCachedCopyTextExperiment/Button/*EnhancedBookmarks/Default/*ExtensionContentVerification/Enforce/ExtensionDeveloperModeWarning/Enabled/*ExtensionInstallVerification/Enforce/InstanceID/Enabled/*IntelligentSessionRestore/Enabled2/*NetworkQualityEstimator/Enabled/*NewProfileManagement/Enabled/NewVideoRendererTrial/Enabled/*OmniboxBundledExperimentV1/Unused_2/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordLinkInSettings/Enabled/*PrerenderFromOmnibox/OmniboxPrerenderEnabled/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Disabled/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/Off/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingReportPhishingErrorLink/Enabled/SafeBrowsingSocialEngineeringStrings/Enabled/SafeBrowsingUnverifiedDownloads/DisableByParameterExe/*SafeBrowsingUpdateFrequency/Default/SessionRestoreBackgroundLoading/Restore/SlimmingPaint/EnableSlimmingPaint/SyncBackingDatabase32K/Enabled/*UMA-Dynamic-Binary-Uniformity-Trial/default/*UMA-Dynamic-Uniformity-Trial/Group3/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/group_02/*UMA-Uniformity-Trial-50-Percent/default/*UseDelayAgnosticAEC/DefaultEnabled/*VarationsServiceControl/Interval_30min/VoiceTrigger/Install/WebRTC-PeerConnectionDTLS1.2/Control/ --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553 --channel="6372.18.688391759\1744922408" --font-cache-shared-handle=5404 /prefetch:673131151

"C:\Users\moederjeanne\Desktop\map anti virussen\anti spam\RSITx64.exe"

C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12 2134656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12 1725056]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"ETDCtrl"=C:\Program Files\Elantech\ETDCtrl.exe [2015-10-10 3242696]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-06-24 13885696]

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2015-04-06 169768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"OneDrive"=C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-14 551112]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"=C:\WINDOWS\system32\cmd.exe [2015-07-10 232448]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [2015-11-04 767176]

"AVG_UI"=C:\Program Files (x86)\AVG\Av\avgui.exe [2015-12-09 3855272]

"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [2015-11-12 1136552]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"=C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"DSCAutomationHostEnabled"=2

"EnableLinkedConnections"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"midimapper"=midimap.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"msacm.msadpcm"=msadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"vidc.i420"=iyuv_32.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvu9"=tsbyuv.dll

"vidc.yvyu"=msyuv.dll

"wavemapper"=msacm32.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"VIDC.CFHD"=CFHD.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2015-12-19 11:21:53 ----D---- C:\rsit

2015-12-18 09:56:51 ----HD---- C:\OneDriveTemp

2015-12-17 12:47:12 ----D---- C:\AdwCleaner

2015-12-17 10:12:38 ----D---- C:\Program Files\ATI Technologies

2015-12-17 10:08:27 ----D---- C:\WINDOWS\LastGood.Tmp

2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\mantleaxl32.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\mantle32.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\hsa-thunk.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\SYSWOW64\detoured.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\mantleaxl64.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\mantle64.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\hsa-thunk64.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\detoured.dll

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\clinfo.exe

2015-12-17 10:07:32 ----A---- C:\WINDOWS\system32\atiumd64.dll

2015-12-17 10:07:31 ----A---- C:\WINDOWS\system32\atiu9p64.dll

2015-12-17 10:07:30 ----A---- C:\WINDOWS\system32\atitmm64.dll

2015-12-17 10:07:29 ----A---- C:\WINDOWS\system32\atisamu64.dll

2015-12-17 10:07:28 ----A---- C:\WINDOWS\SYSWOW64\atisamu32.dll

2015-12-17 10:07:26 ----A---- C:\WINDOWS\SYSWOW64\atioglxx.dll

2015-12-17 10:07:26 ----A---- C:\WINDOWS\system32\ATIODE.exe

2015-12-17 10:07:26 ----A---- C:\WINDOWS\system32\ATIODCLI.exe

2015-12-17 10:07:23 ----A---- C:\WINDOWS\system32\atio6axx.dll

2015-12-17 10:07:22 ----A---- C:\WINDOWS\SYSWOW64\atimpc32.dll

2015-12-17 10:07:22 ----A---- C:\WINDOWS\system32\atimuixx.dll

2015-12-17 10:07:22 ----A---- C:\WINDOWS\system32\atimpc64.dll

2015-12-17 10:07:18 ----A---- C:\WINDOWS\SYSWOW64\atiglpxx.dll

2015-12-17 10:07:18 ----A---- C:\WINDOWS\system32\atiglpxx.dll

2015-12-17 10:07:17 ----A---- C:\WINDOWS\system32\atig6pxx.dll

2015-12-17 10:07:16 ----A---- C:\WINDOWS\SYSWOW64\atieah32.exe

2015-12-17 10:07:16 ----A---- C:\WINDOWS\system32\atieah64.exe

2015-12-17 10:07:12 ----A---- C:\WINDOWS\system32\atidemgy.dll

2015-12-17 10:07:10 ----A---- C:\WINDOWS\SYSWOW64\aticalrt.dll

2015-12-17 10:07:10 ----A---- C:\WINDOWS\system32\aticalrt64.dll

2015-12-17 10:07:08 ----A---- C:\WINDOWS\system32\aticaldd64.dll

2015-12-17 10:07:06 ----A---- C:\WINDOWS\SYSWOW64\aticaldd.dll

2015-12-17 10:07:04 ----A---- C:\WINDOWS\system32\aticalcl64.dll

2015-12-17 10:07:03 ----A---- C:\WINDOWS\SYSWOW64\aticalcl.dll

2015-12-17 10:07:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxx.dll

2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\drivers\ati2erec.dll

2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\atiapfxx.exe

2015-12-17 10:07:01 ----A---- C:\WINDOWS\SYSWOW64\OpenCL.dll

2015-12-17 10:07:01 ----A---- C:\WINDOWS\system32\OpenCL.dll

2015-12-17 10:06:59 ----A---- C:\WINDOWS\system32\amdxc64.dll

2015-12-17 10:06:58 ----A---- C:\WINDOWS\SYSWOW64\amdxc32.dll

2015-12-17 10:06:58 ----A---- C:\WINDOWS\system32\amdpcom64.dll

2015-12-17 10:06:57 ----A---- C:\WINDOWS\SYSWOW64\amdpcom32.dll

2015-12-17 10:06:57 ----A---- C:\WINDOWS\system32\amdocl_ld64.exe

2015-12-17 10:06:56 ----A---- C:\WINDOWS\SYSWOW64\amdocl_ld32.exe

2015-12-17 10:06:56 ----A---- C:\WINDOWS\system32\amdocl_as64.exe

2015-12-17 10:06:55 ----A---- C:\WINDOWS\SYSWOW64\amdocl_as32.exe

2015-12-17 10:06:37 ----A---- C:\WINDOWS\system32\amdmmcl6.dll

2015-12-17 10:06:36 ----A---- C:\WINDOWS\SYSWOW64\amdmmcl.dll

2015-12-17 10:06:36 ----A---- C:\WINDOWS\system32\amdmiracast.dll

2015-12-17 10:06:35 ----A---- C:\WINDOWS\SYSWOW64\amdmantle32.dll

2015-12-17 10:06:35 ----A---- C:\WINDOWS\system32\amdmantle64.dll

2015-12-17 10:06:34 ----A---- C:\WINDOWS\SYSWOW64\amdlvr32.dll

2015-12-17 10:06:34 ----A---- C:\WINDOWS\system32\amdlvr64.dll

2015-12-17 10:06:31 ----A---- C:\WINDOWS\system32\amdhdl64.dll

2015-12-17 10:06:30 ----A---- C:\WINDOWS\SYSWOW64\amdhdl32.dll

2015-12-17 10:06:30 ----A---- C:\WINDOWS\system32\amdhcp64.dll

2015-12-17 10:06:28 ----A---- C:\WINDOWS\system32\amdgfxinfo64.dll

2015-12-17 10:06:27 ----A---- C:\WINDOWS\SYSWOW64\amdgfxinfo32.dll

2015-12-17 10:06:26 ----A---- C:\WINDOWS\system32\amdave64.dll

2015-12-17 10:06:25 ----A---- C:\WINDOWS\SYSWOW64\amdave32.dll

2015-12-10 20:38:23 ----D---- C:\Program Files\Common Files\AVG Secure Search

2015-12-09 20:58:01 ----A---- C:\WINDOWS\system32\edgehtml.dll

2015-12-09 20:57:59 ----A---- C:\WINDOWS\system32\mshtml.dll

2015-12-09 20:57:58 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll

2015-12-09 20:57:54 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll

2015-12-09 20:57:53 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll

2015-12-09 20:57:52 ----A---- C:\WINDOWS\system32\ieframe.dll

2015-12-09 20:57:51 ----A---- C:\WINDOWS\system32\win32kfull.sys

2015-12-09 20:57:51 ----A---- C:\WINDOWS\system32\win32kbase.sys

2015-12-09 20:57:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll

2015-12-09 20:57:49 ----A---- C:\WINDOWS\system32\iertutil.dll

2015-12-09 20:57:49 ----A---- C:\WINDOWS\system32\GdiPlus.dll

2015-12-09 20:57:47 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll

2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\SRHInproc.dll

2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll

2015-12-09 20:57:47 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Globalization.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\user32.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\SRHInproc.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\SYSWOW64\comsvcs.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\system32\Windows.Globalization.dll

