Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Trudie on di 24-05-2016 at 14:06:04,17. Microsoft Windows 10 Pro 10.0.10586 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Trudie\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 24-5-2016 14:07:35 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ==== Empty Folders Check ====================== C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~2\Comms deleted successfully C:\PROGRA~2\SoftwareDistribution deleted successfully C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully C:\Users\Trudie\AppData\Local\ActiveSync deleted successfully C:\Users\Trudie\AppData\Local\EmieSiteList deleted successfully C:\Users\Trudie\AppData\Local\EmieUserList deleted successfully C:\Users\Trudie\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\SearchScopes\{672755D9-D131-4383-8443-1D43B0B985BE} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BBB2037F-4F5D-42BF-A063-6F57DB878D04} deleted successfully HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4c553c32-635e-43a5-a7e4-f3b4866a608d} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{7c465cda-bd6e-40a1-8a44-fdf086954181} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{8e8f888b-bad5-4275-9732-76c2a7ea9449} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{a7128574-7aa8-4dec-8257-0dad6a0408a5} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{d54b94ba-7d26-4663-8f7a-eebbeebe3185} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{f3a0f6d2-1d40-4104-8790-c34707334a19} deleted successfully HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{fd4a202d-7609-43f4-ad3e-623b87f00d54} deleted successfully ==== Installed Programs ====================== Adobe Digital Editions 4.5 Adobe Flash Player 21 NPAPI Adobe Reader XI (11.0.16) - Nederlands Adobe Refresh Manager Albelli Fotoboeken AMD Catalyst Control Center AMD Catalyst Install Manager AMD Fuel ASUS GPU Tweak ASUS Product Register Program AVG AVG 2016 AVG PC TuneUp 2015 (nl-NL) AVG Protection AVG Web TuneUp Catalyst Control Center - Branding Catalyst Control Center InstallProxy Catalyst Control Center Localization All Catalyst Control Center Profiles Desktop ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Cool & Quiet D3DX10 DAEMON Tools Lite Definition Update for Microsoft Office 2010 (KB3115129) 32-Bit Edition Dropbox FMW 1 Google Earth Pro Google Update Helper HydraVision Itibiti RTC Junk Mail filter update McAfee Security Scan Plus Microsoft .NET Framework 4.5.2 Microsoft Application Error Reporting Microsoft DVD App Installation for Microsoft.WindowsDVDPlayer_2019.6.13291.0_neutral_~_8wekyb3d8bbwe (x86) Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook Connector Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Standard 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Movie Maker Mozilla Firefox 46.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSVCRT110 PC Speed Up Photo Common Photo Gallery Picasa 3 Realtek High Definition Audio Driver Security Update for Microsoft Excel 2010 (KB3114888) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956063) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3054984) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition Security Update for Microsoft Office 2010 (KB3101520) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition Security Update for Microsoft Word 2010 (KB3115123) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition SpeedFan (remove only) Spotify Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD Unity Web Player Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2999508) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition Update for Microsoft Office 2010 (KB3114750) 32-Bit Edition Update for Microsoft Office 2010 (KB3114989) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition Update for Microsoft OneNote 2010 (KB3114410) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3114756) 32-Bit Edition Update for Microsoft Outlook 2010 (KB3115127) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB3114867) 32-Bit Edition Visual Studio 2012 x86 Redistributables Wajam Winamp Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live MIME IFilter Windows Live Photo Common Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources ==== Running Processes ====================== C:\WINDOWS\system32\lsass.exe C:\Program Files\AVG Web TuneUp\WtuSystemSupport.exe C:\WINDOWS\system32\atiesrxx.exe C:\Windows\System32\WUDFHost.exe C:\WINDOWS\System32\spoolsv.exe C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\System32\ASGT.exe C:\Program Files\AVG\Framework\Common\avgsvcx.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files\Google\Update\1.3.30.3\GoogleCrashHandler.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\WINDOWS\system32\dashost.exe C:\Program Files\AVG\Av\avgwdsvcx.exe C:\WINDOWS\System32\WinLogon.exe C:\WINDOWS\System32\dwm.exe C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\taskhostw.exe C:\Program Files\ASUS\GPU Tweak\GPUTweak.exe C:\Windows\System32\RuntimeBroker.