google crhome werkt traag

hallo kunnen jullie mij helpen met google chrome?

hij werkt met momenten heel traag.

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hoe je controleert of je met een 32- of 64-bitversie van Windows werkt kan je hier bekijken.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is worden er twee kladblok bestanden geopend genaamd "Log.txt" en "Info.txt" .
  

RSIT Logbestanden plaatsen

• Voeg het logbestand met de naam "Log.txt" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden in de map ""C:\\rsit")
  
• Het logbestand met de naam "Info.txt" wat geminimaliseerd is hoeft u niet te plaatsen. (Dit logbestand wordt enkel de eerst keer bij het uitvoeren aangemaakt).
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

De handleiding voor het gebruik van RSIT kan je HIER bekijken en we hebben ook nog een instructievideo.

Hallo hier is het RSIT log

Logfile of random's system information tool 1.10 (written by random/random)

Run by Veronique at 2014-10-26 05:07:21

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 406 GB (85%) free of 477 GB

Total RAM: 2909 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:07:36, on 26/10/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17344)

Boot mode: Normal

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\system32\taskhost.exe

C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Windows\system32\RunDll32.exe

C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Veronique\Downloads\RSIT.exe

C:\Program Files\trend micro\Veronique.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AS130SF05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)

O9 - Extra 'Tools' menuitem: Lync - klikken om te bellen - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - (no file)

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

--

End of file - 7549 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3823742094-2410752539-3467050322-1000.job - C:\Users\Veronique\AppData\Local\Citrix\GoToMeeting\1831\g2mupdate.exe

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

Lync Browser Helper

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]

Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2014-07-20 462760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

Advanced SystemCare Browser Protection - C:\PROGRA~1\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL [2014-02-20 669504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]

Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL [2014-07-27 1730256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-07-20 171944]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 974432]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2014-01-26 138808]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2014-01-26 172088]

"Persistence"=C:\Windows\system32\igfxpers.exe [2014-01-26 173624]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-09-05 12021464]

""= []

"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3520 series (NET)"=C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2012-01-31 1818984]

"Advanced SystemCare 7"=C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2014-02-11 2288928]

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-08-27 22041192]

C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk - C:\Windows\system32\RunDll32.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2014-01-26 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-18 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adobe air application installer.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\asctray.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetup.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetuplauncher.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hp deskjet 3520 series.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqdtss.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqlpvwr.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpscan.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwsetup.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]

"Debugger=""C:\Program Files\AVG\AVG PC TuneUp\TUAutoReactivator32.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 3 months======

2014-10-22 13:29:06 ----D---- C:\zoek_backup

2014-10-22 07:37:49 ----D---- C:\Program Files\trend micro

2014-10-22 07:37:48 ----D---- C:\rsit

2014-10-15 10:19:22 ----A---- C:\Windows\system32\generaltel.dll

2014-10-15 10:19:21 ----A---- C:\Windows\system32\aepdu.dll

2014-10-15 10:19:19 ----A---- C:\Windows\system32\aeinv.dll

2014-10-15 10:19:18 ----A---- C:\Windows\system32\win32k.sys

2014-10-15 10:19:10 ----A---- C:\Windows\system32\rdpcorets.dll

2014-10-15 10:18:58 ----A---- C:\Windows\system32\mscorier.dll

2014-10-15 10:18:58 ----A---- C:\Windows\system32\dfshim.dll

2014-10-15 10:18:57 ----A---- C:\Windows\system32\mscories.dll

2014-10-15 10:18:55 ----A---- C:\Windows\system32\rastls.dll

2014-10-15 10:18:52 ----A---- C:\Windows\system32\mstscax.dll

2014-10-15 10:14:40 ----A---- C:\Windows\system32\ieetwproxystub.dll

2014-10-15 10:14:40 ----A---- C:\Windows\system32\ieetwcollector.exe

2014-10-15 10:14:39 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe

2014-10-15 10:14:39 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-10-15 10:14:38 ----A---- C:\Windows\system32\vbscript.dll

2014-10-15 10:14:38 ----A---- C:\Windows\system32\jsproxy.dll

2014-10-15 10:14:38 ----A---- C:\Windows\system32\ieUnatt.exe

2014-10-15 10:14:38 ----A---- C:\Windows\system32\ieetwcollectorres.dll

2014-10-15 10:14:38 ----A---- C:\Windows\system32\dxtmsft.dll

2014-10-15 10:14:37 ----A---- C:\Windows\system32\wininet.dll

2014-10-15 10:14:36 ----A---- C:\Windows\system32\dxtrans.dll

2014-10-15 10:14:35 ----A---- C:\Windows\system32\ieui.dll

2014-10-15 10:14:34 ----A---- C:\Windows\system32\mshtmlmedia.dll

2014-10-15 10:14:34 ----A---- C:\Windows\system32\mshtmled.dll

2014-10-15 10:14:33 ----A---- C:\Windows\system32\MshtmlDac.dll

2014-10-15 10:14:32 ----A---- C:\Windows\system32\iertutil.dll

2014-10-15 10:14:30 ----A---- C:\Windows\system32\jscript9diag.dll

2014-10-15 10:14:29 ----A---- C:\Windows\system32\jscript9.dll

2014-10-15 10:14:28 ----A---- C:\Windows\system32\mshtml.dll

2014-10-15 10:14:26 ----A---- C:\Windows\system32\urlmon.dll

2014-10-15 10:14:26 ----A---- C:\Windows\system32\iernonce.dll

2014-10-15 10:14:26 ----A---- C:\Windows\system32\ie4uinit.exe

2014-10-15 10:14:25 ----A---- C:\Windows\system32\iedkcs32.dll

2014-10-15 10:14:24 ----A---- C:\Windows\system32\msfeeds.dll

2014-10-15 10:14:24 ----A---- C:\Windows\system32\ieapfltr.dll

2014-10-15 10:14:22 ----A---- C:\Windows\system32\msrating.dll

2014-10-15 10:14:22 ----A---- C:\Windows\system32\iesetup.dll

2014-10-15 10:14:21 ----A---- C:\Windows\system32\ieframe.dll

2014-10-15 10:14:12 ----A---- C:\Windows\system32\winsta.dll

2014-10-15 10:14:12 ----A---- C:\Windows\system32\termsrv.dll

2014-10-15 10:14:11 ----A---- C:\Windows\system32\winlogon.exe

2014-10-15 10:14:11 ----A---- C:\Windows\system32\TSpkg.dll

2014-10-15 10:14:11 ----A---- C:\Windows\system32\rdpcorekmts.dll

2014-10-15 10:14:11 ----A---- C:\Windows\system32\drivers\rdpwd.sys

2014-10-15 10:14:11 ----A---- C:\Windows\system32\credssp.dll

2014-10-15 10:14:10 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2014-10-15 10:13:39 ----A---- C:\Windows\system32\msi.dll