2015-12-09 20:57:46 ----A---- C:\WINDOWS\system32\comsvcs.dll

2015-12-09 20:57:45 ----A---- C:\WINDOWS\system32\user32.dll

2015-12-09 20:57:43 ----A---- C:\WINDOWS\SYSWOW64\SRH.dll

2015-12-09 20:57:43 ----A---- C:\WINDOWS\SYSWOW64\Magnify.exe

2015-12-09 20:57:43 ----A---- C:\WINDOWS\system32\SRH.dll

2015-12-09 20:57:43 ----A---- C:\WINDOWS\system32\Magnify.exe

2015-12-09 20:57:42 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll

2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\ninput.dll

2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\duser.dll

2015-12-09 20:57:41 ----A---- C:\WINDOWS\system32\Chakra.dll

2015-12-09 20:57:40 ----A---- C:\WINDOWS\system32\ieui.dll

2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\ninput.dll

2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\ieui.dll

2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe

2015-12-09 20:57:39 ----A---- C:\WINDOWS\SYSWOW64\duser.dll

2015-12-09 20:57:38 ----A---- C:\WINDOWS\SYSWOW64\catsrvut.dll

2015-12-09 20:57:38 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys

2015-12-09 20:57:38 ----A---- C:\WINDOWS\system32\catsrvut.dll

2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\profsvc.dll

2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\dot3mm.dll

2015-12-09 20:57:37 ----A---- C:\WINDOWS\system32\DAMM.dll

2015-12-09 20:57:37 ----A---- C:\WINDOWS\explorer.exe

2015-12-09 20:57:36 ----A---- C:\WINDOWS\SYSWOW64\authui.dll

2015-12-09 20:57:36 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys

2015-12-09 20:57:36 ----A---- C:\WINDOWS\system32\authui.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\SYSWOW64\comdlg32.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\vbscript.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\RasMediaManager.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\ntdll.dll

2015-12-09 20:57:35 ----A---- C:\WINDOWS\system32\DAMediaManager.dll

2015-12-09 20:57:34 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll

2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\WlanMediaManager.dll

2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\NetworkUXBroker.exe

2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\MBMediaManager.dll

2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\EthernetMediaManager.dll

2015-12-09 20:57:34 ----A---- C:\WINDOWS\system32\comdlg32.dll

2015-12-09 20:57:33 ----A---- C:\WINDOWS\system32\drivers\hdaudbus.sys

2015-12-09 20:57:32 ----A---- C:\WINDOWS\SYSWOW64\userenv.dll

2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\userenv.dll

2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\shutdownux.dll

2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\psmsrv.dll

2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS

2015-12-09 20:57:32 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys

2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\kbdgeoqw.dll

2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\KBDAZEL.DLL

2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\KBDAZE.DLL

2015-12-09 20:57:31 ----A---- C:\WINDOWS\system32\drivers\gpuenergydrv.sys

2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\kbdgeoqw.dll

2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZST.DLL

2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZEL.DLL

2015-12-09 20:57:30 ----A---- C:\WINDOWS\SYSWOW64\KBDAZE.DLL

2015-12-09 20:57:30 ----A---- C:\WINDOWS\system32\KBDAZST.DLL

2015-12-09 20:57:29 ----A---- C:\WINDOWS\SYSWOW64\profext.dll

2015-12-09 20:57:29 ----A---- C:\WINDOWS\system32\profext.dll

2015-12-09 20:57:29 ----A---- C:\WINDOWS\system32\Chakradiag.dll

2015-12-09 20:57:26 ----A---- C:\WINDOWS\system32\jscript9.dll

2015-12-09 20:57:25 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll

2015-12-03 19:33:36 ----D---- C:\ProgramData\Avg_Update_1215av

2015-11-22 17:00:45 ----D---- C:\Program Files (x86)\VirtualDJ

======List of files/folders modified in the last 1 month======

2015-12-19 11:21:55 ----D---- C:\Program Files\trend micro

2015-12-19 11:18:48 ----D---- C:\WINDOWS\Temp

2015-12-19 11:13:48 ----D---- C:\WINDOWS\system32\sru

2015-12-19 11:11:59 ----D---- C:\WINDOWS\Prefetch

2015-12-19 11:09:59 ----D---- C:\WINDOWS\AppReadiness

2015-12-19 11:09:52 ----D---- C:\WINDOWS\System32

2015-12-19 10:40:55 ----HD---- C:\Program Files\WindowsApps

2015-12-19 10:34:23 ----D---- C:\WINDOWS\INF

2015-12-19 10:34:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2015-12-19 10:22:07 ----D---- C:\ProgramData\MFAData

2015-12-19 10:21:50 ----D---- C:\Users\moederjeanne\AppData\Roaming\Skype

2015-12-17 18:27:40 ----D---- C:\WINDOWS\Microsoft.NET

2015-12-17 18:27:11 ----D---- C:\WINDOWS\system32\config

2015-12-17 17:51:42 ----D---- C:\WINDOWS\debug

2015-12-17 13:19:50 ----D---- C:\Windows

2015-12-17 13:15:05 ----D---- C:\Program Files (x86)\Common Files

2015-12-17 13:15:04 ----HD---- C:\ProgramData

2015-12-17 12:52:33 ----D---- C:\Users\moederjeanne\AppData\Roaming\DAEMON Tools Lite

2015-12-17 12:52:30 ----D---- C:\Users\moederjeanne\AppData\Roaming\uTorrent

2015-12-17 12:51:19 ----DC---- C:\WINDOWS\Panther

2015-12-17 12:50:59 ----D---- C:\WINDOWS\Minidump

2015-12-17 12:49:09 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-12-17 12:48:54 ----D---- C:\WINDOWS\system32\drivers