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ASUS\GPU Tweak\Monitor.exe C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancer.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\WINDOWS\system32\SettingSyncHost.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\AVG\Av\avgui.exe C:\Program Files\AVG Web TuneUp\vprot.exe C:\Program Files\AVG\Framework\Common\avguix.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe C:\Users\Trudie\AppData\Roaming\Spotify\SpotifyWebHelper.exe C:\Users\Trudie\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Users\Trudie\AppData\Roaming\Dropbox\bin\Dropbox.exe C:\WINDOWS\System32\fontdrvhost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Program Files\Windows Live\Mail\wlmail.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Users\Trudie\Downloads\zoek.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\conhost.exe C:\WINDOWS\system32\taskeng.exe C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\System32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\System32\svchost.exe -k utcsvc C:\WINDOWS\system32\svchost.exe -k iissvcs C:\WINDOWS\system32\svchost.exe -k appmodel C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k SDRSVC C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.3.1 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\ProgramData\AVG Web TuneUp deleted C:\ProgramData\Avg_Update_0214d deleted C:\Windows\AutoKMS deleted C:\Users\Trudie\AppData\Local\AVG Web TuneUp deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WNetEnhance deleted C:\Users\Trudie\daemonprocess.txt deleted C:\Users\Trudie\.android deleted C:\Program Files\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\Program Files\PC Speed Up deleted C:\Program Files\Itibiti Soft Phone deleted C:\Program Files\Wajam deleted C:\registrybooster.exe deleted C:\StumbleUpon.exe deleted C:\PROGRA~2\Avg_Update_0116av deleted C:\PROGRA~2\Avg_Update_0215tb deleted C:\PROGRA~2\Avg_Update_0414b deleted C:\PROGRA~2\Avg_Update_1015av deleted C:\PROGRA~2\Avg_Update_1215av deleted C:\PROGRA~2\AVG Security Toolbar deleted C:\PROGRA~2\AVG Secure Search deleted C:\PROGRA~2\Package Cache deleted C:\Users\Trudie\AppData\Local\Unity deleted C:\Users\Trudie\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\WINDOWS\System32\Tasks\PC SpeedUp Service Deactivator deleted C:\WINDOWS\Tasks\PC SpeedUp Service Deactivator.job deleted C:\Users\Trudie\AppData\LocalLow\Unity deleted C:\Users\Trudie\AppData\LocalLow\AVG Web TuneUp deleted C:\WINDOWS\tasks\0214dUpdateInfo.job deleted C:\WINDOWS\system32\roboot.exe deleted C:\Users\Trudie\Documents\PCSpeedUp deleted C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\3n6om0ci.default\searchplugins\avg-secure-search.xml deleted C:\Users\Trudie\Desktop\rcpsetup_softonic_sd_new.exe deleted C:\Users\Trudie\Desktop\Oude Firefox-gegevens\pi7xem3f.default\extensions\ffxtlbra@softonic.com\content\softonic.css deleted C:\Users\Trudie\Desktop\Oude Firefox-gegevens\pi7xem3f.default\extensions\ffxtlbra@softonic.com\content\softonic.xul deleted C:\Users\Trudie\Desktop\Oude Firefox-gegevens\pi7xem3f.default\searchplugins\softonic.xml deleted C:\Users\Trudie\Desktop\Schoon uw register gratis op!.lnk deleted "C:\WINDOWS\tasks\AutoKMS.job" deleted "C:\Windows\Installer\5f1a5e4.msi" deleted "C:\Program Files\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files\AVG Web TuneUp\vprot.exe" deleted "C:\Program Files\McAfee Security Scan\3.11.309\SSScheduler.exe" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\40.3.1\avgdttbx.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\ApiHandlr.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\FiddlerCore.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancer.exe" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\Newtonsoft.Json.dll" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\40.3.1\avgdttbx.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\ApiHandlr.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\FiddlerCore.dll" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancer.exe" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\Newtonsoft.Json.dll" deleted "C:\Program Files\AVG Web TuneUp" deleted "C:\Program Files\McAfee Security Scan" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Program Files\WNetEnhance" not deleted "C:\Program Files\AVG Web TuneUp" deleted "C:\Program Files\AVG Web TuneUp" deleted "C:\Program Files\Common Files\AVG Secure Search" deleted "C:\Program Files\WNetEnhance" not deleted "C:\Program Files\McAfee Security Scan\3.11.309" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\40.3.1" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer" not deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller" deleted "C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\40.3.1" deleted "C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer" not deleted ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 1024 MB CPU Info: Intel(R) Pentium(R) D CPU 3.00GHz CPU Speed: 3013,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output (Realtek | Display Adapters: AMD Radeon HD 5450 | AMD Radeon HD 5450 Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1280 X 1024 - 32 bit Network: Network Present Network Adapters: SiS191 Ethernet Controller CD / DVD Drives: 4x (D: | J: | K: | M: | ) D: JLMS XJ-HD166S | J: DTSOFT BDROM | K: DTSOFT BDROM | M: DTSOFT BDROM Ports: COM Ports NOT Present. LPT1 Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 111,3GB | E: 100,0MB | F: 74,4GB Hard Disks - Free: C: 64,4GB | E: 66,6MB | F: 18,2GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/28/08 | 092808 - 20080928 Time Zone: West-Europa (standaardtijd) Motherboard *: ASUSTeK Computer INC. P5SD2-VM Country: Nederland Language: NLD ==== System Specs (Software) ====================== Default Browser: Firefox 46.0.1 Internet Explorer Version: 11.306.10586.0 Mozilla Firefox version: 46.0.1 (x86 nl) Adobe Reader version: 11.0.16.13 Flash Player version: 21.0.0.242 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-05-11 08:43:03 692E62EA6039478321AE5D24A68E1FE2 4074160 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Trudie\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== 2016-05-11 08:43:43 F3E7F79C4B0DD060B1BEFCB71248C527 23552 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll 2016-05-11 08:43:42 FB9F8AF055A5149192F08B5F9F2FA1A0 74752 ----a-w- C:\WINDOWS\System32\MapsCSP.dll 2016-05-11 08:43:42 89F239FF74BBE7CCD2208B2D73B9229E 54784 ----a-w- C:\WINDOWS\System32\moshost.dll 2016-05-11 08:43:42 40591C3BEBAEA638423B10863315D93F 87040 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll 2016-05-11 08:43:42 3A1BD59AF5A0D20438D1E44FCF5EA4E8 349696 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll 2016-05-11 08:43:42 27718D41440FD8900F52082FB5F1A663 612352 ----a-w- C:\WINDOWS\System32\MapsStore.dll 2016-05-11 08:43:42 1159023FAA938BF54C7C033D2BC643BE 59904 ----a-w- C:\WINDOWS\System32\MosStorage.dll 2016-05-11 08:43:41 DFB54165665C7E369A59B273C91B90B0 800768 ----a-w- C:\WINDOWS\System32\JpMapControl.dll 2016-05-11 08:43:41 6BC0E961EA78AFD90348C8E05896A7DC 784896 ----a-w- C:\WINDOWS\System32\NMAA.dll 2016-05-11 08:43:40 CEE730B8A66C01B9ED5A755A1A529AE4 203264 ----a-w- C:\WINDOWS\System32\moshostcore.dll 2016-05-11 08:43:40 0188F4F7264EE585DE518FD02DDD9F79 711680 ----a-w- C:\WINDOWS\System32\MapControlCore.dll 2016-05-11 08:43:39 3AEDE16F62921F443DDE37440C84B6F1 5205504 ----a-w- C:\WINDOWS\System32\BingMaps.dll 2016-05-11 08:43:38 98DA2DE9A1AC739DF3750F7DABECC9CF 6295552 ----a-w- C:\WINDOWS\System32\mos.dll 2016-05-11 08:43:29 468AA89AF32BEE9D6B0ABBDF7C88CF20 5240960 ----a-w- C:\WINDOWS\System32\windows.storage.dll 2016-05-11 08:43:28 9F6F693FD7738B8DA4B420E46E973F35 2919832 ----a-w- C:\WINDOWS\System32\iertutil.dll 2016-05-11 08:43:27 A404EA688829EF2657431CB34D0C72DF 5660160 ----a-w- C:\WINDOWS\System32\Chakra.dll 2016-05-11 08:43:25 FB01CB67364FF3AA677F0CFD8C958E50 5324288 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll 2016-05-11 08:43:22 22120EE8EC8AC405618FEA768071E267 19344384 ----a-w- C:\WINDOWS\System32\mshtml.dll 2016-05-11 08:43:19 E907A68BDF610D4178B678919D1394D1 1541792 ----a-w- C:\WINDOWS\System32\ntdll.dll 2016-05-11 08:43:14 5D9BB3289D25FDEA1B2DD491C9771778 21123320 ----a-w- C:\WINDOWS\System32\shell32.dll 2016-05-11 08:43:11 15F732C297CE4B169D85214A96A16559 792064 ----a-w- C:\WINDOWS\System32\kerberos.dll 2016-05-11 08:43:08 3A5C07D5517087143701DBEB749F0EF1 18676224 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2016-05-11 08:43:04 FA6CCFE5305E3D276F06A104EAA83029 4759040 ----a-w- C:\WINDOWS\System32\d2d1.dll 2016-05-11 08:43:04 52FEDEA32F2BBFCD3AAA83FD39852C1A 2061824 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll 2016-05-11 08:43:02 80785EA474D952CC0CB2CF936E36DDE0 3666432 ----a-w- C:\WINDOWS\System32\jscript9.dll 2016-05-11 08:43:01 928E9904F8801257E11D6AC6C4334AEF 689152 ----a-w- C:\WINDOWS\System32\modernexecserver.dll 2016-05-11 08:43:01 717DDEC1ABA5678EDC9F2AF1044BAA69 2000896 ----a-w- C:\WINDOWS\System32\twinui.appcore.dll 2016-05-11 08:42:59 E880AEDD34280AF3F54EA22D964793B1 576192 ----a-w- C:\WINDOWS\System32\generaltel.dll 2016-05-11 08:42:59 CD1A836088962907B1BF11FEF383EB05 149696 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe 2016-05-11 08:42:59 4E4F39E83D27C682049740BB2A7A6E85 42688 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe 2016-05-11 08:42:58 1FA09B0F5F3CFF17C67E91E0B1B2248C 1232576 ----a-w- C:\WINDOWS\System32\appraiser.dll 2016-05-11 08:42:57 2AF3034E719B15477C419C44B1C93396 5796704 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe 2016-05-11 08:42:54 5A77C7C30E117F60ACCEF43E2EA6841D 12125696 ----a-w- C:\WINDOWS\System32\ieframe.dll 2016-05-11 08:42:53 205ED8336FDBCE37486793AF813A7651 1895936 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2016-05-11 08:42:52 B6506139C8A4CE3BDD3B4EFDF63A87B5 348672 ----a-w- C:\WINDOWS\System32\CredProvDataModel.dll 2016-05-11 08:42:52 9CD20753821A4F28AA797B5C9A24050F 9918976 ----a-w- C:\WINDOWS\System32\twinui.dll 2016-05-11 08:42:50 24B17EEC4BFC9089A6020E0A578DF284 2974720 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2016-05-11 08:42:49 CC0126649EEB0D9751C01B1ADB661416 484864 ----a-w- C:\WINDOWS\System32\wcmsvc.dll 2016-05-11 08:42:49 9F0D85C95118C69D8F3CA136E1CDB6D7 973504 ----a-w- C:\WINDOWS\System32\aeinv.dll 2016-05-11 08:42:49 82E93E910814350889F76D23AE07FA17 1899520 ----a-w- C:\WINDOWS\System32\wuaueng.dll 2016-05-11 08:42:48 D3CA65C8F4C56EF7C8449619F325C46E 1793024 ----a-w- C:\WINDOWS\System32\NetworkMobileSettings.dll 2016-05-11 08:42:46 0561104CC8619EC5A53848F642434235 13018112 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll 2016-05-11 08:42:42 9A84B4D84126BDD0629AF933A40659ED 1733632 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll 2016-05-11 08:42:42 1D04327817511268754ED6F177DAD3E8 754176 ----a-w- C:\WINDOWS\System32\SettingSyncCore.dll 2016-05-11 08:42:41 E84A0D77142F47275CC24F643B880731 1028608 ----a-w- C:\WINDOWS\System32\wifinetworkmanager.dll 2016-05-11 08:42:41 4B71644224F39A390B6DCC482B3D582A 639488 ----a-w- C:\WINDOWS\System32\TokenBroker.dll 2016-05-11 08:42:41 210C06823E0ACFDA0ADAC49D906DD9E0 1561392 ----a-w- C:\WINDOWS\System32\KernelBase.dll 2016-05-11 08:42:41 1F90253211F8E102D814F4DE4D550B85 1626624 ----a-w- C:\WINDOWS\System32\dwmcore.dll 2016-05-11 08:42:40 975632B2EE96B629186D7D242BE1D063 440512 ----a-w- C:\WINDOWS\System32\devinv.dll 2016-05-11 08:42:40 362C9AA8696C74CD38F1416FF866C25C 522176 ----a-w- C:\WINDOWS\System32\dxgi.dll 2016-05-11 08:42:39 4A618D1B1D6D46B2FE635A85A3B10F3E 494592 ----a-w- C:\WINDOWS\System32\winlogon.exe 2016-05-11 08:42:39 2CE163D00A7DA251D77F7B39E267382B 925064 ----a-w- C:\WINDOWS\System32\mfplat.dll 2016-05-11 08:42:38 594B367C2F895C531DFFDFA5E9C928F9 673280 ----a-w- C:\WINDOWS\System32\MPSSVC.dll 2016-05-11 08:42:38 35E635469515D564CE418DDCC7B7BC96 1500160 ----a-w- C:\WINDOWS\System32\urlmon.dll 2016-05-11 08:42:38 32A696B0A48CCCCE5FC8E8E572FD4E90 434688 ----a-w- C:\WINDOWS\System32\LogonController.dll 2016-05-11 08:42:37 E48F0A089D9BAE356BF14FE3A16B1147 489984 ----a-w- C:\WINDOWS\System32\Windows.UI.dll 2016-05-11 08:42:37 04A86C3BD3F62920AEA849665D6FC9D5 248512 ----a-w- C:\WINDOWS\System32\invagent.dll 2016-05-11 08:42:37 03B7C4D05DB7FF060E49FA900FCE627E 451928 ----a-w- C:\WINDOWS\System32\MFCaptureEngine.dll 2016-05-11 08:42:36 B91176A909798C7EAC28AB4FE786CA53 705536 ----a-w- C:\WINDOWS\System32\wuapi.dll 2016-05-11 08:42:36 30E3DC9ED2C6641709AC961CB7CE72BB 647680 ----a-w- C:\WINDOWS\System32\jscript.dll 2016-05-11 08:42:35 E49F71895EF40C0358C671562C023D2B 498176 ----a-w- C:\WINDOWS\System32\ngcsvc.dll 2016-05-11 08:42:35 D408D20295BA135DC1B9B181FADF78DD 255168 ----a-w- C:\WINDOWS\System32\LockAppHost.exe 2016-05-11 08:42:35 4AE45F3077E79A3E3B22996F80DA9E7A 354304 ----a-w- C:\WINDOWS\System32\NetSetupShim.dll 2016-05-11 08:42:35 340B5940A42DF8427ECD9959F9CAD199 1152000 ----a-w- C:\WINDOWS\System32\win32kbase.sys 2016-05-11 08:42:34 588454298D5160155B522C58EFD81DC4 1273720 ----a-w- C:\WINDOWS\System32\user32.dll 2016-05-11 08:42:33 FA9C9F9178138F5F9B795F230030E41B 545432 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll 2016-05-11 08:42:33 4ECC2FAF9F29066636E06253C0D7FA06 503296 ----a-w- C:\WINDOWS\System32\vbscript.dll 2016-05-11 08:42:33 183B50460929CAF623198053911F3E29 229888 ----a-w- C:\WINDOWS\System32\RDXTaskFactory.dll 2016-05-11 08:42:32 DB2E69C20C446A55A1628319CA8A12E7 310112 ----a-w- C:\WINDOWS\System32\wifitask.exe 2016-05-11 08:42:31 4CD092A1C74FD62BDC76BF09BA38C2BA 497664 ----a-w- C:\WINDOWS\System32\StorSvc.dll 2016-05-11 08:42:31 318E2A6EC26C9703A5B273B015672660 388608 ----a-w- C:\WINDOWS\System32\schannel.dll 2016-05-11 08:42:30 CD36155EE56E94B4E8830FA90822511F 503296 ----a-w- C:\WINDOWS\System32\SettingSync.dll 2016-05-11 08:42:30 98B8B22277207D0FDB3A8E0FB8D188E8 704000 ----a-w- C:\WINDOWS\System32\samsrv.dll 2016-05-11 08:42:30 4AECB6D0F5FDE5F3472154E5ED1BD02A 177664 ----a-w- C:\WINDOWS\System32\aepic.dll 2016-05-11 08:42:29 1B26C71109A2EA27DD6684719BF493EC 188256 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll 2016-05-11 08:42:29 1025C4B76E449DA4CF136BDE048F86DA 1396584 ----a-w- C:\WINDOWS\System32\gdi32.dll 2016-05-11 08:42:28 AECBBA423BCC2B835136E46D27D886B9 1075200 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll 2016-05-11 08:42:28 74378628B37D0E6A26E79E9F1AD6DAD9 783872 ----a-w- C:\WINDOWS\System32\RDXService.dll 2016-05-11 08:42:27 89C74675E6DE7888153B1F6644772774 1536088 ----a-w- C:\WINDOWS\System32\crypt32.dll 2016-05-11 08:42:27 66E06142A6CE4B854C210CA54D6A92A0 