2014-10-15 10:06:48 ----A---- C:\Windows\system32\packager.dll

2014-10-15 10:06:32 ----A---- C:\Windows\system32\drmv2clt.dll

2014-10-15 10:06:32 ----A---- C:\Windows\system32\blackbox.dll

2014-10-15 10:06:31 ----A---- C:\Windows\system32\wmdrmsdk.dll

2014-10-15 10:06:30 ----A---- C:\Windows\system32\wmp.dll

2014-10-15 10:06:28 ----A---- C:\Windows\system32\mf.dll

2014-10-15 10:06:27 ----A---- C:\Windows\system32\drmmgrtn.dll

2014-10-15 10:06:27 ----A---- C:\Windows\system32\drivers\PEAuth.sys

2014-10-15 10:06:27 ----A---- C:\Windows\system32\ci.dll

2014-10-15 10:06:27 ----A---- C:\Windows\system32\AUDIOKSE.dll

2014-10-15 10:06:26 ----A---- C:\Windows\system32\winresume.exe

2014-10-15 10:06:26 ----A---- C:\Windows\system32\winload.exe

2014-10-15 10:06:26 ----A---- C:\Windows\system32\ntkrnlpa.exe

2014-10-15 10:06:26 ----A---- C:\Windows\system32\AudioSes.dll

2014-10-15 10:06:25 ----A---- C:\Windows\system32\wintrust.dll

2014-10-15 10:06:25 ----A---- C:\Windows\system32\ntoskrnl.exe

2014-10-15 10:06:25 ----A---- C:\Windows\system32\EncDump.dll

2014-10-15 10:06:25 ----A---- C:\Windows\system32\cryptsvc.dll

2014-10-15 10:06:24 ----A---- C:\Windows\system32\quartz.dll

2014-10-15 10:06:24 ----A---- C:\Windows\system32\evr.dll

2014-10-15 10:06:24 ----A---- C:\Windows\system32\crypt32.dll

2014-10-15 10:06:23 ----A---- C:\Windows\system32\pcasvc.dll

2014-10-15 10:06:23 ----A---- C:\Windows\system32\mfplat.dll

2014-10-15 10:06:23 ----A---- C:\Windows\system32\cryptui.dll

2014-10-15 10:06:22 ----A---- C:\Windows\system32\cryptsp.dll

2014-10-15 10:06:22 ----A---- C:\Windows\system32\AudioEng.dll

2014-10-15 10:06:21 ----A---- C:\Windows\system32\msscp.dll

2014-10-15 10:06:21 ----A---- C:\Windows\system32\audiosrv.dll

2014-10-15 10:06:20 ----A---- C:\Windows\system32\rrinstaller.exe

2014-10-15 10:06:20 ----A---- C:\Windows\system32\msnetobj.dll

2014-10-15 10:06:20 ----A---- C:\Windows\system32\audiodg.exe

2014-10-15 10:06:19 ----A---- C:\Windows\system32\mfps.dll

2014-10-15 10:06:19 ----A---- C:\Windows\system32\appidsvc.dll

2014-10-15 10:06:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe

2014-10-15 10:06:19 ----A---- C:\Windows\system32\appidapi.dll

2014-10-15 10:06:18 ----A---- C:\Windows\system32\setbcdlocale.dll

2014-10-15 10:06:18 ----A---- C:\Windows\system32\mfpmp.exe

2014-10-15 10:06:17 ----A---- C:\Windows\system32\drivers\appid.sys

2014-10-15 10:06:14 ----A---- C:\Windows\system32\appidcertstorecheck.exe

2014-10-15 10:06:12 ----A---- C:\Windows\system32\spwmp.dll

2014-10-15 10:06:12 ----A---- C:\Windows\system32\mferror.dll

2014-10-15 10:06:12 ----A---- C:\Windows\system32\dxmasf.dll

2014-10-15 10:06:11 ----A---- C:\Windows\system32\wmploc.DLL

2014-10-06 14:04:13 ----D---- C:\Program Files\Common Files\Skype

2014-10-01 06:53:34 ----A---- C:\Windows\system32\qdvd.dll

2014-09-28 10:16:25 ----D---- C:\Program Files\Microsoft Synchronization Services