2015-12-17 12:43:48 ----D---- C:\WINDOWS\SysWOW64

2015-12-17 10:57:24 ----SHD---- C:\System Volume Information

2015-12-17 10:50:09 ----D---- C:\WINDOWS\system32\DriverStore

2015-12-17 10:13:08 ----SHD---- C:\WINDOWS\Installer

2015-12-17 10:13:08 ----SHD---- C:\Config.Msi

2015-12-17 10:12:38 ----RD---- C:\Program Files

2015-12-17 10:12:02 ----D---- C:\Program Files (x86)\ATI Technologies

2015-12-17 10:11:49 ----D---- C:\ProgramData\AMD

2015-12-17 10:09:40 ----D---- C:\AMD

2015-12-17 10:07:40 ----A---- C:\WINDOWS\system32\coinst_15.20.dll

2015-12-17 10:07:38 ----A---- C:\WINDOWS\SYSWOW64\atiuxpag.dll

2015-12-17 10:07:38 ----A---- C:\WINDOWS\SYSWOW64\atiumdva.dll

2015-12-17 10:07:38 ----A---- C:\WINDOWS\system32\atiuxp64.dll

2015-12-17 10:07:37 ----A---- C:\WINDOWS\SYSWOW64\atiumdag.dll

2015-12-17 10:07:35 ----A---- C:\WINDOWS\system32\atiumd6a.dll

2015-12-17 10:07:32 ----A---- C:\WINDOWS\SYSWOW64\atiu9pag.dll

2015-12-17 10:07:18 ----A---- C:\WINDOWS\SYSWOW64\atigktxx.dll

2015-12-17 10:07:18 ----A---- C:\WINDOWS\system32\atig6txx.dll

2015-12-17 10:07:17 ----A---- C:\WINDOWS\system32\atiesrxx.exe

2015-12-17 10:07:16 ----A---- C:\WINDOWS\system32\atieclxx.exe

2015-12-17 10:07:15 ----A---- C:\WINDOWS\system32\atidxx64.dll

2015-12-17 10:07:13 ----A---- C:\WINDOWS\SYSWOW64\atidxx32.dll

2015-12-17 10:07:12 ----A---- C:\WINDOWS\system32\aticfx64.dll

2015-12-17 10:07:11 ----A---- C:\WINDOWS\SYSWOW64\aticfx32.dll

2015-12-17 10:07:02 ----A---- C:\WINDOWS\SYSWOW64\atiadlxy.dll

2015-12-17 10:07:02 ----A---- C:\WINDOWS\system32\atiadlxx.dll

2015-12-17 10:06:54 ----A---- C:\WINDOWS\system32\amdocl64.dll

2015-12-17 10:06:48 ----A---- C:\WINDOWS\system32\amdocl12cl64.dll

2015-12-17 10:06:43 ----A---- C:\WINDOWS\SYSWOW64\amdocl12cl.dll

2015-12-17 10:06:40 ----A---- C:\WINDOWS\SYSWOW64\amdocl.dll

2015-12-17 10:06:29 ----A---- C:\WINDOWS\SYSWOW64\amdhcp32.dll

2015-12-16 19:21:51 ----D---- C:\Program Files\AVG Web TuneUp

2015-12-16 19:21:45 ----D---- C:\Program Files (x86)\AVG Web TuneUp

2015-12-15 21:42:46 ----D---- C:\Users\moederjeanne\AppData\Roaming\vlc

2015-12-15 18:08:00 ----D---- C:\WINDOWS\WinSxS

2015-12-15 17:57:41 ----HD---- C:\$WINDOWS.~BT

2015-12-15 14:54:23 ----HD---- C:\$AVG

2015-12-14 21:26:14 ----RD---- C:\WINDOWS\assembly

2015-12-14 16:38:51 ----D---- C:\WINDOWS\Logs

2015-12-13 10:45:48 ----D---- C:\WINDOWS\system32\WDI

2015-12-13 10:42:19 ----RD---- C:\Users

2015-12-13 10:37:27 ----D---- C:\WINDOWS\system32\oobe

2015-12-13 10:37:20 ----RSD---- C:\WINDOWS\Fonts

2015-12-13 10:37:18 ----D---- C:\Program Files (x86)\Internet Explorer

2015-12-13 10:37:17 ----D---- C:\Program Files\Internet Explorer

2015-12-13 10:33:09 ----D---- C:\Program Files\Microsoft Silverlight

2015-12-13 10:33:08 ----D---- C:\Program Files (x86)\Microsoft Silverlight

2015-12-13 10:33:05 ----D---- C:\Program Files (x86)\AVG

2015-12-13 10:33:04 ----D---- C:\ProgramData\AVG2014

2015-12-10 20:38:23 ----D---- C:\Program Files\Common Files

2015-12-10 10:28:14 ----D---- C:\ProgramData\Microsoft Help

2015-12-10 10:26:53 ----D---- C:\WINDOWS\CbsTemp

2015-12-10 10:24:41 ----D---- C:\WINDOWS\system32\MRT

2015-12-10 09:28:16 ----A---- C:\WINDOWS\system32\MRT.exe

2015-12-09 20:50:44 ----D---- C:\WINDOWS\system32\catroot2

2015-12-08 18:54:03 ----D---- C:\Users\moederjeanne\AppData\Roaming\AVG

2015-12-08 18:51:32 ----HD---- C:\WINDOWS\ELAMBKUP

2015-12-08 18:50:28 ----D---- C:\ProgramData\AVG

2015-12-05 23:06:51 ----D---- C:\WINDOWS\system32\Tasks

2015-12-02 08:50:18 ----RD---- C:\Program Files (x86)

2015-12-02 08:50:16 ----D---- C:\WINDOWS\Tasks

2015-12-01 01:32:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe

2015-11-24 20:15:17 ----SD---- C:\Users\moederjeanne\AppData\Roaming\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\WINDOWS\system32\DRIVERS\avgidsha.sys [2015-08-20 298416]

R0 Avgloga;AVG Logging Driver; C:\WINDOWS\system32\DRIVERS\avgloga.sys [2015-08-14 398256]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\WINDOWS\system32\DRIVERS\avgmfx64.sys [2015-11-06 256432]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\WINDOWS\system32\DRIVERS\avgrkx64.sys [2015-08-10 42416]

R0 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2013-08-07 776168]

R0 mfewfpk;McAfee Inc. mfewfpk; C:\WINDOWS\system32\drivers\mfewfpk.sys [2013-08-07 343568]

R1 Avgdiska;AVG Disk Driver; C:\WINDOWS\system32\DRIVERS\avgdiska.sys [2015-11-06 184240]

R1 AVGIDSDriver;AVGIDSDriver; C:\WINDOWS\system32\DRIVERS\avgidsdrivera.sys [2015-11-06 313776]

R1 Avgldx64;AVG AVI Loader Driver; C:\WINDOWS\system32\DRIVERS\avgldx64.sys [2015-10-21 284080]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-12-08 52000]

R1 Avgwfpa;AVG Firewall Driver; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [2015-10-08 306608]

R1 dtsoftbus01;@oem2.inf,%DTSoftBus.SVCDESC%;DAEMON Tools Virtual Bus Driver; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2014-07-07 283064]

R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2015-07-10 83968]

R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-01 8192]

R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2015-07-10 48128]

R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2015-07-10 61952]

R3 amdkmdag;amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [2015-12-17 21648880]

R3 amdkmdap;amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [2015-12-17 674288]

R3 athr;@oem7.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athwbx.sys [2013-08-16 3859968]

R3 AtiHDAudioService;@oem23.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2015-05-28 102912]

R3 BTATH_BUS;@oem9.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys [2013-09-07 34384]

R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [2015-03-09 599240]

R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;USB-stuurprogramma voor Bluetooth-radio; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2015-07-10 84992]

R3 ETD;@oem18.inf,%PS2.DeviceDesc%;ELAN Input Device; C:\WINDOWS\system32\DRIVERS\ETD.sys [2015-10-10 525512]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2012-10-03 33240]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-24 4504320]

R3 L1C;@netl1c63x64.inf,%L1C.Service.DispName%;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller; C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-07-10 129224]

R3 MBAMProtector;MBAMProtector; \??\C:\WINDOWS\system32\drivers\mbam.sys [2015-10-05 25816]

R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2013-08-07 310224]

R3 mfefirek;McAfee Inc. mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [2013-08-07 519064]

S0 Avgboota;AVG Early Launch Anti-Malware Driver; C:\WINDOWS\system32\DRIVERS\avgboota.sys [2015-09-09 23152]

S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-07-10 104800]

S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-07-10 99168]

S0 mfeelamk;McAfee Inc. mfeelamk; C:\WINDOWS\system32\drivers\mfeelamk.sys [2013-08-07 69264]

S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2015-07-10 58208]

S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2015-07-10 58720]

S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2015-07-10 40288]

S2 APXACC;@oem13.inf,%APPEX_ACC_SERVICE_NAME%;AppEx Networks Accelerator LWF; C:\WINDOWS\system32\DRIVERS\appexDrv.sys [2013-04-18 219360]

S3 BthA2DP;@wdma_bt.inf,%BthA2DP.SvcDesc%;Bluetooth-stereo; C:\WINDOWS\system32\drivers\BthA2DP.sys [2015-07-10 165376]

S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator-service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2015-07-10 105984]

S3 BthLEEnum;@bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy-stuurprogramma; C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys [2015-07-10 237568]

S3 BthPan;@bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network); C:\WINDOWS\System32\drivers\bthpan.sys [2015-07-10 128512]

S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Stuurprogramma voor Bluetooth-poort; C:\WINDOWS\System32\Drivers\BTHport.sys [2015-09-17 929280]

S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-09-17 36352]

S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2015-07-10 116736]

S3 cfwids;McAfee Inc. cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [2013-08-07 70112]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]

S3 fcvsc;fcvsc; C:\WINDOWS\System32\drivers\fcvsc.sys [2015-07-10 31232]

S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-07-10 20992]

S3 hidinterrupt;@hidinterrupt.inf,%HID.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-07-10 50016]

S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2015-07-10 424800]

S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\WINDOWS\system32\drivers\ioqos.sys [2015-07-10 26624]

S3 LMDriver;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys [2013-07-17 21360]

S3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [2015-12-17 192216]

S3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\WINDOWS\system32\drivers\mwac.sys [2015-10-05 64216]

S3 mfeapfk;McAfee Inc. mfeapfk; C:\WINDOWS\system32\drivers\mfeapfk.sys [2013-08-07 179664]

S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-07-10 705376]

S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2015-07-10 76128]

S3 RadioShim;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys [2013-07-17 14680]

S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2015-09-06 934752]

S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys [2015-07-10 167936]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]

S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver; C:\WINDOWS\system32\DRIVERS\gtkdrv.sys [2015-01-27 17568]

S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2015-07-10 61952]

S3 UcmUcsi;@ucmucsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-09-06 46080]

S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2015-07-10 44032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-10-28 82128]

R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2015-12-17 255472]

R2 AMD FUEL Service;AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-04 351944]

R2 Apple Mobile Device Service;Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-01-19 77128]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-12-09 3857272]

R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2015-11-12 1046952]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-12-09 579776]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184]

R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2015-10-12 1433216]

R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2015-10-12 1773696]

R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

R2 ETDService;Elan Service; C:\Program Files\Elantech\ETDService.exe [2015-10-10 144072]

R2 mfefire;McAfee Firewall Core Service; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [2013-08-07 219272]

R2 mfevtp;McAfee Validation Trust Protection Service; C:\Windows\system32\mfevtps.exe [2013-08-07 182752]

R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-07-14 769432]

R2 OneSyncSvc_Session1;Host synchroniseren_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-08-14 39056]

R2 TeamViewer9;TeamViewer 9; C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-09-12 4799760]

R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2015-04-06 643880]

R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

R3 PimIndexMaintenanceSvc_Session1;Contact Data_Session1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848]

S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-10-05 1135416]

S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 OneSyncSvc_Session11;Host synchroniseren_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 OneSyncSvc_Session2;Host synchroniseren_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 OneSyncSvc_Session4;Host synchroniseren_Session4; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 OneSyncSvc_Session8;Host synchroniseren_Session8; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]

S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-12-09 615584]

S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-07-10 27136]

S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-06-17 43696]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-24 107848]

S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]

S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\lsass.exe [2015-07-10 56344]

S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 PimIndexMaintenanceSvc_Session11;Contact Data_Session11; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 PimIndexMaintenanceSvc_Session2;Contact Data_Session2; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 PimIndexMaintenanceSvc_Session4;Contact Data_Session4; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 PimIndexMaintenanceSvc_Session8;Contact Data_Session8; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2015-07-10 39856]

S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2015-09-06 1031680]

S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2015-07-10 39856]

-----------------EOF-----------------

kweezie wabbit · 19 december 2015

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
Dubbelklik op Zoek.exe om de tool te starten.
Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\Program Files (x86)\AVG Web TuneUp;fs
C:\Program Files\Common Files\AVG Secure Search;fs
C:\ProgramData\Avg_Update_1215av;fs
chromelook;
firefoxlook;
emptyfolderscheck;delete
startupall;
filesrcm;

Klik op de knop "More options" en vink nu de onderstaande opties aan.
Do a Deep Scan
Installed Programs
Auto Clean
De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

moederjeanne · 19 december 2015

ik krijg dit txt file maar nog steeds dezelfde problemen :

Zoek.exe v5.0.0.1 Updated 18-December-2015

Tool run by moederjeanne on za 19-12-2015 at 13:36:50,32.