168448 ----a-w- C:\WINDOWS\System32\wcmcsp.dll 2016-05-11 08:42:26 400912A54723A7579A0009091B3AAA9E 204800 ----a-w- C:\WINDOWS\System32\provengine.dll 2016-05-11 08:42:25 122F8F0FAF690B88FBDE2DB097740AB6 569744 ----a-w- C:\WINDOWS\System32\SHCore.dll 2016-05-11 08:42:24 9CAC58EBAFB3E32711920568810CDCD7 307200 ----a-w- C:\WINDOWS\System32\ieproxy.dll 2016-05-11 08:42:24 2A729C31B2A5D2A9EA1D23AD31580700 199680 ----a-w- C:\WINDOWS\System32\provhandlers.dll 2016-05-11 08:42:23 1587235261E629DFFAA0C39A72CAD1A6 667648 ----a-w- C:\WINDOWS\System32\AzureSettingSyncProvider.dll 2016-05-11 08:42:23 10564E7A7EE807FF580E34A94ACF5590 1522152 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll 2016-05-11 08:42:22 F121F916841F053FB3E0833EB1E04963 389632 ----a-w- C:\WINDOWS\System32\tileobjserver.dll 2016-05-11 08:42:22 5BD2C4DEDDD4FA6D10047C203AC8E8C0 289792 ----a-w- C:\WINDOWS\System32\ActivationManager.dll 2016-05-11 08:42:21 BB52D26B0C472BA382DC6A58EE8037B5 792328 ----a-w- C:\WINDOWS\System32\rpcrt4.dll 2016-05-11 08:42:21 A825405D442EB9A2526468E16296DD58 513368 ----a-w- C:\WINDOWS\System32\d3d10level9.dll 2016-05-11 08:42:21 8E8FBA400CD678AB46D46BB24921A051 342528 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll 2016-05-11 08:42:20 9E6DBA611E99BE75589D6A358F54364F 137728 ----a-w- C:\WINDOWS\System32\shacct.dll 2016-05-11 08:42:19 DD0FA09CBD6EB1F296F2B11FB30FBADA 70144 ----a-w- C:\WINDOWS\System32\MDMAppInstaller.exe 2016-05-11 08:42:19 0DB3E3B7675CA296243902626931C46A 951808 ----a-w- C:\WINDOWS\System32\wwansvc.dll 2016-05-11 08:42:18 C3063049D15E3C93194463E0A7F213A5 192704 ----a-w- C:\WINDOWS\System32\wininit.exe 2016-05-11 08:42:18 59786F93B616FE6237A57119D1E56FC9 81088 ----a-w- C:\WINDOWS\System32\acmigration.dll 2016-05-11 08:42:17 F220A110AA7594A0964C1B51FF4F01B7 365056 ----a-w- C:\WINDOWS\System32\DataSenseHandlers.dll 2016-05-11 08:42:17 30F680D95B0CCABE46C775672C912C0A 306832 ----a-w- C:\WINDOWS\System32\wlanapi.dll 2016-05-11 08:42:17 198351C97D6807F64A2F25A750324A42 57856 ----a-w- C:\WINDOWS\System32\EnterpriseDesktopAppMgmtCSP.dll 2016-05-11 08:42:16 A1A9DDD5C6A335C0B97423A2F75C9299 453472 ----a-w- C:\WINDOWS\System32\directmanipulation.dll 2016-05-11 08:42:16 9F8A026A9643F89B4E451539A7AAC0C9 50176 ----a-w- C:\WINDOWS\System32\MosHostClient.dll 2016-05-11 08:42:16 5AEDC6D333BC8D8B1DE5928FCE2150DB 400896 ----a-w- C:\WINDOWS\System32\OneDriveSettingSyncProvider.dll 2016-05-11 08:42:12 FAD56D0A789345614220D9B770DF400A 465760 ----a-w- C:\WINDOWS\System32\SettingSyncHost.exe 2016-05-11 08:42:12 3C5D8B400B295E084A53B843B6232C95 527360 ----a-w- C:\WINDOWS\System32\PhoneProviders.dll 2016-05-11 08:42:11 BAD8AB4B1032394BF02C8A1CF4B37739 63488 ----a-w- C:\WINDOWS\System32\ngcpopkeysrv.dll 2016-05-11 08:42:10 A81096C7614E48BB406000E28560F954 133120 ----a-w- C:\WINDOWS\System32\SubscriptionMgr.dll 2016-05-11 08:42:10 A5DA4435BC6081272F84659588D9DECB 97792 ----a-w- C:\WINDOWS\System32\CloudDomainJoinDataModelServer.dll 2016-05-11 08:42:10 25B0BAA64D6D62873FAA7719DB64015C 183904 ----a-w- C:\WINDOWS\System32\rsaenh.dll 2016-05-11 08:42:08 CF8296AB4D5F5C67D111D1E865DEDB79 739328 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll 2016-05-11 08:42:05 AB48B90C4DB88D2F31D1A6F460F76D29 241664 ----a-w- C:\WINDOWS\System32\cryptngc.dll 2016-05-11 08:42:05 98DFDD01D5DDD88325E2BD89792895D5 272384 ----a-w- C:\WINDOWS\System32\NgcCtnr.dll 2016-05-11 08:42:04 D7F32F4526844C3ADF4119B9E002AFD1 49504 ----a-w- C:\WINDOWS\System32\dwminit.dll 2016-05-11 08:42:04 30980C6FFD1A8A25507AC5DBA502FFD4 23776 ----a-w- C:\WINDOWS\System32\wuauclt.exe 2016-05-11 08:42:03 E9E7FA1FC796ADC16A1169736EFC7AF3 84480 ----a-w- C:\WINDOWS\System32\VEDataLayerHelpers.dll 2016-05-11 08:42:02 C523201E8C11F6A4F6C6A23B64F0A38D 73216 ----a-w- C:\WINDOWS\System32\wpdbusenum.dll 2016-05-11 08:42:01 96101F3B90BDE894A862CDF1B808A03F 84832 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll 2016-05-11 08:42:01 53BF04808BD667A4F74D1907A5E1CA85 227328 ----a-w- C:\WINDOWS\System32\ListSvc.dll 2016-05-11 08:42:00 0D19695F93813C63B4656E42536892FA 47104 ----a-w- C:\WINDOWS\System32\hmkd.dll 2016-05-11 08:41:59 DA97C8A8C517210E4ACA90E45C836E80 80896 ----a-w- C:\WINDOWS\System32\BluetoothApis.dll 2016-05-11 08:41:59 AA7CBB3B7A7BFC41E9EC4EF645797DFA 502104 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll 2016-05-11 08:41:59 98DA8D97E83C73E7AD7A142A801E1898 2193408 ----a-w- C:\WINDOWS\System32\actxprxy.dll 2016-05-11 08:41:59 7D02D4745EAD4FC38543C812325D4815 487936 ----a-w- C:\WINDOWS\System32\ngccredprov.dll 2016-05-11 08:41:59 72DF09EB58F3D7675A1EB740A858BB92 221184 ----a-w- C:\WINDOWS\System32\NgcCtnrSvc.dll 2016-05-11 08:41:58 359765C7C700F7CED909A69C5DBBD943 140800 ----a-w- C:\WINDOWS\System32\BrowserSettingSync.dll 2016-05-11 08:41:58 3166A46AA132AACD035C7163108F2DA1 103936 ----a-w- C:\WINDOWS\System32\updatepolicy.dll 2016-05-11 08:41:57 89C06DA6E3B3C06F69E2CAFB3431CAF5 31232 ----a-w- C:\WINDOWS\System32\ByteCodeGenerator.exe 2016-05-11 08:41:56 F5814ED9E8B83F872FBDCB139B001C8A 23552 ----a-w- C:\WINDOWS\System32\wups.dll 2016-05-11 08:41:53 63F463A716A4273B32A5A0ED9D0D5F8E 118784 ----a-w- C:\WINDOWS\System32\VEStoreEventHandlers.dll 2016-05-11 08:41:53 486919689633D1C0DADA718DF1A3E7FB 219648 ----a-w- C:\WINDOWS\System32\VEEventDispatcher.dll 2016-05-11 08:41:52 8450005F7BA8662A64E3FB7B0C3EE836 51712 ----a-w- C:\WINDOWS\System32\wshbth.dll 2016-05-11 08:41:51 C0457DBE259A80A27CE19C8A8CEDFFF0 103424 ----a-w- C:\WINDOWS\System32\wificonnapi.dll 2016-05-11 08:41:50 E61EC272F739E5618932823024311269 66560 ----a-w- C:\WINDOWS\System32\NFCProvisioningPlugin.dll 2016-05-11 08:41:49 7EC1752CE8E2975650F284FBD5143C76 334336 ----a-w- C:\WINDOWS\System32\bcastdvr.exe 2016-05-11 08:41:49 10FA8A41B22155CD8E101952ACD5B6B0 70656 ----a-w- C:\WINDOWS\System32\AppCapture.dll 2016-05-11 08:41:49 0D73C7FFC8A36990271097E30566D939 142336 ----a-w- C:\WINDOWS\System32\NetSetupSvc.dll 2016-05-11 08:41:46 9B034D049D1C6EC9BED55D2F27D86ED9 2186 ----a-w- C:\WINDOWS\System32\AppxProvisioning.xml ====== C:\WINDOWS\system32\drivers ===== 2016-05-11 08:42:43 EC1E8529AB2BDF3A5EF19103552930E6 1714520 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys 2016-05-11 08:42:35 5FBC00DE32C1D9D95887DBBC0B223078 484704 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys 2016-05-11 08:42:33 76E954267C5F2308BBECA6B3A3E604DC 430432 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS 2016-05-11 08:42:22 62EA3346B54204B2C2F61E1241A1FAE5 77664 ----a-w- C:\WINDOWS\System32\drivers\sdport.sys 2016-05-11 08:42:19 F80AC13F7CC60DBCAEE0EE9D4764FD62 259424 ----a-w- C:\WINDOWS\System32\drivers\pci.sys 2016-05-11 08:42:18 47349433740550AE4A383DEDA2534113 336224 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys 2016-05-11 08:42:05 76BD7CFECEB5C6217AA75D935EDB9BCB 104800 ----a-w- C:\WINDOWS\System32\drivers\ufxsynopsys.sys 2016-05-11 08:42:05 516EEA8ED37DC8C59358CA3B6DDF8AB8 550240 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys 2016-05-11 08:42:04 B00C56D908E5FD0F0013F839F6A2CAC0 278368 ----a-w- C:\WINDOWS\System32\drivers\fastfat.sys 2016-05-11 08:42:03 B44E2C9B9C06B1DA0BAB833CBE191428 48640 ----a-w- C:\WINDOWS\System32\drivers\usbser.sys 2016-05-11 08:42:03 5B7AEDE05625BCBCC07B14DCF8A51362 83808 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys 2016-05-11 08:42:01 DB0BDC8351BD39462E50F1E65619C379 114688 ----a-w- C:\WINDOWS\System32\drivers\hidclass.sys 2016-05-11 08:42:01 28972E6FEBC61ACFD4A83400D9A6058D 46080 ----a-w- C:\WINDOWS\System32\drivers\UcmCx.sys 2016-05-11 08:42:00 D1DC9881C02C437CC174E59C8B9FFABC 76288 ----a-w- C:\WINDOWS\System32\drivers\filecrypt.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-05-22 20:32:32 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\Trudie\AppData\Roaming ====== 2016-05-14 13:25:48 -------- d-----w- C:\Users\Trudie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-05-11 08:13:18 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\ATI 2016-05-11 08:13:17 -------- d-s---r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Roaming 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Temp 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft Help 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local\Microsoft 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\AppData\Local 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility ====== C:\Users\Trudie ====== 2016-05-22 20:31:25 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Trudie\Downloads\RSIT.exe 2016-05-22 20:31:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Trudie\Downloads\RSITx64.exe 2016-05-11 08:13:21 6FC234AD3752E1267B34FB12BCD6718B 20 --sha-w- C:\Users\DefaultAppPool\ntuser.ini 2016-05-11 08:13:17 -------- d--h--w- C:\Users\DefaultAppPool\AppData 2016-05-11 08:13:17 -------- d-----w- C:\Users\DefaultAppPool\Saved Games 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Videos 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Pictures 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Music 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Links 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Favorites 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Downloads 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Documents 2016-05-11 08:13:17 -------- d-----r- C:\Users\DefaultAppPool\Desktop ====== C: exe-files == 2016-05-24 09:20:53 58E08D1BFE49158D1D87980687F6A7AB 120000 ----a-w- C:\Users\Trudie\AppData\Local\Temp\ECCB70A2-884B-4C8E-A243-431AEB3CA754\DismHost.exe 2016-05-23 11:38:27 AEE84FC992F97B1D640BA5EAF9CF307C 78608 ----a-w- C:\ProgramData\AVG\Setup\av\avguirux.exe 2016-05-23 11:38:27 07DF9EE199DCB9988E5BA2457D192BA9 6059744 ----a-w- C:\ProgramData\AVG\Setup\av\avgmfapx.exe 2016-05-23 06:56:07 58E08D1BFE49158D1D87980687F6A7AB 120000 ----a-w- C:\Users\Trudie\AppData\Local\Temp\DBA202C6-8AD1-4558-8AC6-918D0E171E95\DismHost.exe 