2014-09-28 10:16:06 ----D---- C:\Program Files\Microsoft Sync Framework

2014-09-28 10:16:06 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition

2014-09-28 10:15:03 ----D---- C:\Program Files\Microsoft Visual Studio 8

2014-09-24 12:00:49 ----A---- C:\Windows\system32\tzres.dll

2014-09-13 02:37:16 ----A---- C:\Windows\system32\msmpeg2vdec.dll

2014-09-13 02:17:45 ----A---- C:\Windows\system32\TSWorkspace.dll

2014-09-13 02:17:34 ----A---- C:\Windows\system32\kerberos.dll

2014-09-13 02:17:33 ----A---- C:\Windows\system32\lsasrv.dll

2014-09-13 02:16:45 ----A---- C:\Windows\system32\d3d10warp.dll

2014-09-05 13:46:20 ----A---- C:\Windows\system32\WavesGUILib.dll

2014-09-05 13:46:19 ----A---- C:\Windows\system32\SStudio.dll

2014-09-05 13:46:18 ----A---- C:\Windows\system32\sltech32.dll

2014-09-05 13:46:18 ----A---- C:\Windows\system32\slprp32.dll

2014-09-05 13:46:17 ----A---- C:\Windows\system32\slcnt32.dll

2014-09-05 13:46:16 ----A---- C:\Windows\system32\sl3apo32.dll

2014-09-05 13:46:13 ----A---- C:\Windows\system32\drivers\RTKVHDA.sys

2014-09-05 13:46:12 ----A---- C:\Windows\system32\RtkPgExt.dll

2014-09-05 13:46:11 ----A---- C:\Windows\system32\RtkCoInstII.dll

2014-09-05 13:46:08 ----A---- C:\Windows\system32\RtkApoApi.dll

2014-09-05 13:46:01 ----A---- C:\Windows\system32\drivers\RTAIODAT.DAT

2014-09-05 13:45:59 ----A---- C:\Windows\system32\RltkAPO.dll

2014-09-05 13:45:56 ----A---- C:\Windows\system32\RCoRes.dat

2014-09-05 13:45:53 ----A---- C:\Windows\system32\NAHIMICAPOSettingsIPC.dll

2014-09-05 13:45:53 ----A---- C:\Windows\system32\NAHIMICAPOlfx.dll

2014-09-05 13:45:52 ----A---- C:\Windows\system32\MaxxVoiceAPO30.dll

2014-09-05 13:45:52 ----A---- C:\Windows\system32\MaxxVoiceAPO20.dll

2014-09-05 13:45:52 ----A---- C:\Windows\system32\MaxxAudioVnN.dll

2014-09-05 13:45:51 ----A---- C:\Windows\system32\MaxxAudioVnA.dll

2014-09-05 13:45:51 ----A---- C:\Windows\system32\MaxxAudioRealtek2.dll

2014-09-05 13:45:50 ----A---- C:\Windows\system32\MaxxAudioRealtek.dll

2014-09-05 13:45:50 ----A---- C:\Windows\system32\MaxxAudioEQ.dll

2014-09-05 13:45:49 ----A---- C:\Windows\system32\MaxxAudioAPOShell.dll

2014-09-05 13:45:49 ----A---- C:\Windows\system32\MaxxAudioAPO60.dll

2014-09-05 13:45:49 ----A---- C:\Windows\system32\MaxxAudioAPO50.dll

2014-09-05 13:45:49 ----A---- C:\Windows\system32\MaxxAudioAPO40.dll

2014-09-05 13:45:48 ----A---- C:\Windows\system32\ICEsoundAPO.dll

2014-09-05 13:45:46 ----A---- C:\Windows\system32\DDPP32A.dll

2014-09-05 13:45:46 ----A---- C:\Windows\system32\DDPO32A.dll

2014-09-05 13:45:46 ----A---- C:\Windows\system32\DDPD32A.dll

2014-09-05 13:45:46 ----A---- C:\Windows\system32\DDPA32.dll

2014-09-05 13:45:45 ----A---- C:\Windows\system32\audioLibVc.dll

2014-09-01 09:28:26 ----D---- C:\Windows\Hewlett-Packard

2014-08-30 02:19:42 ----D---- C:\Windows\system32\drivers\en-US

2014-08-30 02:18:47 ----A---- C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-08-30 02:18:42 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-08-30 02:18:41 ----A---- C:\Windows\system32\drivers\TsUsbFlt.sys

2014-08-30 02:18:39 ----A---- C:\Windows\system32\wksprtPS.dll

2014-08-30 02:18:39 ----A---- C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-08-30 02:18:39 ----A---- C:\Windows\system32\tsgqec.dll

2014-08-30 02:18:39 ----A---- C:\Windows\system32\MsRdpWebAccess.dll

2014-08-30 02:18:38 ----A---- C:\Windows\system32\wksprt.exe

2014-08-30 02:18:38 ----A---- C:\Windows\system32\TSWbPrxy.exe

2014-08-30 02:18:38 ----A---- C:\Windows\system32\rdvidcrl.dll

2014-08-30 02:18:38 ----A---- C:\Windows\system32\mstsc.exe

2014-08-30 02:17:52 ----D---- C:\Program Files\Microsoft Silverlight

2014-08-28 19:10:20 ----A---- C:\Windows\system32\gdi32.dll

2014-08-23 17:29:33 ----A---- C:\Windows\system32\wups2.dll

2014-08-23 17:29:33 ----A---- C:\Windows\system32\wuauclt.exe

2014-08-23 17:29:32 ----A---- C:\Windows\system32\wucltux.dll

2014-08-23 17:29:32 ----A---- C:\Windows\system32\wuaueng.dll

2014-08-23 17:29:09 ----A---- C:\Windows\system32\wups.dll

2014-08-23 17:29:09 ----A---- C:\Windows\system32\wudriver.dll

2014-08-23 17:29:08 ----A---- C:\Windows\system32\wuapi.dll

2014-08-23 17:28:43 ----A---- C:\Windows\system32\wuwebv.dll

2014-08-23 17:28:42 ----A---- C:\Windows\system32\wuapp.exe

2014-08-21 14:12:19 ----A---- C:\Windows\system32\drivers\48230029.sys

2014-08-13 15:16:22 ----D---- C:\ProgramData\tmp

2014-08-13 15:16:20 ----D---- C:\ProgramData\hps

2014-08-13 15:11:33 ----D---- C:\Program Files\Fotoservice

2014-08-13 08:52:17 ----A---- C:\Windows\system32\infocardapi.dll

2014-08-13 08:52:10 ----A---- C:\Windows\system32\icardres.dll

2014-08-13 08:51:59 ----A---- C:\Windows\system32\icardagt.exe

2014-08-13 08:51:50 ----A---- C:\Windows\system32\TsWpfWrp.exe

2014-08-13 08:37:51 ----A---- C:\Windows\system32\msihnd.dll

2014-08-13 08:37:51 ----A---- C:\Windows\system32\consent.exe

2014-08-13 08:37:51 ----A---- C:\Windows\system32\authui.dll

2014-08-13 08:37:41 ----A---- C:\Windows\system32\drivers\dxgmms1.sys

2014-08-13 08:37:41 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2014-08-13 08:37:41 ----A---- C:\Windows\system32\cdd.dll

2014-08-13 08:37:39 ----A---- C:\Windows\system32\rpcrt4.dll

2014-08-13 08:33:39 ----A---- C:\Windows\system32\shell32.dll

2014-08-13 08:33:28 ----A---- C:\Windows\system32\KBDYAK.DLL

2014-08-13 08:33:28 ----A---- C:\Windows\system32\KBDTAT.DLL

2014-08-13 08:33:28 ----A---- C:\Windows\system32\KBDRU1.DLL

2014-08-13 08:33:28 ----A---- C:\Windows\system32\KBDRU.DLL

2014-08-13 08:33:28 ----A---- C:\Windows\system32\KBDBASH.DLL

2014-08-11 13:51:31 ----D---- C:\ProgramData\MetaQuotes

2014-08-11 13:50:32 ----D---- C:\Users\Veronique\AppData\Roaming\MetaQuotes

2014-08-11 13:50:32 ----A---- C:\Windows\system32\MetaViewer.dll

2014-08-11 13:50:14 ----D---- C:\Program Files\Varengold MetaTrader

2014-08-08 22:16:08 ----D---- C:\Program Files\DFMarkets

2014-08-08 21:48:49 ----D---- C:\Users\Veronique\AppData\Roaming\DFMarkets

2014-08-01 13:27:49 ----A---- C:\Windows\system32\TURegOpt.exe

2014-08-01 13:27:49 ----A---- C:\Windows\system32\authuitu.dll

2014-08-01 13:27:15 ----D---- C:\Users\Veronique\AppData\Roaming\AVG

2014-08-01 13:20:16 ----SHD---- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}