Microsoft Windows 10 Home 10.0.10240 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\moederjeanne\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

19-12-2015 13:45:48 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully

C:\PROGRA~3\Comms deleted successfully

C:\PROGRA~3\SoftwareDistribution deleted successfully

C:\Users\moederjeanne\AppData\Local\CrashDumps deleted successfully

C:\Users\moederjeanne\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\moederjeanne\AppData\Local\EmieSiteList deleted successfully

C:\Users\moederjeanne\AppData\Local\EmieUserList deleted successfully

C:\Users\moederjeanne\AppData\Local\NetworkTiles deleted successfully

C:\Users\ruth\AppData\Local\EmieBrowserModeList deleted successfully

C:\Users\ruth\AppData\Local\EmieSiteList deleted successfully

C:\Users\ruth\AppData\Local\EmieUserList deleted successfully

C:\Users\ruth\AppData\Local\NetworkTiles deleted successfully

C:\Users\ruth\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Installed Programs ======================

æTorrent

Acer Recovery Management

Adobe Reader XI (11.0.13)

Adobe Refresh Manager

AMD Accelerated Video Transcoding

AMD Catalyst Control Center

AMD Catalyst Install Manager

AMD Fuel

AMD Quick Stream

Apple Application Support (32-bit)

Apple Application Support (64-bit)

Apple Mobile Device Support

Apple Software Update

AVG

AVG 2016

AVG Protection

AVG Web TuneUp

AVG Zen

Bonjour

BS.Player FREE

Canon MP Navigator EX 4.0

Canon MP495 series MP Drivers

Canon My Image Garden

Canon My Image Garden Design Files

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

D3DX10

DAEMON Tools Lite

Definition Update for Microsoft Office 2010 (KB3114412) 64-Bit Edition

ELAN Touchpad 11.15.0.18_X64

Fallout 3 - Wasteland Edition

FMW 1

Google Chrome

Google Update Helper

Identity Card

iTunes

Malwarebytes Anti-Malware versie 2.2.0.1024

Microsoft Application Error Reporting

Microsoft Games for Windows - LIVE Redistributable

Microsoft Office

Microsoft Office Access MUI (Dutch) 2010

Microsoft Office Excel MUI (Dutch) 2010

Microsoft Office Groove MUI (Dutch) 2010

Microsoft Office InfoPath MUI (Dutch) 2010

Microsoft Office Office 32-bit Components 2010

Microsoft Office OneNote MUI (Dutch) 2010

Microsoft Office Outlook MUI (Dutch) 2010

Microsoft Office PowerPoint MUI (Dutch) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (Dutch) 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (German) 2010

Microsoft Office Proofing (Dutch) 2010

Microsoft Office Publisher MUI (Dutch) 2010

Microsoft Office Shared 32-bit MUI (Dutch) 2010

Microsoft Office Shared MUI (Dutch) 2010

Microsoft Office Word MUI (Dutch) 2010

Microsoft Silverlight

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030

Microsoft Visual Studio 2005 Tools for Office Runtime

Microsoft Visual Studio 2010 Tools for Office Runtime (x64)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD

Microsoft WSE 3.0 Runtime

Movie Maker

MPC-HC 1.7.3 (64-bit)

MSVCRT

MSVCRT110

MSVCRT110_amd64

Nero BackItUp

Nero BackItUp 12 Essentials OEM.a01

Nero BackItUp Help (CHM)

Nero ControlCenter

Nero ControlCenter Help (CHM)

Nero Core Components

Nero Launcher

Nero RescueAgent

Nero RescueAgent Help (CHM)

Nero Update

OEM Application Profile

Office Addin

Photo Common

Photo Gallery

Prerequisite installer

Qualcomm Atheros Bluetooth Suite (64)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program

RealDownloader

Realtek High Definition Audio Driver

Security Update for Microsoft Access 2010 (KB3101544) 64-Bit Edition

Security Update for Microsoft Excel 2010 (KB3114415) 64-Bit Edition

Security Update for Microsoft InfoPath 2010 (KB2878230) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2553313) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2850016) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2880971) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2881071) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2956076) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB2965310) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB3054848) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB3085528) 64-Bit Edition

Security Update for Microsoft Office 2010 (KB3085560) 64-Bit Edition

Security Update for Microsoft OneNote 2010 (KB3054978) 64-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2920812) 64-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB3085594) 64-Bit Edition

Security Update for Microsoft Publisher 2010 (KB2817478) 64-Bit Edition

Security Update for Microsoft Visio 2010 (KB3101526) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB2965313) 64-Bit Edition

Security Update for Microsoft Word 2010 (KB3101532) 64-Bit Edition

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition

Skype Click to Call

SkypeT 7.12

Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD

TeamViewer 9

Trojan Killer

Unity Web Player

Update for Microsoft Excel 2010 (KB2956084) 64-Bit Edition

Update for Microsoft Filter Pack 2.0 (KB2881026) 64-Bit Edition

Update for Microsoft InfoPath 2010 (KB2817369) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553140) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553347) 64-Bit Edition

Update for Microsoft Office 2010 (KB2553388) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589318) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition

Update for Microsoft Office 2010 (KB2589386) 64-Bit Edition

Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition

Update for Microsoft Office 2010 (KB2687275) 64-Bit Edition

Update for Microsoft Office 2010 (KB2791057) 64-Bit Edition

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition

Update for Microsoft Office 2010 (KB2825635) 64-Bit Edition

Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition

Update for Microsoft Office 2010 (KB2883019) 64-Bit Edition

Update for Microsoft Office 2010 (KB2889828) 64-Bit Edition

Update for Microsoft Office 2010 (KB3054873) 64-Bit Edition

Update for Microsoft Office 2010 (KB3054886) 64-Bit Edition

Update for Microsoft Office 2010 (KB3054977) 64-Bit Edition

Update for Microsoft Office 2010 (KB3055042) 64-Bit Edition

Update for Microsoft Office 2010 (KB3055047) 64-Bit Edition

Update for Microsoft Office 2010 (KB3085512) 64-Bit Edition

Update for Microsoft Office 2010 (KB3114399) 64-Bit Edition

Update for Microsoft Office 2010 (KB3114404) 64-Bit Edition

Update for Microsoft OneNote 2010 (KB2956075) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB2760779) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB3085604) 64-Bit Edition

Update for Microsoft Outlook 2010 (KB3101535) 64-Bit Edition

Update for Microsoft Outlook Social Connector 2010 (KB2553308) 64-Bit Edition

Update for Microsoft Project 2010 (KB3114419) 64-Bit Edition

Update for Microsoft SharePoint Workspace 2010 (KB2760601) 64-Bit Edition

Update for Microsoft Visio Viewer 2010 (KB2881021) 64-Bit Edition

Uplay

VirtualDJ PRO Full

Visual Studio 2005 Tools for Office Second Edition Runtime

Visual Studio 2012 x64 Redistributables

Visual Studio 2012 x86 Redistributables

Visual Studio Tools for the Office system 3.0 Runtime

Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258)

VLC media player

Windows Driver Package - GoPro (WinUSB) Universal Serial Bus devices (03/07/2012 )

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

WinRAR 4.20 (64-bit)

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG Web TuneUp deleted

C:\Program Files\Common Files\AVG Secure Search deleted

C:\ProgramData\Avg_Update_1215av deleted

C:\Users\moederjeanne\AppData\Local\AVG Web TuneUp deleted

C:\Users\ruth\AppData\Local\AVG Web TuneUp deleted

C:\Program Files\AVG Web TuneUp deleted

C:\PROGRA~3\AVG Web TuneUp deleted

C:\PROGRA~3\Package Cache deleted

C:\Users\moederjeanne\AppData\Local\Unity deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted

C:\Users\moederjeanne\AppData\LocalLow\Unity deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====

2015-12-09 19:57:37 D2EAEC106F183572317AF7D68E381063 4532304 ----a-w- C:\WINDOWS\explorer.exe

====== C:\Users\MOEDER~1\AppData\Local\Temp ====

====== Java Cache =====

====== C:\WINDOWS\SysWOW64 =====

2015-12-17 09:07:40 DAE24406C99B03DE3070FCA7B8823C68 122352 ----a-w- C:\WINDOWS\SysWOW64\mantle32.dll

2015-12-17 09:07:40 B1414C449CDF025115DDA1DD58A77381 111088 ----a-w- C:\WINDOWS\SysWOW64\hsa-thunk.dll