2016-05-22 20:32:33 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Trudie.exe 2016-05-22 20:31:25 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Trudie\Downloads\RSIT.exe 2016-05-22 20:31:15 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Trudie\Downloads\RSITx64.exe 2016-05-19 08:53:44 5023E796508FE197AF6AC7C0EA4424F0 4016608 ----a-w- C:\Program Files\AVG\Av\avgidsagent.exe 2016-05-19 08:50:44 D0747DE1C517EFC1C657C8EF3881C5E4 3649808 ----a-w- C:\Program Files\AVG\Av\avgdiagex.exe 2016-05-19 08:48:20 ED23CF77E8D4A9026D5AAF11C8615687 267536 ----a-w- C:\Program Files\AVG\Av\avgcmgr.exe 2016-05-19 08:48:08 D88A92DDB220DD8F95DF4300B0235F19 594904 ----a-w- C:\Program Files\AVG\Av\avgwdsvcx.exe 2016-05-19 08:46:40 4E0B1A1AE75AFFA2DDE0517BF240E52C 1336080 ----a-w- C:\Program Files\AVG\Av\avgnsx.exe 2016-05-19 08:46:24 268839BC70BD6616E67C7683E12C8D11 3930896 ----a-w- C:\Program Files\AVG\Av\avgui.exe 2016-05-19 08:46:22 00DA05E78CB4DCFEE8F88E7562C52662 1012496 ----a-w- C:\Program Files\AVG\Av\avgrsx.exe 2016-05-19 08:46:14 5FD423B2C930DB7BE9293F1C84D285B5 408848 ----a-w- C:\Program Files\AVG\Av\avgcfgex.exe 2016-05-19 08:46:10 0DF1C97E29B8AEC4D736EE7CEDD3F629 638968 ----a-w- C:\Program Files\AVG\Av\avgamps.exe 2016-05-19 08:45:40 93F6833E8FBF9E85B89807ACD97E17C6 868624 ----a-w- C:\Program Files\AVG\Av\avgcsrvx.exe 2016-05-19 08:45:34 7C714CA5B945C8059922BAF81222A4E9 716984 ----a-w- C:\Program Files\AVG\Av\avgdumpx.exe 2016-05-19 08:44:02 0A955094B5206D2FADF77B6C14C11431 4228880 ----a-w- C:\Program Files\AVG\Av\upgrade.exe 2016-05-19 08:43:28 521CF2932D8EFE2992815DF4518D711C 363280 ----a-w- C:\Program Files\AVG\Av\fixcfg.exe 2016-05-19 08:41:20 38CAFFA6617C7F30508764E4FE324CDD 795920 ----a-w- C:\Program Files\AVG\Av\avgemcx.exe 2016-05-19 08:41:06 47D83A575BCBBF796800F700688CAE02 501144 ----a-w- C:\Program Files\AVG\Av\avgwsc.exe 2016-05-19 08:39:04 EA60DD4C208C5FD64D3C5C53E196B6DB 385808 ----a-w- C:\Program Files\AVG\Av\avgcomdlgx.exe 2016-05-19 08:38:34 1B449DA4DDC2A554BC150FEB8AB73405 688912 ----a-w- C:\Program Files\AVG\Av\avgntdumpx.exe 2016-05-19 08:37:02 414E0F70EF41E562C711571F0FC9D3DA 435472 ----a-w- C:\Program Files\AVG\Av\avgscanx.exe 2016-05-19 08:33:54 4D71897F646A09B5491F3194736ED2D9 32528 ----a-w- C:\Program Files\AVG\Av\avuirunnerx.exe === C: other files == 2016-05-24 08:40:57 907B8D995783B390C551F5FC9F7524E6 2043369 ----a-w- C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052\features\{1bbc0f74-6c1a-492f-b84d-803cf457ca76}\loop@mozilla.org.xpi 2016-05-24 08:40:57 2AC8B15290B31440AC21AD87420A73C9 6303 ----a-w- C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052\features\{1bbc0f74-6c1a-492f-b84d-803cf457ca76}\e10srollout@mozilla.org.xpi 2016-05-24 08:40:57 125338DF748FBDDE546EB2C164D2FAC8 686304 ----a-w- C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052\features\{1bbc0f74-6c1a-492f-b84d-803cf457ca76}\firefox@getpocket.com.xpi 2016-05-19 08:59:44 102D0A89D94B401BEE58B7D71A1C93D3 1021345 ----a-w- C:\Program Files\AVG\Av\banners\banners.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1611606548-1961392344-1994652897-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Spotify Web Helper"="C:\Users\Trudie\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Itibiti.exe"="C:\Program Files\Itibiti Soft Phone\Itibiti.exe" "Dropbox Update"="C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "OneDrive"="C:\Users\Trudie\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Trudie\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "AVG_UI"="C:\Program Files\AVG\Av\avuirunnerx.exe C:\Program Files\AVG\Av\avgui.exe" "AvgUi"="C:\Program Files\AVG\Framework\Common\avguirnx.exe /lps=fmw" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HydraVisionDesktopManager"="C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" "Spotify Web Helper"="C:\Users\Trudie\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Itibiti.exe"="C:\Program Files\Itibiti Soft Phone\Itibiti.exe" "Dropbox Update"="C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "OneDrive"="C:\Users\Trudie\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Spotify"="C:\Users\Trudie\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13-05-2016 12:42] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1611606548-1961392344-1994652897-1001Core.job --a-------- C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21-06-2015 15:41] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-1611606548-1961392344-1994652897-1001UA.job --a-------- C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21-06-2015 15:41] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [07-04-2016 09:57] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [07-04-2016 