2014-08-01 13:19:58 ----D---- C:\ProgramData\AVG

2014-07-29 23:54:33 ----D---- C:\Program Files\ePub Reader

======List of files/folders modified in the last 3 months======

2014-10-26 05:07:36 ----D---- C:\Windows\Prefetch

2014-10-26 05:07:04 ----D---- C:\Windows\Temp

2014-10-26 04:31:17 ----D---- C:\Windows\system32\config

2014-10-26 04:13:32 ----D---- C:\Windows\System32

2014-10-26 04:13:32 ----D---- C:\Windows\inf

2014-10-26 04:13:32 ----A---- C:\Windows\system32\PerfStringBackup.INI

2014-10-25 16:10:30 ----D---- C:\ProgramData\ProductData

2014-10-25 00:32:35 ----SHD---- C:\Windows\Installer

2014-10-25 00:32:35 ----RSD---- C:\Windows\assembly

2014-10-25 00:21:17 ----RSD---- C:\Windows\Fonts

2014-10-25 00:12:45 ----SHD---- C:\System Volume Information

2014-10-25 00:02:06 ----D---- C:\AdwCleaner

2014-10-23 12:18:00 ----RD---- C:\Program Files

2014-10-23 12:16:06 ----D---- C:\Users\Veronique\AppData\Roaming\uTorrent

2014-10-22 23:22:30 ----D---- C:\Windows\Tasks

2014-10-22 19:32:39 ----D---- C:\Windows\rescache

2014-10-20 05:15:22 ----D---- C:\ProgramData\Microsoft Help

2014-10-17 04:40:09 ----D---- C:\Windows\Microsoft.NET

2014-10-16 04:42:38 ----D---- C:\Windows\system32\Tasks

2014-10-16 04:42:08 ----D---- C:\Windows\winsxs

2014-10-16 04:42:06 ----D---- C:\Windows\system32\catroot2

2014-10-16 04:39:14 ----SD---- C:\Windows\system32\CompatTel

2014-10-16 04:39:14 ----D---- C:\Windows\system32\en-US

2014-10-16 04:39:12 ----D---- C:\Program Files\Internet Explorer

2014-10-16 04:39:10 ----D---- C:\Windows\system32\drivers

2014-10-16 04:39:06 ----D---- C:\Windows\system32\nl-NL

2014-10-16 04:39:06 ----D---- C:\Windows\system32\Dism

2014-10-16 04:39:06 ----D---- C:\Program Files\Windows Media Player

2014-10-16 04:39:05 ----D---- C:\Windows\system32\CodeIntegrity

2014-10-16 04:39:05 ----D---- C:\Windows\system32\Boot

2014-10-15 19:37:08 ----A---- C:\Windows\win.ini

2014-10-15 19:37:07 ----D---- C:\Program Files\Microsoft Office

2014-10-15 19:36:57 ----D---- C:\Windows\system32\MRT

2014-10-15 19:29:55 ----A---- C:\Windows\system32\MRT.exe

2014-10-15 19:21:46 ----D---- C:\Users\Veronique\AppData\Roaming\Skype

2014-10-15 10:05:13 ----D---- C:\Windows\system32\catroot

2014-10-13 21:28:10 ----D---- C:\Program Files\Malwarebytes Anti-Malware

2014-10-11 23:34:13 ----HD---- C:\ProgramData

2014-10-11 23:28:45 ----AD---- C:\ProgramData\TEMP

2014-10-07 20:17:32 ----D---- C:\Users\Veronique\AppData\Roaming\BSplayer Pro

2014-10-07 16:25:30 ----D---- C:\Program Files\Webteh

2014-10-06 14:04:18 ----D---- C:\ProgramData\Skype

2014-10-06 14:04:13 ----RD---- C:\Program Files\Skype

2014-10-06 14:04:13 ----D---- C:\Program Files\Common Files

2014-10-03 13:58:42 ----D---- C:\Program Files\Common Files\DESIGNER

2014-09-29 07:04:12 ----D---- C:\Windows

2014-09-29 07:02:43 ----D---- C:\ProgramData\AutoKMS

2014-09-28 10:16:51 ----D---- C:\Program Files\MSBuild

2014-09-28 10:16:06 ----SD---- C:\ProgramData\Microsoft

2014-09-28 10:16:06 ----D---- C:\Program Files\Common Files\microsoft shared

2014-09-28 10:14:19 ----D---- C:\Windows\ShellNew

2014-09-24 17:20:28 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2014-09-22 07:41:56 ----N---- C:\Windows\system32\MpSigStub.exe

2014-09-13 02:28:22 ----D---- C:\Windows\debug

2014-09-13 02:27:05 ----D---- C:\Program Files\Microsoft Security Client

2014-09-11 15:30:14 ----D---- C:\Users\Veronique\AppData\Roaming\HpUpdate

2014-09-05 13:47:34 ----D---- C:\Windows\system32\RTCOM

2014-09-05 13:47:07 ----D---- C:\Windows\system32\DriverStore

2014-08-30 02:19:42 ----D---- C:\Windows\system32\wbem

2014-08-27 04:31:15 ----D---- C:\Program Files\Mozilla Firefox

2014-08-15 04:41:41 ----D---- C:\Windows\SoftwareDistribution

2014-08-13 12:20:10 ----D---- C:\Windows\PolicyDefinitions

2014-08-13 12:20:10 ----D---- C:\Windows\ehome

2014-08-08 22:16:11 ----SD---- C:\Users\Veronique\AppData\Roaming\Microsoft

2014-08-08 06:47:11 ----D---- C:\Windows\system32\NDF

2014-08-03 14:40:51 ----D---- C:\Program Files\Microsoft.NET

2014-08-03 14:31:37 ----D---- C:\Program Files\Common Files\System

2014-08-02 20:48:58 ----D---- C:\Program Files\Google

2014-08-01 13:26:39 ----D---- C:\Program Files\AVG

2014-07-29 11:19:57 ----SHD---- C:\$Recycle.Bin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-10-24 147768]

R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-10-31 222520]

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2014-07-17 231800]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 TVALZ;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver; C:\Windows\system32\DRIVERS\TVALZ_O.SYS [2007-11-09 23640]

R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848]

R1 mbamchameleon;mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [2014-10-01 75480]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 95920]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2014-01-26 9037312]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-09-05 3086040]

R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-10-01 23256]

R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-10-26 114904]

R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-10-01 51928]