2015-12-17 09:07:40 9A90866790368A9739F940C3AB854BE5 12784 ----a-w- C:\WINDOWS\SysWOW64\detoured.dll

2015-12-17 09:07:40 4B15FFE298E746FC8FE1718461C8527D 96752 ----a-w- C:\WINDOWS\SysWOW64\mantleaxl32.dll

2015-12-17 09:07:37 A6D47DE75D4DA8B345193FD2456A4386 3471376 ----a-w- C:\WINDOWS\SysWOW64\atiumdva.cap

2015-12-17 09:07:28 AB2F45F4D17649F8F571CD4EFA5346EC 89584 ----a-w- C:\WINDOWS\SysWOW64\atisamu32.dll

2015-12-17 09:07:26 0A4ECF95D837EB9C7990FDAE92077765 25320432 ----a-w- C:\WINDOWS\SysWOW64\atioglxx.dll

2015-12-17 09:07:22 212E4467D3558D6CF999942FBF24249A 81160 ----a-w- C:\WINDOWS\SysWOW64\atimpc32.dll

2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\SysWOW64\atiglpxx.dll

2015-12-17 09:07:16 07722BE5C09F174DE3C857A384EB7A19 152560 ----a-w- C:\WINDOWS\SysWOW64\atieah32.exe

2015-12-17 09:07:10 91EE47E5F262066C4FE15FCC2AFA76D0 60912 ----a-w- C:\WINDOWS\SysWOW64\aticalrt.dll

2015-12-17 09:07:06 0D5F02309668BB18B09CC3018870A21D 14310896 ----a-w- C:\WINDOWS\SysWOW64\aticaldd.dll

2015-12-17 09:07:03 6C1E0FA435FF2BE03DAE57482D70229C 57840 ----a-w- C:\WINDOWS\SysWOW64\aticalcl.dll

2015-12-17 09:07:02 760A16CB68AA94B46C13E778E2C40C42 935408 ----a-w- C:\WINDOWS\SysWOW64\atiadlxx.dll

2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\SysWOW64\atiapfxx.blb

2015-12-17 09:07:01 A7DC8E9EEAE4F4957DE450AC0C8FFCD0 68080 ----a-w- C:\WINDOWS\SysWOW64\OpenCL.dll

2015-12-17 09:06:58 A400CFF0E7618D3C96E6D3FB5C657E6B 7683096 ----a-w- C:\WINDOWS\SysWOW64\amdxc32.dll

2015-12-17 09:06:57 7D5DED378BFDB41955AC460C4F396F1B 81160 ----a-w- C:\WINDOWS\SysWOW64\amdpcom32.dll

2015-12-17 09:06:56 EBC93A124038127EAD6CD8F16558C26B 807424 ----a-w- C:\WINDOWS\SysWOW64\amdocl_ld32.exe

2015-12-17 09:06:55 ECC282372DEB746231685280F96442DF 1004032 ----a-w- C:\WINDOWS\SysWOW64\amdocl_as32.exe

2015-12-17 09:06:36 4C2E47A3ED607193656C44974AEA4162 48112 ----a-w- C:\WINDOWS\SysWOW64\amdmmcl.dll

2015-12-17 09:06:35 DB00A1EDAF063A00E715BC0D844A6C6B 5216240 ----a-w- C:\WINDOWS\SysWOW64\amdmantle32.dll

2015-12-17 09:06:34 870A3E3F7F49E0F0EDA057DE539BAA5C 524272 ----a-w- C:\WINDOWS\SysWOW64\amdlvr32.dll

2015-12-17 09:06:30 4DC0A8630E9C94AC559BDA738D228C2E 132080 ----a-w- C:\WINDOWS\SysWOW64\amdhdl32.dll

2015-12-17 09:06:27 A373223DA7D8955471215CE5B1BDCD0B 198640 ----a-w- C:\WINDOWS\SysWOW64\amdgfxinfo32.dll

2015-12-17 09:06:25 75D082F60A62FD7FAA33C665307895BA 110320 ----a-w- C:\WINDOWS\SysWOW64\amdave32.dll

2015-12-09 19:57:58 19928365CF64B0883317A260E2E6377B 19323392 ----a-w- C:\WINDOWS\SysWOW64\mshtml.dll

2015-12-09 19:57:54 F9AB0E57957218B31E2959628C3C0997 18801664 ----a-w- C:\WINDOWS\SysWOW64\edgehtml.dll

2015-12-09 19:57:53 55863B7FF7119A11BD802DE7A82485A2 11263488 ----a-w- C:\WINDOWS\SysWOW64\ieframe.dll

2015-12-09 19:57:49 6A8F5939B9C3170BEB4FF010F5054ED0 2879024 ----a-w- C:\WINDOWS\SysWOW64\iertutil.dll

2015-12-09 19:57:47 356C54031E21C4790E6C81CDA26F9E0A 1467392 ----a-w- C:\WINDOWS\SysWOW64\GdiPlus.dll

2015-12-09 19:57:46 9C9A14B66C06930A4FA8B654D5A1B2AE 1233920 ----a-w- C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2015-12-09 19:57:46 8AFE3CEAF287F9204FC1363A8F2A9B95 1328128 ----a-w- C:\WINDOWS\SysWOW64\comsvcs.dll

2015-12-09 19:57:46 74C8E141400F3B4CE12EE0E657FD91C9 1310880 ----a-w- C:\WINDOWS\SysWOW64\user32.dll

2015-12-09 19:57:46 5C74B92851352C5DCDD66C59BBE392F6 1442816 ----a-w- C:\WINDOWS\SysWOW64\SRHInproc.dll

2015-12-09 19:57:43 9738D0610EAAD6CE104DFB81AFEDAFDE 786432 ----a-w- C:\WINDOWS\SysWOW64\Magnify.exe

2015-12-09 19:57:43 20311DEFD7B8A7D2AB5D5DDAFF505754 774656 ----a-w- C:\WINDOWS\SysWOW64\SRH.dll

2015-12-09 19:57:42 4900597B180D4A2755B9A6AD5D42A4C7 5455360 ----a-w- C:\WINDOWS\SysWOW64\Chakra.dll

2015-12-09 19:57:39 B4308481535382A5B61340A2214E91AD 474624 ----a-w- C:\WINDOWS\SysWOW64\ieui.dll

2015-12-09 19:57:39 7E4A5580F1A7EEB3F235429D857100DD 296960 ----a-w- C:\WINDOWS\SysWOW64\ninput.dll

2015-12-09 19:57:39 5DAAAF8A272B9C8975C444298B5D41EF 480768 ----a-w- C:\WINDOWS\SysWOW64\duser.dll

2015-12-09 19:57:39 4EEB94F7E1ABAB5503EEFEA7F2394370 4047288 ----a-w- C:\WINDOWS\SysWOW64\explorer.exe

2015-12-09 19:57:38 9E604C522EC89CA6D7DD22BE94985359 415744 ----a-w- C:\WINDOWS\SysWOW64\catsrvut.dll

2015-12-09 19:57:36 3504A001D694E685EB2579164C514FB4 2153984 ----a-w- C:\WINDOWS\SysWOW64\authui.dll

2015-12-09 19:57:35 6C74B225F2EC7A49DD6F78B7072A5C42 1532984 ----a-w- C:\WINDOWS\SysWOW64\ntdll.dll

2015-12-09 19:57:35 0607E8B28F78AD418D6C0D74203FFA79 749568 ----a-w- C:\WINDOWS\SysWOW64\comdlg32.dll

2015-12-09 19:57:34 BB14EE9FF8DCB98AAA9B1861A3F4DA5A 503296 ----a-w- C:\WINDOWS\SysWOW64\vbscript.dll

2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\SysWOW64\locale.nls

2015-12-09 19:57:32 C09CA709007AB00D97A764422E9DB981 92992 ----a-w- C:\WINDOWS\SysWOW64\userenv.dll

2015-12-09 19:57:30 E77F8B3D5750F4527A07E45AB6D44588 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZE.DLL

2015-12-09 19:57:30 6BC30FC482A74A92CDDD59E882F18E63 7168 ----a-w- C:\WINDOWS\SysWOW64\kbdgeoqw.dll

2015-12-09 19:57:30 45D3CA83474A46D74632700FACF17C90 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZEL.DLL

2015-12-09 19:57:30 06A41A2D550BBF58552D3C02D0D20825 7168 ----a-w- C:\WINDOWS\SysWOW64\KBDAZST.DLL

2015-12-09 19:57:29 4F74D237260EF8F19DB5AAAB2C3D19D2 53248 ----a-w- C:\WINDOWS\SysWOW64\profext.dll

2015-12-09 19:57:25 4832BCF076EC1B88B0F3D47DEDB5C20F 3580416 ----a-w- C:\WINDOWS\SysWOW64\jscript9.dll

====== C:\WINDOWS\SysWOW64\drivers =====

====== C:\WINDOWS\Sysnative =====

2015-12-19 12:30:54 13D17227BB2AB670F99EE13B12F593A5 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_moederjeanne_HistoryPrediction.bin

2015-12-17 09:07:40 DF432871A485FD77E6C90197BE0B637D 111600 ----a-w- C:\WINDOWS\Sysnative\hsa-thunk64.dll

2015-12-17 09:07:40 CE5A4E28D6423278DD8440404B6B5851 103408 ----a-w- C:\WINDOWS\Sysnative\mantleaxl64.dll