09:57] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-1611606548-1961392344-1994652897-1001Core" [C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\system32\tasks\DropboxUpdateTaskUserS-1-5-21-1611606548-1961392344-1994652897-1001UA" [C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{29065E28-9563-4749-B6E9-A18DE0F2206E}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{74DEF917-0BF3-40D9-815B-BB71614AE81E}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\system32\tasks\ASUS\ASUS Product Register Service" [C:\Program Files\ASUS\APRP\aprp.exe] "C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\3n6om0ci.default - AVG Web TuneUp - %ProfilePath%\extensions\avg@toolbar.xpi ProfilePath: C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052 - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052 D7DBAEE9D0A08EA2D0FEC28BD8D1F6FA - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 2690AC6D6740E6F24E31218207631FD8 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat C426F7E678D6E539041847556059D5E8 - C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll - Google Update F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 1B743D5B6FD001660FAB17DD7C347A38 - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll - Silverlight Plug-In 8C98D3D162E200A8F2620E1709F19EF0 - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 258693279212838A6A879A69A17BE215 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_242.dll - Shockwave Flash 4F3F6B17B4A5BDB68B3CB0367A2C214E - c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrlui.dll - Microsoft® Silverlight ==== Deleted Firefox Extensions ====================== C:\Users\Trudie\AppData\Roaming\Mozilla\Firefox\Profiles\3n6om0ci.default\extensions\avg@toolbar.xpi deleted ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://mysearch.avg.com/?cid={588BA2FB-D784-44FD-85AB-1F1807A3C3A9}&mid=c1cfdc92ce2547d28466d16a1229f9c4-732bf85b3f4ccc90d1949bfeefa4f89dbba8cc25&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0516tb&pr=fr&d=2014-12-10 08:24:31&v=4.2.9.726&pid=wtu&sg=&sap=hp" "Search Bar"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com/ie" "SearchAssistant"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{17CC00CE-AC5A-40E1-81E3-35CF36207C70} - http://www.alexa.com/search?q={searchTerms} HKCU\SearchScopes\{2A696BCE-44CF-45a4-B905-59CDFA08531A} - http://del.icio.us/search/?fr=del_icio_us&p={searchTerms}&type=all HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.nl/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nlNL334 ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:51298;https=127.0.0.1:51298" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WNetEnhance deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully ==== HijackThis Entries ====================== O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\Av\avuirunnerx.exe" C:\Program Files\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe" MSRun O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe" O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Trudie\AppData\Roaming\Spotify\SpotifyWebHelper.exe" O4 - HKCU\..\Run: [Itibiti.exe] C:\Program Files\Itibiti Soft Phone\Itibiti.exe O4 - HKCU\..\Run: [Dropbox Update] "C:\Users\Trudie\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [OneDrive] "C:\Users\Trudie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background O4 - HKCU\..\Run: [Spotify] "C:\Users\Trudie\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Startup: Dropbox.lnk = Trudie\AppData\Roaming\Dropbox\bin\Dropbox.exe O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - (no file) O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\system32\atiesrxx.exe O23 - Service: ASGT - Unknown owner - C:\Windows\System32\ASGT.exe O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgamps.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgidsagent.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Framework\Common\avgsvcx.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\Av\avgwdsvcx.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: WNetEnhance Service - Unknown owner - C:\Program Files\WNetEnhance\WNetEnhance Internet Enhancer\InternetEnhancerService.exe (file missing) ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\DefaultAppPool\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\IE\23Q5VNKG will be deleted at reboot C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\IE\VG4KGB0T will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Trudie\AppData\Local\Mozilla\Firefox\Profiles\j068g9q8.default-1428072989052\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1743 folders=213 1208042440 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Trudie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\WNetEnhance" not found "C:\Program Files\WNetEnhance" not found "C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\IE\23Q5VNKG" not found "C:\Users\Trudie\AppData\Local\Microsoft\Windows\INetCache\IE\VG4KGB0T" not found ==== EOF on di 24-05-2016 at 14:47:54,61 ======================