R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2014-05-21 693464]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\Windows\system32\DRIVERS\rtl8192se.sys [2014-01-26 1118312]

R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2014-05-21 27888]

R3 StillCam;Stuurprogramma voor seriële digitale fotocamera; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 9216]

R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv; \??\C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [2014-06-23 12320]

S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 MWAC;MWAC; \??\C:\Windows\system32\drivers\ []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-01-03 14848]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2013-10-02 49152]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-10-01 1871160]

R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-10-01 968504]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 22192]

R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [2014-07-14 1858360]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 288120]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-02 116648]

S2 LiveUpdateSvc;LiveUpdate; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]

S2 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-10-01 4846168]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24 267440]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-12-02 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2014-09-19 108032]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-18 30814400]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-01-23 150600]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-12-02 1343400]

S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]

S4 AdvancedSystemCareService7;Advanced SystemCare Service 7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [2014-01-14 881952]

S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]

S4 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-07-14 1390176]

S4 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-07-14 1767520]

S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

Zodra één van de malware-experts online komt gebeurt de analyse van je logje en krijg je verdere persoonlijke begeleiding.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

  {31D09BA0-12F5-4CCE-BE8A-2923E76605DA};c
 {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6};c
 {31D09BA0-12F5-4CCE-BE8A-2923E76605DA};c
 {D924BDC6-C83A-4BD5-90D0-095128A113D1};c
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r64
 ""=-;r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adobe air application installer.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\asctray.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetuplauncher.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hp deskjet 3520 series.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqdtss.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqlpvwr.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpscan.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwsetup.exe];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe];r
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "More options" en vink nu de onderstaande opties aan.
  
• Do a Deep Scan
  
  
• Auto Clean
  
• De optie "Scan All Users" staat standaard aangevinkt.
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

Zoek.exe logbestand plaatsen

• Voeg het logbestand met de naam "Zoek-results.log" als bijlage toe aan het volgende bericht. (Dit logbestand kunt u tevens terug vinden op de systeemschijf als C:\\Zoek-results.log.)
  
• Hoe u een bijlage kunt toevoegen aan het bericht leest u hier.
  

Hier is het zoek-result. log

Zoek.exe v5.0.0.0 Updated 24-10-2014

Tool run by Veronique on zo 26/10/2014 at 13:14:58,43.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Veronique\Downloads\zoek (3).exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-10-22-125218.log 2385 bytes

==== Empty Folders Check ======================

C:\Program Files\SevenZip deleted successfully

C:\PROGRA~2\Oracle deleted successfully

C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully

C:\Users\Veronique\AppData\Roaming\DAEMON Tools Lite deleted successfully

C:\Users\Veronique\AppData\Roaming\HpUpdate deleted successfully

C:\Users\Veronique\AppData\Local\calibre-cache deleted successfully

C:\Users\Veronique\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_USERS\S-1-5-21-3823742094-2410752539-3467050322-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_USERS\S-1-5-21-3823742094-2410752539-3467050322-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3823742094-2410752539-3467050322-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_USERS\S-1-5-21-3823742094-2410752539-3467050322-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} deleted successfully

==== Running Processes ======================

C:\Windows\System32\smss.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

c:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe

c:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Veronique\Downloads\zoek (3).exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\conhost.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

==== Deleting Services ======================

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

""=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AcroRd32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adobe air application installer.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\asctray.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\devicesetuplauncher.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hp deskjet 3520 series.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqdtss.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpqlpvwr.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hpscan.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hwsetup.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\unins000.exe]

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found

C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found

"C:\Windows\Installer\69e36.msi" not found

C:\PROGRA~2\ProductData deleted

C:\PROGRA~2\InstallMate deleted

C:\Users\Veronique\AppData\Local\com deleted

C:\Users\Veronique\AppData\Local\cache deleted

C:\Users\Veronique\AppData\LocalLow\ADSRemoval deleted

C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted

C:\Windows\system32\config\systemprofile\Searches deleted

"C:\Program Files\Windows Portable Devices" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition Service Pack 1 (Build 7601)

Memory (RAM): 2909 MB

CPU Info: Pentium® Dual-Core CPU T4400 @ 2.20GHz

CPU Speed: 1160,0 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Display Adapters: Mobile Intel® 4 Series Express Chipset Family | Mobile Intel® 4 Series Express Chipset Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC | Realtek PCIe FE Family Controller

CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT20N

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C: 465,7GB

Hard Disks - Free: C: 396,8GB

Manufacturer *: TOSHIBA

BIOS Info: AT/AT COMPATIBLE | 12/17/09 | TOSCPL - 6040000

Time Zone: Romance (standaardtijd)

Motherboard *: TOSHIBA KSWAA

Country: Belgi‰

Language: NLB

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)

Anti-Spyware: Microsoft Security Essentials disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Default Browser: Google Chrome 38.0.2125.104

Internet Explorer Version: 11.0.9600.17358

Google Chrome version: 38.0.2125.104

Adobe Reader version: 11.0.07.79

Sun Java version: 1.7.0_65 (32-bit)

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\VERONI~1\AppData\Local\Temp ====

2014-10-19 20:58:16 5C73E64374D9BA37AC5569D1F7DE5C9B 665682 ----a-w- C:\Users\Veronique\AppData\Local\Temp\sqlite3.dll

2014-10-16 18:49:05 F339C7F273B0441B8037276914DE99D2 6664040 ----a-w- C:\Users\Veronique\AppData\Local\Temp\CitrixUpdates\GoToMeeting\1831\G2MCoreInstExtractor.exe

====== Java Cache =====

====== C:\Windows\system32 =====

2014-10-15 09:19:22 1333DD61BA97EE3F9DF23A0D65A70AA0 230912 ----a-w- C:\Windows\System32\generaltel.dll

2014-10-15 09:19:21 0F655F9B3EBB3E05698B8F905F48953C 396288 ----a-w- C:\Windows\System32\aepdu.dll

2014-10-15 09:19:19 975CB5016F5C5520607F6CA6768F161B 302592 ----a-w- C:\Windows\System32\aeinv.dll

2014-10-15 09:19:18 348289FDF17FB4A1F23091F9463642D6 2379264 ----a-w- C:\Windows\System32\win32k.sys

2014-10-15 09:19:10 54540EFB081D4960B5AE3E9F6BFB59A5 2744320 ----a-w- C:\Windows\System32\rdpcorets.dll

2014-10-15 09:18:58 A139A5E6B34F136405B030EA04595A20 156824 ----a-w- C:\Windows\System32\mscorier.dll

2014-10-15 09:18:58 8580484193CE0A0788830FBAB97CF13B 1131664 ----a-w- C:\Windows\System32\dfshim.dll

2014-10-15 09:18:57 D5D5BBF6AA45D820BAA0BD1303B8AAF6 81560 ----a-w- C:\Windows\System32\mscories.dll

2014-10-15 09:18:55 37C395C075E6FA66623C82DE50A8FAED 372736 ----a-w- C:\Windows\System32\rastls.dll

2014-10-15 09:18:52 0C9988BDA3CEC3C421B773982C5E2EC6 5703168 ----a-w- C:\Windows\System32\mstscax.dll

2014-10-15 09:14:40 DF59F2510EDABBF216FA837D5D964106 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll

2014-10-15 09:14:40 8C8B6144B47FE37724590CA832ED26CA 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe

2014-10-15 09:14:39 97F2F82BF0B4AF86A85FFDD78DFDC87D 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll

2014-10-15 09:14:39 8F390C7AA11DF00FC3EF86FA72A939D2 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe

2014-10-15 09:14:38 DF4BA130BD41F29A894E026E456B8481 454656 ----a-w- C:\Windows\System32\vbscript.dll

2014-10-15 09:14:38 CEA291F4C62ECBE1565EC4B37D9AF088 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll

2014-10-15 09:14:38 B74B348D13134D67B4F68ADDDC76A447 43008 ----a-w- C:\Windows\System32\jsproxy.dll

2014-10-15 09:14:38 B5B1C277E46A5B0E2FC63E5FC5624CE5 365056 ----a-w- C:\Windows\System32\dxtmsft.dll

2014-10-15 09:14:38 AA103FEAD721863B86A1B1260948E662 112128 ----a-w- C:\Windows\System32\ieUnatt.exe

2014-10-15 09:14:37 7AE80F921027CF88CB9D0433088A3E55 1810944 ----a-w- C:\Windows\System32\wininet.dll

2014-10-15 09:14:36 410BECCA3354D471E45344F0754CC0E4 243200 ----a-w- C:\Windows\System32\dxtrans.dll

2014-10-15 09:14:35 158690737381C49120165A7F3F5D13EB 440320 ----a-w- C:\Windows\System32\ieui.dll

2014-10-15 09:14:34 8E8E6E7B4CC27B92F40F74E29C1F6290 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll

2014-10-15 09:14:34 201EAFA3F17BE4990999C28657212D8E 69632 ----a-w- C:\Windows\System32\mshtmled.dll

2014-10-15 09:14:33 6D4DD5706C297234F457B9D9018C493F 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll

2014-10-15 09:14:32 55A400FDB21D157E947A0EE65AEDB1B3 2187264 ----a-w- C:\Windows\System32\iertutil.dll

2014-10-15 09:14:30 BD66BA5A924DCC8392CFAEB67131A246 597504 ----a-w- C:\Windows\System32\jscript9diag.dll

2014-10-15 09:14:29 D03EB7605435FE24ADE670661A932651 4201472 ----a-w- C:\Windows\System32\jscript9.dll

2014-10-15 09:14:28 F91E55DA404B834648A3B0A2477C10DB 17484800 ----a-w- C:\Windows\System32\mshtml.dll

2014-10-15 09:14:26 AF31CC5BAEB4916C0AF9AB062CFE8DA2 677888 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-10-15 09:14:26 604C67F58747D6A333EA641BCCC2C842 32768 ----a-w- C:\Windows\System32\iernonce.dll

2014-10-15 09:14:26 3065FF6794A7FDC882F0DA8B6230AB6E 1190400 ----a-w- C:\Windows\System32\urlmon.dll

2014-10-15 09:14:25 D78C4DB153874DB7AC6AA6A03BE38B66 331448 ----a-w- C:\Windows\System32\iedkcs32.dll

2014-10-15 09:14:24 FBE852643EDEB9D6D6502AFE6017CD64 678400 ----a-w- C:\Windows\System32\ieapfltr.dll

2014-10-15 09:14:24 B89F5D2B3D3BC730FAB93CFCD931742F 607744 ----a-w- C:\Windows\System32\msfeeds.dll

2014-10-15 09:14:24 58EC068116BCE16A94B1B2C429A35E41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb

2014-10-15 09:14:23 835807E2AC0A8FA15B9A2EA80E2D5169 2017280 ----a-w- C:\Windows\System32\inetcpl.cpl

2014-10-15 09:14:22 8FAA1E45198C4ECEC691326B7F5E71C5 61952 ----a-w- C:\Windows\System32\iesetup.dll

2014-10-15 09:14:22 2409C41081D657A3FABE3659BB989AFB 164864 ----a-w- C:\Windows\System32\msrating.dll

2014-10-15 09:14:21 EF94FA1F3D90520CCA4AE65D639A9E62 11807232 ----a-w- C:\Windows\System32\ieframe.dll

2014-10-15 09:14:12 FD67683FBA9B2C4BB551780BD8846F64 157696 ----a-w- C:\Windows\System32\winsta.dll

2014-10-15 09:14:12 E05E31F7BF577228E27CFFCA5B54ABBD 523264 ----a-w- C:\Windows\System32\termsrv.dll

2014-10-15 09:14:11 DB1D6751689B4A7EE2439C64F2ADF1C9 17408 ----a-w- C:\Windows\System32\credssp.dll

2014-10-15 09:14:11 B4203FC65D4C0D7A0B7A02AFD13472BB 130048 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2014-10-15 09:14:11 13829161C1297F4170A5546430147BBD 65536 ----a-w- C:\Windows\System32\TSpkg.dll

2014-10-15 09:13:39 3888D02CE6413C2A06D903DE1C778BF5 2363904 ----a-w- C:\Windows\System32\msi.dll

2014-10-15 09:06:48 C120855C1133DF8FFD5E0C04A7E70B67 67072 ----a-w- C:\Windows\System32\packager.dll

2014-10-15 09:06:32 C1140AAB50F59C68394CE4C4046A9A8D 988160 ----a-w- C:\Windows\System32\drmv2clt.dll

2014-10-15 09:06:32 2C5D7D6C3C3E998306F0BFD7FF7114B9 744960 ----a-w- C:\Windows\System32\blackbox.dll

2014-10-15 09:06:31 089236B6EC2E6C52A1864B79A09D7690 617984 ----a-w- C:\Windows\System32\wmdrmsdk.dll

2014-10-15 09:06:30 152FCD9B979D70FDB703A28152B634EA 11411456 ----a-w- C:\Windows\System32\wmp.dll