2015-12-17 09:07:40 9E881E4739C6BCAA98F2152CAFC3E059 136176 ----a-w- C:\WINDOWS\Sysnative\mantle64.dll

2015-12-17 09:07:40 7BDE885D471C6478B13E0C32418EEE20 243696 ----a-w- C:\WINDOWS\Sysnative\clinfo.exe

2015-12-17 09:07:40 43A7C796566C3A83222567DE189F8D18 12784 ----a-w- C:\WINDOWS\Sysnative\detoured.dll

2015-12-17 09:07:33 E40A33F1DD46469DCFFA4BD5117C61B1 3437632 ----a-w- C:\WINDOWS\Sysnative\atiumd6a.cap

2015-12-17 09:07:32 EAD4B31FE72D70F2BACFC915454E5BE2 8864920 ----a-w- C:\WINDOWS\Sysnative\atiumd64.dll

2015-12-17 09:07:31 DF30135A414649B0A8E8FAD0D61C13C1 130064 ----a-w- C:\WINDOWS\Sysnative\atiu9p64.dll

2015-12-17 09:07:30 A273FBD6DCBB91434E33C1EC2404DFCC 199664 ----a-w- C:\WINDOWS\Sysnative\atitmm64.dll

2015-12-17 09:07:29 51A35D97A9DB597EE0D14E2D248AA5A5 97776 ----a-w- C:\WINDOWS\Sysnative\atisamu64.dll

2015-12-17 09:07:26 D9D76760A606AA2946757BA583538BA2 341488 ----a-w- C:\WINDOWS\Sysnative\ATIODE.exe

2015-12-17 09:07:26 1F5F96AE1C39FC46275D120CB1C0CC7F 59888 ----a-w- C:\WINDOWS\Sysnative\ATIODCLI.exe

2015-12-17 09:07:23 3FC67270212EDDA9B0C3D1276930F830 30775792 ----a-w- C:\WINDOWS\Sysnative\atio6axx.dll

2015-12-17 09:07:22 DDFF3EC23045E0B96D9B2212B0B00E31 88000 ----a-w- C:\WINDOWS\Sysnative\atimpc64.dll

2015-12-17 09:07:22 9A407EF63E33D60BD607CA6DC917676F 38384 ----a-w- C:\WINDOWS\Sysnative\atimuixx.dll

2015-12-17 09:07:18 DFC371CDDD3FCD6C24E753298A41E759 78320 ----a-w- C:\WINDOWS\Sysnative\atiglpxx.dll

2015-12-17 09:07:17 A400AAEA1E6FD94A3874066BA26AE257 83952 ----a-w- C:\WINDOWS\Sysnative\atig6pxx.dll

2015-12-17 09:07:16 B238026AACDDF5D78920DD46F4B8B9CC 168944 ----a-w- C:\WINDOWS\Sysnative\atieah64.exe

2015-12-17 09:07:12 0924FBECA5B233CCD3F89306D6EBBB50 451056 ----a-w- C:\WINDOWS\Sysnative\atidemgy.dll

2015-12-17 09:07:10 2568D12AF17245F8D8413AC9A8B4EDA5 71152 ----a-w- C:\WINDOWS\Sysnative\aticalrt64.dll

2015-12-17 09:07:08 CDDD4CB320EDAAA9AACEFA117CB0F3FA 15725552 ----a-w- C:\WINDOWS\Sysnative\aticaldd64.dll

2015-12-17 09:07:04 3845FDD141F1658CF28A3A199C40ADAF 64496 ----a-w- C:\WINDOWS\Sysnative\aticalcl64.dll

2015-12-17 09:07:02 4920154E53FDD2E1BB3B877E7CEEFEC7 662400 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.blb

2015-12-17 09:07:02 0789EC00F29DCC4A1441F876B81F15A7 375792 ----a-w- C:\WINDOWS\Sysnative\atiapfxx.exe

2015-12-17 09:07:01 D2075893570DA1B6766977D858FB9508 73712 ----a-w- C:\WINDOWS\Sysnative\OpenCL.dll

2015-12-17 09:06:59 0EF0E1F7B96736DA036A8FA3EC1A389A 9355016 ----a-w- C:\WINDOWS\Sysnative\amdxc64.dll

2015-12-17 09:06:58 42B9C6DE9E3E4F0925AD58DAD8A86B7B 88000 ----a-w- C:\WINDOWS\Sysnative\amdpcom64.dll

2015-12-17 09:06:57 10E49359190C5F9EC0287991260805D4 1070592 ----a-w- C:\WINDOWS\Sysnative\amdocl_ld64.exe

2015-12-17 09:06:56 2C121EDECF6F26ADA8E6B2D5316966A7 1196032 ----a-w- C:\WINDOWS\Sysnative\amdocl_as64.exe

2015-12-17 09:06:37 A40AD832C19625AAE912E2C8F26686A7 59376 ----a-w- C:\WINDOWS\Sysnative\amdmmcl6.dll

2015-12-17 09:06:36 D2112F5468176F075FAB0B08A142DB6A 471320 ----a-w- C:\WINDOWS\Sysnative\amdmiracast.dll

2015-12-17 09:06:35 5D4ABEC64507FDAF954B867AF85ADA87 6686192 ----a-w- C:\WINDOWS\Sysnative\amdmantle64.dll

2015-12-17 09:06:34 038A004CF76AFDC15FA70863D3DC345A 631792 ----a-w- C:\WINDOWS\Sysnative\amdlvr64.dll

2015-12-17 09:06:31 4A8EEFA45D4DE092F9FB557B196BFE0F 143344 ----a-w- C:\WINDOWS\Sysnative\amdhdl64.dll

2015-12-17 09:06:30 D36864C43E5B1AC2FB2DA910A8AEF0E5 151936 ----a-w- C:\WINDOWS\Sysnative\amdhcp64.dll

2015-12-17 09:06:28 C8EDC7EFDAE950D1939B9A7E863642C9 213488 ----a-w- C:\WINDOWS\Sysnative\amdgfxinfo64.dll

2015-12-17 09:06:26 3BB6CE191F9D761EBD6DE222922A7469 117600 ----a-w- C:\WINDOWS\Sysnative\amdave64.dll

2015-12-15 22:18:00 C1E95F2758CD6797ECEB81BCD5533320 16148 ----a-w- C:\WINDOWS\Sysnative\HANS_ruth_HistoryPrediction.bin

2015-12-09 19:58:01 DD032686353CBEA293EBA1710C676533 21872640 ----a-w- C:\WINDOWS\Sysnative\edgehtml.dll

2015-12-09 19:57:59 C075D7FB5304C60CE7296882F299A90D 24592384 ----a-w- C:\WINDOWS\Sysnative\mshtml.dll

2015-12-09 19:57:52 90F26A12A7F188B48021A4CA8A615026 12504576 ----a-w- C:\WINDOWS\Sysnative\ieframe.dll

2015-12-09 19:57:51 4D3F2E7C2F83DFAF19F8060E1FD6C5A8 3588096 ----a-w- C:\WINDOWS\Sysnative\win32kfull.sys

2015-12-09 19:57:51 321A2022926841273CD8D6B9BFE68D05 1383424 ----a-w- C:\WINDOWS\Sysnative\win32kbase.sys

2015-12-09 19:57:49 544F4E3C4EEBAC2541C6D1D865FA2963 1717248 ----a-w- C:\WINDOWS\Sysnative\GdiPlus.dll

2015-12-09 19:57:49 162AD130D6F3C5C877F0AD121C1F485E 3622272 ----a-w- C:\WINDOWS\Sysnative\iertutil.dll

2015-12-09 19:57:47 D6D96E20079D902243690DCBB007F997 2180608 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentServer.dll

2015-12-09 19:57:47 C158F23E5D8581CB50B33D83AC721E93 1795584 ----a-w- C:\WINDOWS\Sysnative\AppXDeploymentExtensions.dll

2015-12-09 19:57:47 8675E8DC436CFD340C2BEACD29315226 1710592 ----a-w- C:\WINDOWS\Sysnative\SRHInproc.dll

2015-12-09 19:57:46 F04659446D46718E38B3586371720218 1569280 ----a-w- C:\WINDOWS\Sysnative\Windows.Globalization.dll

2015-12-09 19:57:46 6C291578AD85D4527E83B5E9465BDB6C 1649152 ----a-w- C:\WINDOWS\Sysnative\comsvcs.dll

2015-12-09 19:57:45 7F380DC90B8A045A3F4835D196C35EEB 1366680 ----a-w- C:\WINDOWS\Sysnative\user32.dll

2015-12-09 19:57:43 65BCE1DC85A1023021D363E0CE4AB14C 845824 ----a-w- C:\WINDOWS\Sysnative\Magnify.exe

2015-12-09 19:57:43 5E6F27976D0A53CE834D94F55378B9EE 929792 ----a-w- C:\WINDOWS\Sysnative\SRH.dll

2015-12-09 19:57:41 8F52D8477ED3EF446EC72D087FF6B1F5 355328 ----a-w- C:\WINDOWS\Sysnative\ninput.dll

2015-12-09 19:57:41 08F67B81DA4F6B5D247183915253872C 7523840 ----a-w- C:\WINDOWS\Sysnative\Chakra.dll

2015-12-09 19:57:41 0367B8FA0C41969DD92F489DA5FE664F 603648 ----a-w- C:\WINDOWS\Sysnative\duser.dll

2015-12-09 19:57:40 4D9B59BCD7FA373D52E5CD9A285C332C 587776 ----a-w- C:\WINDOWS\Sysnative\ieui.dll

2015-12-09 19:57:38 72C37168B3A428F33D566130382D3D85 523776 ----a-w- C:\WINDOWS\Sysnative\catsrvut.dll

2015-12-09 19:57:37 D4D08AB39F842C640B7F8B1296BDC38C 121344 ----a-w- C:\WINDOWS\Sysnative\DAMM.dll

2015-12-09 19:57:37 8A216BBE091DA0585F6A5E8B65980961 324096 ----a-w- C:\WINDOWS\Sysnative\profsvc.dll

2015-12-09 19:57:37 7E90F66669509E7BD2B250BC271D94E2 171008 ----a-w- C:\WINDOWS\Sysnative\dot3mm.dll

2015-12-09 19:57:36 35D3A05A1FE037E866E17E84CEE9CF48 2350592 ----a-w- C:\WINDOWS\Sysnative\authui.dll

2015-12-09 19:57:35 B3E7A635C248EBF3A9C630917BDD5FA0 1822280 ----a-w- C:\WINDOWS\Sysnative\ntdll.dll

2015-12-09 19:57:35 7A4CC6F1945E13BE51FCEE9A2C6C7ABE 572928 ----a-w- C:\WINDOWS\Sysnative\vbscript.dll

2015-12-09 19:57:35 68AA410BBF3DA69B9F3834EED1BF52EA 270336 ----a-w- C:\WINDOWS\Sysnative\RasMediaManager.dll

2015-12-09 19:57:35 6210B227A7834FFFCA08FBB42F6FF476 126464 ----a-w- C:\WINDOWS\Sysnative\DAMediaManager.dll

2015-12-09 19:57:34 ED4208A2A5BE50383153463F7ED08ED4 146944 ----a-w- C:\WINDOWS\Sysnative\EthernetMediaManager.dll

2015-12-09 19:57:34 E866643717FF953DAC104E9E806F3E27 498688 ----a-w- C:\WINDOWS\Sysnative\WlanMediaManager.dll

2015-12-09 19:57:34 E68D380E86FBBF7F4466A0DD6CEA0B5B 467456 ----a-w- C:\WINDOWS\Sysnative\MBMediaManager.dll

2015-12-09 19:57:34 C18ED3B56B91A835F019634180349E8A 849408 ----a-w- C:\WINDOWS\Sysnative\comdlg32.dll

2015-12-09 19:57:34 917C7C09612AD81BCF0C49007740DB4E 775312 ----a-w- C:\WINDOWS\Sysnative\locale.nls

2015-12-09 19:57:34 1A8D80F2EA3133AD8DAF64DA25B4B17B 168288 ----a-w- C:\WINDOWS\Sysnative\NetworkUXBroker.exe

2015-12-09 19:57:32 98EAC529E0F9A1566E9E19D4667854EC 181760 ----a-w- C:\WINDOWS\Sysnative\shutdownux.dll

2015-12-09 19:57:32 20E8B4BD322195D30C781BED86FA81C8 185344 ----a-w- C:\WINDOWS\Sysnative\psmsrv.dll

2015-12-09 19:57:32 01074D7E7370E7A7CAFF0DC442C89794 113184 ----a-w- C:\WINDOWS\Sysnative\userenv.dll

2015-12-09 19:57:31 AE15D9860C287112D57062E24FCD6EB9 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZE.DLL

2015-12-09 19:57:31 69B49DECE9996743DB231D06F49701B2 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZEL.DLL

2015-12-09 19:57:31 50B2D1C6E83407093678C0B0791F4B74 7168 ----a-w- C:\WINDOWS\Sysnative\kbdgeoqw.dll

2015-12-09 19:57:30 E6B7193FF6E1FBFD644E0D5545A6E779 7168 ----a-w- C:\WINDOWS\Sysnative\KBDAZST.DLL

2015-12-09 19:57:29 38C714192315DD02561D30FCFE693736 771072 ----a-w- C:\WINDOWS\Sysnative\Chakradiag.dll

2015-12-09 19:57:29 141ABE24124CB1E25954E9D52FF1B999 67072 ----a-w- C:\WINDOWS\Sysnative\profext.dll

2015-12-09 19:57:26 9E5E7D977A316EE3BBD4F44903EC954B 4792320 ----a-w- C:\WINDOWS\Sysnative\jscript9.dll

====== C:\WINDOWS\Sysnative\drivers =====

2015-12-17 09:07:02 4FF0FE695EDB2326F268377EBD546957 52208 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll

2015-12-09 19:57:38 BA8DC96D1DD7785EB0589CB1777208B7 2115936 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys

2015-12-09 19:57:36 7C3DDCB6F927AFC5569A8CC584F5B5F3 147968 ----a-w- C:\WINDOWS\Sysnative\drivers\rmcast.sys

2015-12-09 19:57:33 27E248CD861AFED4DF0C48F4C853E7F0 80896 ----a-w- C:\WINDOWS\Sysnative\drivers\hdaudbus.sys

2015-12-09 19:57:32 CFCCF9F67EECBA6BFE4E880D9BE70CBB 22528 ----a-w- C:\WINDOWS\Sysnative\drivers\usb8023.sys

2015-12-09 19:57:32 1BDA1FD02783566F0B20EB0E2517F85C 516448 ----a-w- C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS

2015-12-09 19:57:31 7BF844D362EB746BC7A6DC3F57FA3E32 8192 ----a-w- C:\WINDOWS\Sysnative\drivers\gpuenergydrv.sys

====== C:\WINDOWS\Tasks ======

====== C:\WINDOWS\Temp ======

======= C:\Program Files =====

2015-12-17 09:12:38 -------- d-----w- C:\Program Files\ATI Technologies

======= C:\PROGRA~2 =====

2015-11-22 16:00:45 -------- d-----w- C:\PROGRA~2\VirtualDJ

======= C: =====

====== C:\Users\moederjeanne\AppData\Roaming ======

2015-12-10 08:50:08 -------- d-----w- C:\Users\moederjeanne\AppData\Local\AMD

2015-12-08 17:47:24 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg

2015-12-08 17:46:44 -------- d-----w- C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog

2015-11-22 16:00:51 -------- d-----w- C:\Users\moederjeanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ

====== C:\Users\moederjeanne ======

2015-12-17 09:12:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2015-12-08 17:47:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen

====== C: exe-files ==

2015-12-17 09:07:38 B16CBF710BAC6FE3EA52C88C886870B2 96779808 ----a-w- C:\Program Files\AMD\CCC2\Install\ccc2_install.exe

2015-12-17 07:55:39 9A81ADFEA183CA54971D9EE568D4AE67 758864 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\47.0.2526.106\47.0.2526.106_47.0.2526.80_chrome_updater_3stage.exe

2015-12-15 16:59:47 E15AEE90C6CD89A71EB108EF8FD035DA 279232 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\mighost.exe

2015-12-15 16:59:47 9E8AD47012931BAE13D4B30CD5A2258F 173760 ----a-w- C:\$WINDOWS.~BT\Sources\SafeOS\SafeOS.Mount\Windows\System32\setupplatform.exe

2015-12-15 14:38:09 D1F59C81E2F6030459424F20030B3647 2829512 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\Setup.exe

2015-12-15 14:38:07 FBB698C69C0A8EF6499D9353A97CC232 2451144 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDUn_inst.exe

2015-12-15 14:38:07 BD5B801F8035A5066C6A4F4ABA67C4D5 93384 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDMag.exe

2015-12-15 14:38:07 8916EACF1256E1C5A3AF81FD39C747E7 144072 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDService.exe

2015-12-15 14:38:07 2B484C30F4B5C2AE38FC26F6FC57764B 2855112 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDHValueMonitor.exe

2015-12-15 14:38:07 2025712CFB93C2161C6EC0612EEC5B40 2265800 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDFingerPositioner.exe

2015-12-15 14:38:06 D37064498DE2B69EB94E2DA83C62E4A4 2580168 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrlHelper.exe

2015-12-15 14:38:06 BB11B4124F1DCA432705C2DB64B60580 8405192 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDAniConf.exe

2015-12-15 14:38:06 97B7D81A8461126BB9CC4085712675E5 3242696 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDCtrl.exe

2015-12-15 14:38:06 7DBEFB1CD4BB8FEF7AEE87D07F695BFC 2790088 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETDDeviceInformation.exe

2015-12-15 14:38:06 3FC075F33F8462EB7897A44E760D2377 1056968 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\dpinst.exe

2015-12-15 14:38:05 A7406B7710720E7E3EBC8DCE5C5FB084 243696 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\clinfo.exe

2015-12-15 14:38:03 412EF1F21D4DB473A8DECCE2B29006AB 96749536 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\ccc2_install.exe

2015-12-15 14:37:58 B844EBA6ED1666309C9D74345647057F 1070592 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_ld64.exe

2015-12-15 14:37:58 A8AFEC11C457D037602921C6645D8679 1004032 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_as32.exe

2015-12-15 14:37:58 50A1F30C906F8DA69FE0F3B95B324936 807424 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_ld32.exe