2014-10-15 09:06:28 F50F1EBD832CA070E1717C2044806ECF 3208704 ----a-w- C:\Windows\System32\mf.dll

2014-10-15 09:06:27 D31FB78F37F075FA9605D7ED9B2070D2 409272 ----a-w- C:\Windows\System32\ci.dll

2014-10-15 09:06:27 9153F819C855EBD72417DAE7C176CF50 442880 ----a-w- C:\Windows\System32\AUDIOKSE.dll

2014-10-15 09:06:27 1858EF9B8A1E334AC1262D664367F451 406016 ----a-w- C:\Windows\System32\drmmgrtn.dll

2014-10-15 09:06:26 FDA08BEB01B0B0E372088DC21CBA73F3 3970488 ----a-w- C:\Windows\System32\ntkrnlpa.exe

2014-10-15 09:06:26 776DBF61BA3E8FA64FFA052559A29174 195584 ----a-w- C:\Windows\System32\AudioSes.dll

2014-10-15 09:06:26 6C939F58628CFE7889CD5EDF3A1D703D 521384 ----a-w- C:\Windows\System32\winload.exe

2014-10-15 09:06:26 18F1BBB37F1BC76332B5C1B5FA5ED310 455752 ----a-w- C:\Windows\System32\winresume.exe

2014-10-15 09:06:25 E365C7B3EBB96451D3C9DF6B6B6900C2 179200 ----a-w- C:\Windows\System32\wintrust.dll

2014-10-15 09:06:25 B18B9BD51C8D86596110B9ABD138B92F 3914680 ----a-w- C:\Windows\System32\ntoskrnl.exe

2014-10-15 09:06:25 754A432C9FA070905CF07E85DAF97D51 275968 ----a-w- C:\Windows\System32\EncDump.dll

2014-10-15 09:06:25 623E143F2DF17C0106A9988F5D7DC878 143872 ----a-w- C:\Windows\System32\cryptsvc.dll

2014-10-15 09:06:24 F8028D69DE63F180623D4444A39BAB3E 489984 ----a-w- C:\Windows\System32\evr.dll

2014-10-15 09:06:24 5C3BA07E215B4F693E7D78D6F4980D98 1329664 ----a-w- C:\Windows\System32\quartz.dll

2014-10-15 09:06:24 454BF1E3B844306E764ADC0EA7B6E64C 1174528 ----a-w- C:\Windows\System32\crypt32.dll

2014-10-15 09:06:23 8C147D67D4E75882DA88206DF098229A 354816 ----a-w- C:\Windows\System32\mfplat.dll

2014-10-15 09:06:23 6BB12A7CA8779D96334B258548B071F5 1005056 ----a-w- C:\Windows\System32\cryptui.dll

2014-10-15 09:06:23 3A55D53687F16D9EF5BF307BBFEFCD9C 157184 ----a-w- C:\Windows\System32\pcasvc.dll

2014-10-15 09:06:22 77F95AE51E834BAFE903912F7EBE825B 374784 ----a-w- C:\Windows\System32\AudioEng.dll

2014-10-15 09:06:22 6B07EE9C7668D2C704563DA838026828 81408 ----a-w- C:\Windows\System32\cryptsp.dll

2014-10-15 09:06:21 9A34927D722AD16841263636A4BF069B 473600 ----a-w- C:\Windows\System32\audiosrv.dll

2014-10-15 09:06:21 534177269B23D1999DD1FCA50A396611 504320 ----a-w- C:\Windows\System32\msscp.dll

2014-10-15 09:06:20 9F2A49EE7FF68670E8ADE541A2CF213B 100864 ----a-w- C:\Windows\System32\audiodg.exe

2014-10-15 09:06:20 60FBCF033FF42A40C916C01A962A8802 50176 ----a-w- C:\Windows\System32\rrinstaller.exe

2014-10-15 09:06:20 4BA17820B97F1CAED69E5BE5F1BC7C96 265216 ----a-w- C:\Windows\System32\msnetobj.dll

2014-10-15 09:06:19 89B6FA43B68A373B304DFB8F6776B255 27648 ----a-w- C:\Windows\System32\appidsvc.dll

2014-10-15 09:06:19 4F1FCBB6A312825B9A84F813E5093AE9 50688 ----a-w- C:\Windows\System32\appidapi.dll

2014-10-15 09:06:19 20257A0BFB824B49055A6EEC29C72C03 103424 ----a-w- C:\Windows\System32\mfps.dll

2014-10-15 09:06:19 11ED8C24997BFA49EAEAB53DC8272C01 96768 ----a-w- C:\Windows\System32\appidpolicyconverter.exe

2014-10-15 09:06:18 D17954CA6343F43B62637F51996B4E95 23040 ----a-w- C:\Windows\System32\mfpmp.exe

2014-10-15 09:06:18 9C7892227B0E32FE25E01DADAACA8FEA 50176 ----a-w- C:\Windows\System32\setbcdlocale.dll

2014-10-15 09:06:14 4FB95EB5D1FB1F02C850D26C35B0DE2B 16896 ----a-w- C:\Windows\System32\appidcertstorecheck.exe

2014-10-15 09:06:12 E637A7187CAFB3EEEED0540CBEF27C8B 8192 ----a-w- C:\Windows\System32\spwmp.dll

2014-10-15 09:06:12 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\System32\msdxm.ocx

2014-10-15 09:06:12 73AC4B12E706CD7D0447976507E50DBE 4096 ----a-w- C:\Windows\System32\dxmasf.dll

2014-10-15 09:06:12 52096F5F476733F2E2725CF346FF373B 2048 ----a-w- C:\Windows\System32\mferror.dll

2014-10-15 09:06:11 A7DD5C1F29877A473265D4B98B3495ED 12625408 ----a-w- C:\Windows\System32\wmploc.DLL

====== C:\Windows\system32\drivers =====

2014-10-15 09:14:11 CD9214A6AE17D188D17C3CF8CB9CC693 184320 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2014-10-15 09:14:10 6C5139E4283249518F7743D7043775B3 31232 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys

2014-10-15 09:06:27 344D1FA0438A967F1A2BAA42C86D6E19 593920 ----a-w- C:\Windows\System32\drivers\PEAuth.sys

2014-10-15 09:06:17 E499E422412EF37576092A52648DB2B4 50176 ----a-w- C:\Windows\System32\drivers\appid.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-10-22 06:37:49 -------- d-----w- C:\Program Files\trend micro

2014-10-06 13:04:13 -------- d-----w- C:\Program Files\Common Files\Skype

2014-09-28 09:16:25 -------- d-----w- C:\Program Files\Microsoft Synchronization Services

2014-09-28 09:16:06 -------- d-----w- C:\Program Files\Microsoft SQL Server Compact Edition

2014-09-28 09:15:03 -------- d-----w- C:\Program Files\Microsoft Visual Studio 8

======= C: =====

====== C:\Users\Veronique\AppData\Roaming ======

====== C:\Users\Veronique ======

2014-10-26 04:06:59 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Veronique\Downloads\RSIT.exe

2014-10-24 22:56:43 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\Veronique\Downloads\adwcleaner_4.001 (1).exe

2014-10-23 11:13:01 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\Veronique\Downloads\adwcleaner_4.001.exe

2014-10-22 06:36:54 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Veronique\Desktop\RSIT.exe

2014-10-07 15:25:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webteh

2014-10-06 13:04:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-09-28 09:17:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint

2014-09-28 09:17:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

====== C: exe-files ==

2014-10-26 04:06:59 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Veronique\Downloads\RSIT.exe

2014-10-24 22:56:43 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\Veronique\Downloads\adwcleaner_4.001 (1).exe

2014-10-23 11:13:01 EB40DC01EF0D0D91F13AABA0FE1FC0CA 1962496 ----a-w- C:\Users\Veronique\Downloads\adwcleaner_4.001.exe

2014-10-22 22:22:28 821E577AB0B119278BD1940FEF224DDA 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateBroker.exe

2014-10-22 22:22:28 4067DC9EA0640485F1CF395427FD5E9B 51080 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateOnDemand.exe

2014-10-22 22:22:27 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateSetup.exe

2014-10-22 22:22:21 26E37D5EAC3F1CF66587183AB348168C 114568 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdateComRegisterShell64.exe

2014-10-22 22:22:21 047556104954A72A2222FFF169166EEE 285064 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler64.exe

2014-10-22 22:22:20 976D5F35A058340DA2C160CEC4063C4B 230792 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleCrashHandler.exe

2014-10-22 22:22:20 51508F0C2476177E50C31B0BBFBF1BDB 107912 ----atw- C:\Program Files\Google\Update\1.3.25.5\GoogleUpdate.exe

2014-10-22 22:22:14 27DC334376EE08A0962E6367E23D3CBA 880272 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.5\GoogleUpdateSetup.exe

2014-10-22 06:37:52 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Veronique.exe

2014-10-22 06:36:54 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Veronique\Desktop\RSIT.exe

=== C: other files ==

2014-10-22 12:38:14 3C5CC7C47A8287EEF7E8EC1F60526A03 836 ----a-w- C:\Users\Public\Desktop\sample_20142210_1438.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3823742094-2410752539-3467050322-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS130SF05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1 "

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto "

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun "

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 - Windows Help /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"

"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"HP Deskjet 3520 series (NET)"="C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe -deviceID CN2AS130SF05SY:NW -scfn HP Deskjet 3520 series (NET) -AutoStart 1 "

"Advanced SystemCare 7"="C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe /Auto "

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"HP Software Update"="C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe"

"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2013-12-02 11:47:50 1940 ----a-w- C:\Users\Veronique\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\G2MUpdateTask-S-1-5-21-3823742094-2410752539-3467050322-1000.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\system32\tasks\ASC7_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe]

"C:\Windows\system32\tasks\ASC7_SkipUac_Veronique" [C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\Driver Booster SkipUAC (Veronique)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe]

"C:\Windows\system32\tasks\G2MUpdateTask-S-1-5-21-3823742094-2410752539-3467050322-1000" [C:\Users\Veronique\AppData\Local\Citrix\GoToMeeting\1831\g2mupdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\HP-Online updateprogramma" [C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe]

"C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"]

"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\system32\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files\AVG\AVG PC TuneUp\OneClick.exe]

"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Chromium Look ======================

Google Docs - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

Advanced SystemCare Surfing Protection - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd

YouTube - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Google Mail Checker - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff

Google Wallet - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

365Scores - Live ScoresSports News Alerts - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmpppefjehmjbiplimkfjeamnohldmko

Gmail - Veronique\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com"

"Start Page Redirect Cache"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

No DefaultScope Set For HKCU

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A07A2460258F9394288272DEE4B38029 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\16f694ba-a18b-4d1c-9a36-b35a367eb893 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0642A70A-F852-4939-8228-27ED4E3B0892} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A07A2460258F9394288272DEE4B38029 deleted successfully

==== HijackThis Entries ======================

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL

O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s

O4 - HKLM\..\Run: [bCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices

O4 - HKCU\..\Run: [HP Deskjet 3520 series (NET)] "C:\Program Files\HP\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN2AS130SF05SY:NW" -scfn "HP Deskjet 3520 series (NET)" -AutoStart 1

O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: Inktwaarschuwingen controleren - HP Deskjet 3520 series (netwerk).lnk = ?

O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe

O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG - C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe

==== Empty IE Cache ======================

C:\Users\Veronique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Veronique\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Veronique\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=205 folders=31 8110328 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Veronique\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\VERONI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Veronique\AppData\Roaming\Malwarebytes" not deleted

==== EOF on zo 26/10/2014 at 13:33:12,05 ======================

Je Java software is verouderd.

Oudere versies hebben lekken die malware de kans geeft om zich te installeren op je systeem.

Ga naar Java en download daar de correcte Java versie.

• Klik op "Gratis Java-download".
  
• Ga akkoord met de licentiebepalingen en klik op de button voor de gratis download.
  
• Het bestand JavaSetup wordt aangeboden - kies hier voor "bestand opslaan".
  
• Sluit alle programma's die eventueel open zijn - zeker je web browser!
  
• Ga dan naar Start > Configuratiescherm > Software en verwijder alle oudere versies van Java uit de Softwarelijst.
  
• Vink alles aan met Java Runtime Environment (JRE of J2SE of JAVA) in de naam.
  
• Klik dan op Verwijderen of op de Wijzig/Verwijder knop.
  
• Herhaal dit tot alle oudere versies verdwenen zijn.
  
• Na het verwijderen van alle oudere versies, herstart je pc.
  
• Klik vervolgens op JavaSetup om de nieuwste versie van Java te installeren.
  
• Vink de installatie van de Ask toolbar uit en ga dan verder met de installatie.
  

En laat je daarna even weten hoe Chrome het nu doet ?

Hallo ik heb nu java geinstalleerd en de oudere versis eerst en vooral verwijderd.

Google chrome werkt nu sneller.

hartelijk dank

MVG Nico

Prima ... vergeet zeker niet om de gebruikte tools nog van je PC te verwijderen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.