2015-12-15 14:37:58 3B40AFF6A70B690D6B0C79DEADBFCD32 1196032 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\1064dee1-8e19-4dd9-9204-be8d23637c77\B188512\amdocl_as64.exe

2015-12-15 13:56:20 3CAF959D7275C91B2DB96BF60AFEB6EF 71592 ----a-w- C:\ProgramData\AVG\Setup\av\avguirux.exe

2015-12-15 13:56:19 4DF8AE87AF8B98D84F2D0C0B66550E5B 6000232 ----a-w- C:\ProgramData\AVG\Setup\av\avgmfapx.exe

2015-12-14 09:44:49 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe

2015-12-14 09:44:49 AD60A39A820804E89BC2EAD599ED94E1 8067784 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\OneDriveSetup.exe

2015-12-14 09:44:38 EB0965F7AE1394C0A3165A5E9A32C44D 164040 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncConfig.exe

2015-12-14 09:44:37 2DB7D5B28812523AAF17F71A8EB4832E 171712 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe

=== C: other files ==

2015-12-15 14:38:06 6BD85B39B7B23F03B24CF641ED29147B 525512 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\d21881c9-a4d6-4d0b-8603-b4459de958e9\ETD.sys

2015-12-15 14:37:50 239A81CC18170F3369D389DA65E74342 599240 ----a-w- C:\$WINDOWS.~BT\Drivers\DU\e6cf54d3-c314-4c73-ba29-eae39271af0d\btfilter.sys

2015-12-15 13:50:08 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\ruth\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\CollectOneDriveLogs.bat

2015-12-14 09:44:37 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\CollectOneDriveLogs.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_USERS\S-1-5-21-3968276687-3847870925-728767108-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"

"AVG_UI"="C:\Program Files (x86)\AVG\Av\avgui.exe /TRAYONLY"

"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguix.exe /fmw.trayonly"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"OneDrive"="C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"

"Uninstall C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\moederjeanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]

"BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24]

C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24-04-2015 08:24]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe]

"C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe]

"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\WINDOWS\SysNative\tasks\Trojan Killer" ["C:\Users\moederjeanne\Desktop\anti spam\trojankiller.exe"]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{82B7F595-5AE2-407C-9927-19E0A68E3980}" [C:\Windows\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{962602FA-6334-4D12-AC80-1D8392B9923C}" [C:\Windows\system32\msfeedssync.exe]

"C:\WINDOWS\SysNative\tasks\{1E2CD787-5A20-40B3-90F1-B15A6B5A8BC5}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{51FCCE58-FEC1-4972-ADC1-822CF1457E58}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{7B1E1EAD-2704-4193-ABC7-997C3ABCD50B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{90375371-90DE-400E-A70C-04F320B38B99}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{9B65EFED-9950-49CA-976E-D3CF30D7830A}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{9C32E855-0165-4830-8A35-7662750DF12C}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{9CA88F91-C466-4B49-B55B-941445717BEE}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{9F674414-1591-4CD9-A7AD-7D26CFD5EF41}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\{C1282EE3-A959-42FD-A09C-1BE41E0A7A04}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]

"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

"C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

user_pref("browser.startup.homepage", "www.google.be");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23-04-2014 21:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

- ActiveDeals - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com

- ActiveDeals - %ProfilePath%\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com

==== Firefox Plugins ======================

Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 14:24]

lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12-10-2015 08:31]

whatsapp-for-chrome - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan

Fantastic platform game that will try to intimidate you and make you give up. - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\diippoclinjdbklinhchgedilfncehbi

Magisto - Magical Video Editor - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk

RealDownloader - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

WhatsApp Web Notifier - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\mandlfjpchelbigcligpgfmmagaobkeo

Chrome Web Store Payments - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

YouTube - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

RealDownloader - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

Skype Click to Call - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Chrome Web Store Payments - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

YouTube - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

RealDownloader - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji

Skype Click to Call - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

Chrome Web Store Payments - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx deleted successfully

C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia deleted successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="https://mysearch.avg.com/?cid={6AD30996-7856-4F05-9FA0-3B6D9392455F}&mid=a0f7a049bf0b47d2a1e2e12caacd3db6-305099513131e3e91d57094a037dd94ea90d0535〈=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-11-06 15:08:34&v=4.2.4.155&pid=wtu&sg=&sap=hp"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}

HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\moederjeanne\AppData\Local\Mozilla\Firefox\Profiles\so4plgdq.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp\cache\Users\ruth\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=977 folders=526 625197913 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied

C:\Users\MOEDER~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on za 19-12-2015 at 16:07:58,09 ======================

moederjeanne · 20 december 2015

ik weet niet of het probleem nu zou moeten opgelost zijn ?

maar ik heb nog steeds dezelfde problemen met de pc -(

kweezie wabbit · 20 december 2015

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Dubbelklik op Zoek.exe om de tool te starten.
Gebruikers van Windows Vista en later dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
Kopieer nu onderstaande code en plak die in het grote invulvenster:
Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

C:\WINDOWS\SysNative\tasks\{1E2CD787-5A20-40B3-90F1-B15A6B5A8BC5};f
C:\WINDOWS\SysNative\tasks\{51FCCE58-FEC1-4972-ADC1-822CF1457E58};f
C:\WINDOWS\SysNative\tasks\{7B1E1EAD-2704-4193-ABC7-997C3ABCD50B};f
C:\WINDOWS\SysNative\tasks\{90375371-90DE-400E-A70C-04F320B38B99};f
C:\WINDOWS\SysNative\tasks\{9B65EFED-9950-49CA-976E-D3CF30D7830A};f
C:\WINDOWS\SysNative\tasks\{9C32E855-0165-4830-8A35-7662750DF12C};f
C:\WINDOWS\SysNative\tasks\{9CA88F91-C466-4B49-B55B-941445717BEE};f
C:\WINDOWS\SysNative\tasks\{9F674414-1591-4CD9-A7AD-7D26CFD5EF41};f
C:\WINDOWS\SysNative\tasks\{C1282EE3-A959-42FD-A09C-1BE41E0A7A04};f
C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com;f
_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com;ff
C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp;fs
autoclean;

De optie "Scan All Users" staat standaard aangevinkt.
Klik nu op de knop "Run script".
Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
Post het geopende logje in het volgende bericht als bijlage.

Zoek.exe logbestand plaatsen

Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\Zoek-results.log.)
Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.

moederjeanne · 20 december 2015

Zoek.exe v5.0.0.1 Updated 18-December-2015

Tool run by moederjeanne on zo 20-12-2015 at 12:13:00,08.

Microsoft Windows 10 Home 10.0.10240 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\moederjeanne\Desktop\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2015-12-19-150758.log 52982 bytes

==== Empty Folders Check ======================

C:\Users\moederjeanne\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

user.js not found

---- Lines _uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com removed from prefs.js ----

user_pref("extensions.xpiState", "{\"app-profile\":{\"ekWne@1.org\":{\"d\":\"C:\\\\Users\\\\moederjeanne\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\

---- FireFox user.js and prefs.js backups ----

prefs_20-12-2015_1314_.backup

==== Deleting Files \ Folders ======================

C:\Users\ruth\AppData\Local\Packages\windows_ie_ac_001\AC\AVG Web TuneUp deleted

C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com deleted

"C:\WINDOWS\SysNative\tasks\{1E2CD787-5A20-40B3-90F1-B15A6B5A8BC5}" deleted

"C:\WINDOWS\SysNative\tasks\{51FCCE58-FEC1-4972-ADC1-822CF1457E58}" deleted

"C:\WINDOWS\SysNative\tasks\{7B1E1EAD-2704-4193-ABC7-997C3ABCD50B}" deleted

"C:\WINDOWS\SysNative\tasks\{90375371-90DE-400E-A70C-04F320B38B99}" deleted

"C:\WINDOWS\SysNative\tasks\{9B65EFED-9950-49CA-976E-D3CF30D7830A}" deleted

"C:\WINDOWS\SysNative\tasks\{9C32E855-0165-4830-8A35-7662750DF12C}" deleted

"C:\WINDOWS\SysNative\tasks\{9CA88F91-C466-4B49-B55B-941445717BEE}" deleted

"C:\WINDOWS\SysNative\tasks\{9F674414-1591-4CD9-A7AD-7D26CFD5EF41}" deleted

"C:\WINDOWS\SysNative\tasks\{C1282EE3-A959-42FD-A09C-1BE41E0A7A04}" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

user_pref("browser.startup.homepage", "www.google.be");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [23-04-2014 21:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\MOEDER~1\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

- Undetermined - C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default\extensions\_uaxtxwuvcgsdkz@lwgjsimhnldoaqw.com

==== Firefox Plugins ======================

Profilepath: C:\Users\moederjeanne\AppData\Roaming\Mozilla\Firefox\Profiles\so4plgdq.default

BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks RealDownloader Chrome Background Extension Plug-In (32-bit)

EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks RealDownloader PepperFlashVideoShim Plug-In (32-bit)

96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks RealDownloader HTML5VideoShim Plug-In (32-bit)

F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

whatsapp-for-chrome - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgkodfmeijboinjdegggmkbkjfiagaan

Magisto - Magical Video Editor - moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghmngbmfdgknokcefmkbjlcjabdklnlk

==== Chromium Fix ======================

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully

C:\Users\moederjeanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}

HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\moederjeanne\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\Users\ruth\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully