witte raaf

Na het geforceerd sluiten van Google Chrome met CCleaner heb ik via mijn schoonbroer de raad gekregen [ATTACH]33245[/ATTACH] dit document eens goed door te nemen. Sindsdien geen meldingen meer van het politievirus. Uit veiligheid met PC Helpforum contact genomen om eventuele sporen van het virus op te sporen vooraleer ik bankzaken zou uitvoeren. Zijn er nog sporen? pdf-eCops_ransomware_NL.pdf

lang bezig Kape [ATTACH]33244[/ATTACH] zoek-results.txt

Had Malwarebytes Anti-Malware deze morgen al geïnstalleerd en laten draaien. Ik stuur je dan ook 2 bijlages. De laatste heb ik om 17.30 uitgevoerd. Sorry voor de last Kape en alvast bedankt. [ATTACH]33241[/ATTACH] [ATTACH]33240[/ATTACH] malwarebytes 1.txt malwarebytes 2.txt

Had ik ook al gedacht maar ik heb mijn Norton begin deze maand geinstalleerd want aangezien mijn vorige Norton al op 3 verschillende PC is geïnstalleerd diende ik een nieuwe versie te kopen... Heb heel mijn instellingen van Norton nagekeken en alles is toch normaal. Ik zit wel heel veel te surfen op wetenschappelijke sites over radiologie (positionering, CT, MRI...) heeft dat er iets mee te maken? Je zou toch verwachten van niet.

Gisteren in aanraking gekomen met een "Federal Computer Crime Unit" virus. Ik werk al van in het begin jater 90 met de PC maar nog nooit zoveel last gehad met virussen en spyware als nu. Het internet was volledig geblokkeerd en kon niet afgesloten worden. Ook heropstarten bracht geen oplossing. Een diepe scan met mijn Norton werkte niet... Enkel met CCleaner heb ik Google Chrome geforceerd kunnen afsluiten. Een uitgebreide scan met mijn Norton bracht geen problemen aan het licht. Ook de Norton Power Eraser liet niets zien. Het adres heb ik onmiddellijk genoteerd; misschien zijn jullie er iets mee: vnfe.atlantacustomgates.com In bijlage een scan met zowel rsitx64.exe als zoek.exe (diepe scan). Kunnen julie even checken of er geen sporen zijn achtergebleven van dat virus? Met dank, [ATTACH]33231[/ATTACH] [ATTACH]33232[/ATTACH] log.txt zoek-results.txt

Bedankt Kape, 't Ziet er allemaal goed uit. Ben nog geen storende reclame tegengekomen. [ATTACH]33167[/ATTACH] AdwCleaner[S0].txt

Wel, wel, wel deze zoek-results.txt ging snel... of heb ik weer iets fout gedaan? [ATTACH]33163[/ATTACH] Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by maes on do 19/06/2014 at 17:40:22,05. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maes\Desktop\Beveiliging PC\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-18-154546.log 42126 bytes C:\zoek-results2014-06-19-051250.log 32456 bytes ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\The weDownload Manager not found C:\ProgramData\AVG SafeGuard toolbar not found C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1 deleted C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2 deleted C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4 deleted C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5 deleted C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6 deleted "C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job" deleted "C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job" deleted "C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job" deleted "C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job" deleted "C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job" deleted ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=214 folders=62 21906009 bytes) ==== EOF on do 19/06/2014 at 17:41:12,81 ====================== zoek-results.txt

Sorry Kape, als je een dagje ouder wordt... hopelijk is het nu juist. [ATTACH]33136[/ATTACH] Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by maes on do 19/06/2014 at 7:01:36,23. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maes\Desktop\Beveiliging PC\zoek.exe [scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2014-06-18-154546.log 42126 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Symantec deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\maes\AppData\Roaming\cloudbkp deleted successfully C:\Users\maes\AppData\Roaming\Lavasoft deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-05-26 17:18:28 981B512C2187202216056E911CE6E37A 25 ----a-w- C:\Windows\CDE SX400DEFGIPS.ini ====== C:\Users\maes\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-11 14:56:46 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-11 14:56:44 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-06-11 14:56:44 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-06-11 14:56:44 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 14:56:44 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 14:56:43 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-06-11 14:56:43 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 14:56:43 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 14:56:43 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 14:56:43 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 14:56:43 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-06-11 14:56:43 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 14:56:42 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 14:56:42 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-06-11 14:56:42 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-06-11 14:56:42 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 14:56:42 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-06-11 14:56:42 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-06-11 14:56:42 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-06-11 14:56:42 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 14:56:41 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 14:56:41 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-06-11 14:56:41 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 14:56:41 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 14:56:40 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-06-11 14:56:40 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-06-11 14:56:40 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 14:56:40 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-11 14:56:46 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-11 14:56:44 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-06-11 14:56:44 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-06-11 14:56:44 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-06-11 14:56:44 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-06-11 14:56:44 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-06-11 14:56:44 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-06-11 14:56:43 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-06-11 14:56:42 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-06-11 14:56:42 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-06-11 14:56:42 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-06-11 14:56:42 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-06-11 14:56:42 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-06-11 14:56:42 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-06-11 14:56:41 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-06-11 14:56:41 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-06-11 14:56:41 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-06-11 14:56:41 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-06-11 14:56:40 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-06-11 14:56:40 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-06-11 14:56:40 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-06-11 14:56:40 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-06-11 14:56:40 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-06-11 14:56:40 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-06-11 14:56:39 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-06-11 14:56:39 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-06-11 14:56:39 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-06-11 14:56:39 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-06-11 14:56:39 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-06-11 14:56:39 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-06-11 14:56:39 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-06-11 14:56:39 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-06-11 14:56:38 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-06-11 14:56:38 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-06-11 14:56:26 84A13AB118F433898B5ABA36E8D7CA91 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-06-11 14:56:26 2C053C9B2A8249F1F9B38ED1AE455771 506368 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2014-06-11 14:56:44 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 14:56:44 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-05-29 18:36:12 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-05-29 18:36:03 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-05-29 18:36:03 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-05-27 04:57:31 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-05-27 04:57:31 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-05-27 04:57:30 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-05-27 04:54:19 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-27 04:54:19 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-05-27 04:53:44 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-05-27 04:53:44 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-05-27 04:53:44 7A4BF0F3F2C8D78FA0FC2C3BB9ED360A 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-05-27 04:53:36 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-05-26 16:28:24 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys 2014-05-26 16:28:24 3071D77E134BF12120058431F6473AFA 7488 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2014-05-26 16:28:24 28771B716418BC13E4A84864EFC1B11A 855 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-05-26 16:28:24 21A1C2D694C3CF962D31F5E873AB3D6F 174200 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-05-26 15:05:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-05-26 15:02:57 2F8CB02987EC953272DF20D2DCB77796 61120 ----a-w- C:\Windows\Sysnative\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw64.sys 2014-05-26 07:07:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2014-05-31 18:42:42 D98BA1208E9D05EF7C3AB54B363025F5 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-05-31 18:42:42 B1D33DA73BC68A521AB33B8C23DCC07F 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-05-31 18:42:42 4F62549C223AA166F993310C323437D0 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-31 18:42:42 28A094FE4BDF1EF1286F01B67D420A73 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-26 07:07:12 A6096AC9C478D6FAC6853DF70B698846 4576 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5 2014-05-26 07:07:12 38B81411F044D9A53D0082FF68D7CFFA 1546 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job 2014-05-26 07:07:10 28A8C14B863DCCE096B010E0F74D9254 4482 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2 2014-05-26 07:07:10 18B951519A047478F0C002FEED69957B 1452 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job 2014-05-26 07:07:09 956685D4ABD00A1E6B88C555D94951D9 1480 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job 2014-05-26 07:07:09 42A2C192A0A521836B4DAE3774E6BC3E 4510 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1 2014-05-26 07:07:07 F768AFDA5C72D5FFC6D5707C9AC2D827 5388 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4 2014-05-26 07:07:07 57FDE8FCCF9E97AD4772F01BEE89F277 2358 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job 2014-05-26 07:07:05 6C01791A939CFCC11B468581BD204EE5 1486 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job 2014-05-26 07:07:05 384DAB1EDAABE1C1BD04E6EE40F33792 4516 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-17 17:15:29 -------- d-----w- C:\Program Files\trend micro 2014-06-02 18:17:09 -------- d-----w- C:\Program Files\Lavasoft 2014-05-27 04:56:41 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-05-26 19:14:31 -------- d-----w- C:\Program Files\Microsoft Office 2014-05-26 07:09:20 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2014-06-09 13:44:11 -------- d-----w- C:\PROGRA~2\SpywareBlaster 2014-06-03 20:45:49 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-05-31 18:51:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-31 18:51:44 -------- d-----w- C:\PROGRA~2\Java 2014-05-31 18:36:01 -------- d-----w- C:\PROGRA~2\VS Revo Group 2014-05-28 12:20:20 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\Adobe 2014-05-27 04:56:41 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-05-26 19:16:40 -------- d-----w- C:\PROGRA~2\Microsoft Works 2014-05-26 19:13:59 -------- d-----w- C:\PROGRA~2\Microsoft Office 2014-05-26 17:24:42 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2014-05-26 17:23:54 -------- d-----w- C:\PROGRA~2\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:49 -------- d-----w- C:\PROGRA~2\epson 2014-05-26 07:09:12 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-05-26 07:08:07 -------- d-----w- C:\PROGRA~2\OpenOffice 4 2014-05-26 07:04:55 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== ====== C:\Users\maes\AppData\Roaming ====== 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-17 20:19:52 -------- d-----w- C:\Users\maes\AppData\Local\Temp 2014-06-16 16:13:00 -------- d-----w- C:\Users\maes\AppData\Local\Diagnostics 2014-06-08 10:55:19 -------- d-----w- C:\Users\maes\AppData\Local\CrashRpt 2014-06-08 05:24:40 -------- d-----w- C:\Users\maes\AppData\Local\Programs 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Roaming\Mozilla 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Local\Mozilla 2014-06-02 18:45:10 -------- d-----w- C:\Users\maes\AppData\Roaming\LavasoftStatistics 2014-06-02 16:23:54 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-05-31 18:51:16 -------- d-----w- C:\Users\maes\AppData\Locallow\Sun 2014-05-31 18:36:01 -------- d-----w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-05-31 18:11:46 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieSiteList 2014-05-31 18:11:40 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieSiteList 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Locallow\Adobe 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Local\Adobe 2014-05-27 21:43:03 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-05-27 16:04:34 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-26 19:24:39 -------- dc----w- C:\Users\maes\AppData\Local\MigWiz 2014-05-26 19:14:00 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft Help 2014-05-26 17:37:49 -------- d-----w- C:\Users\maes\AppData\Local\CrashDumps 2014-05-26 17:22:04 -------- d-----w- C:\Users\maes\AppData\Roaming\InstallShield 2014-05-26 16:37:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Tific 2014-05-26 16:12:11 -------- d-----w- C:\Users\maes\AppData\Local\Spotify 2014-05-26 16:11:59 -------- d-----w- C:\Users\maes\AppData\Roaming\Spotify 2014-05-26 16:05:20 -------- d-----w- C:\Users\maes\AppData\Roaming\Google 2014-05-26 16:04:05 -------- d-----w- C:\Users\maes\AppData\Local\NPE 2014-05-26 07:33:09 8617031F4C7FC784057B2AD6C1BE62BC 574592 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-05-26 07:08:46 -------- d-----w- C:\Users\maes\AppData\Roaming\OpenOffice 2014-05-26 07:07:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-05-26 07:07:30 -------- d-----w- C:\Users\maes\AppData\Roaming\QuickScan 2014-05-26 07:04:53 -------- d-----w- C:\Users\maes\AppData\Local\Google 2014-05-26 07:04:49 -------- d-----w- C:\Users\maes\AppData\Local\Apps 2014-05-26 07:04:48 -------- d-----w- C:\Users\maes\AppData\Local\Deployment 2014-05-26 07:03:49 -------- d-----w- C:\Users\maes\AppData\Locallow\Microsoft 2014-05-26 07:03:37 23342E3E612DD3CE9F1BD5C44130C5D4 74336 ----a-w- C:\Users\maes\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-26 07:03:37 -------- d-----w- C:\Users\maes\AppData\Roaming\Intel Corporation 2014-05-26 07:02:34 -------- d-----w- C:\Users\maes\AppData\Roaming\Adobe 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-26 07:02:28 -------- d-----w- C:\Users\maes\AppData\Roaming\Identities 2014-05-26 07:02:27 -------- d-----w- C:\Users\maes\AppData\Local\VirtualStore 2014-05-26 07:02:14 -------- d-s---w- C:\Users\maes\AppData\Roaming\Microsoft 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Roaming\Media Center Programs 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\maes ====== 2014-06-16 21:02:04 -------- d--h--w- C:\ProgramData\Common Files 2014-06-15 14:04:28 -------- d-----w- C:\ProgramData\CDB 2014-06-09 13:44:12 -------- d---a-w- C:\ProgramData\TEMP 2014-06-09 13:44:12 -------- d-----w- C:\ProgramData\Licenses 2014-06-09 13:44:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-06-09 13:43:06 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\maes\Downloads\spywareblastersetup50.exe 2014-06-08 05:24:23 777D36B3525273BFC2EAF4ED33D0D7CC 4996872 ----a-w- C:\Users\maes\Downloads\rcpafterdownloadcm_ad_18793_cm2.exe 2014-06-03 20:45:49 -------- d-----w- C:\ProgramData\Mozilla 2014-06-02 18:13:21 -------- d-----w- C:\ProgramData\Lavasoft 2014-05-31 18:51:50 -------- d-----w- C:\ProgramData\Sun 2014-05-31 18:51:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-31 18:43:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-31 06:38:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-27 21:46:26 -------- d-----w- C:\ProgramData\Adobe 2014-05-27 04:57:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-05-26 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-26 19:13:59 -------- d-----w- C:\ProgramData\Microsoft Help 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\UDL 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite 2014-05-26 17:24:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:57 -------- d-----w- C:\ProgramData\EPSON 2014-05-26 17:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-26 16:05:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-05-26 07:09:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-05-26 07:08:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\Searches 2014-05-26 07:02:27 -------- d-----r- C:\Users\maes\Contacts 2014-05-26 07:02:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\maes\ntuser.ini 2014-05-26 07:02:14 -------- d--h--w- C:\Users\maes\AppData 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Videos 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Saved Games 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Pictures 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Music 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Links 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Favorites 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Downloads 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Documents 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Desktop 2014-05-26 07:02:11 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Contacts ====== C: exe-files == 2014-06-17 20:38:47 7F79C8EDFD4F454E54C7954756E1A31A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I596US2.exe 2014-06-17 20:38:27 3B9C7F8BC60DA6663ADC206B3127021A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$IHL6B2S.exe 2014-06-17 20:38:15 FA39179C81171F785619E9BB64B0E386 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I8B7TJB.exe 2014-06-17 17:15:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maes.exe 2014-06-17 17:14:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\maes\Desktop\Beveiliging PC\RSITx64.exe 2014-06-16 20:41:28 47811D50390A86A17102D7496E6EABB9 388608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$RHL6B2S.exe 2014-06-15 14:03:42 E816A7B714E3F1CD46FCD75BF4B13D03 817568 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$R596US2.exe 2014-06-14 17:48:38 DF61864BA778845C6E725F7BF1EAEB0E 2675280 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe === C: other files == 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "TdmNotify"="C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" ==== Startup Folders ====================== 2014-05-26 19:29:01 1312 ----a-w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job --a------ [undetermined Task] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job --a------ C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 23:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\WSCEAA" [C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Analyzer 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Processor 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2" [19/06/2014 06:59] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\maes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\maes\AppData\Local\Mozilla\Firefox\Profiles\8n0mok8p.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\maes\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=204 folders=62 21872825 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\maes\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\maes\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 19/06/2014 at 7:12:50,13 ====================== zoek-results.txt

[ATTACH]33127[/ATTACH] log als bijlage. Ik wist niet wat je bedoelde zoek-result 18.06.2014s.txt

Dit is een nieuw logje met zoek.exe. Kon niet vroeger want moest werken tot 17.00 uur in Brussel. Sorry Kane ik had je niet goed begrepen. Ik dacht dat het logje van gisteren met zoek.exe voldoende was. Alvast bedankt. Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by maes on wo 18/06/2014 at 17:41:42,79. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maes\Desktop\Beveiliging PC\zoek.exe [scan all users] [Checkboxes used] ==== System Restore Info ====================== 18/06/2014 17:44:39 Zoek.exe System Restore Point Created Succesfully. ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Users\maes\Desktop\Beveiliging PC\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== System Specs ====================== Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 3983 MB CPU Info: Intel® Core i5-3570 CPU @ 3.40GHz CPU Speed: 3490,4 MHz Sound Card: Luidsprekers (USB Sound Device | Luidsprekers (Realtek High Defi | Display Adapters: Intel® HD Graphics | Intel® HD Graphics | Intel® HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Dell P2314H (DP) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Intel® 82579LM Gigabit Network Connection CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVD-ROM DTA0N Ports: COM1 LPT Port NOT Present. Mouse: 8 Button Wheel Mouse Present Hard Disks: C: 108,9GB Hard Disks - Free: C: 69,9GB Manufacturer *: Dell Inc. BIOS Info: AT/AT COMPATIBLE | 09/09/13 | DELL - 1072009 Time Zone: Romance (standaardtijd) Motherboard *: Dell Inc. 0WR7PY Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton 360 On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: Norton 360 disabled (Outdated) Firewall: Norton 360 disabled Default Browser: Google Chrome 35.0.1916.153 Internet Explorer Version: 11.0.9600.17126 Mozilla Firefox version: 29.0.1 (x86 nl) Google Chrome version: 35.0.1916.153 Adobe Reader version: 11.0.07.79 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-05-26 17:18:28 981B512C2187202216056E911CE6E37A 25 ----a-w- C:\Windows\CDE SX400DEFGIPS.ini ====== C:\Users\maes\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-11 14:56:46 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-11 14:56:44 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-06-11 14:56:44 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-06-11 14:56:44 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 14:56:44 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 14:56:43 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-06-11 14:56:43 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 14:56:43 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 14:56:43 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 14:56:43 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 14:56:43 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-06-11 14:56:43 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 14:56:42 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 14:56:42 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-06-11 14:56:42 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-06-11 14:56:42 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 14:56:42 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-06-11 14:56:42 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-06-11 14:56:42 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-06-11 14:56:42 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 14:56:41 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 14:56:41 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-06-11 14:56:41 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 14:56:41 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 14:56:40 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-06-11 14:56:40 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-06-11 14:56:40 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 14:56:40 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-11 14:56:46 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-11 14:56:44 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-06-11 14:56:44 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-06-11 14:56:44 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-06-11 14:56:44 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-06-11 14:56:44 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-06-11 14:56:44 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-06-11 14:56:43 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-06-11 14:56:42 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-06-11 14:56:42 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-06-11 14:56:42 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-06-11 14:56:42 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-06-11 14:56:42 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-06-11 14:56:42 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-06-11 14:56:41 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-06-11 14:56:41 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-06-11 14:56:41 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-06-11 14:56:41 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-06-11 14:56:40 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-06-11 14:56:40 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-06-11 14:56:40 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-06-11 14:56:40 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-06-11 14:56:40 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-06-11 14:56:40 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-06-11 14:56:39 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-06-11 14:56:39 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-06-11 14:56:39 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-06-11 14:56:39 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-06-11 14:56:39 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-06-11 14:56:39 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-06-11 14:56:39 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-06-11 14:56:39 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-06-11 14:56:38 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-06-11 14:56:38 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-06-11 14:56:26 84A13AB118F433898B5ABA36E8D7CA91 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-06-11 14:56:26 2C053C9B2A8249F1F9B38ED1AE455771 506368 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2014-06-11 14:56:44 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 14:56:44 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-05-29 18:36:12 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-05-29 18:36:03 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-05-29 18:36:03 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-05-27 04:57:31 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-05-27 04:57:31 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-05-27 04:57:30 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-05-27 04:54:19 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-27 04:54:19 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-05-27 04:53:44 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-05-27 04:53:44 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-05-27 04:53:44 7A4BF0F3F2C8D78FA0FC2C3BB9ED360A 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-05-27 04:53:36 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-05-26 16:28:24 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys 2014-05-26 16:28:24 3071D77E134BF12120058431F6473AFA 7488 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2014-05-26 16:28:24 28771B716418BC13E4A84864EFC1B11A 855 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-05-26 16:28:24 21A1C2D694C3CF962D31F5E873AB3D6F 174200 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-05-26 15:05:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-05-26 15:02:57 2F8CB02987EC953272DF20D2DCB77796 61120 ----a-w- C:\Windows\Sysnative\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw64.sys 2014-05-26 07:07:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2014-05-31 18:42:42 D98BA1208E9D05EF7C3AB54B363025F5 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-05-31 18:42:42 B1D33DA73BC68A521AB33B8C23DCC07F 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-05-31 18:42:42 65A3E6DE33067F65347446CB4B37FE74 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-31 18:42:42 410558FBF0C1E9BBB357E2682916DA22 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-26 07:07:12 D2A63047B16962B0541D67C4506D662A 1546 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job 2014-05-26 07:07:12 A6096AC9C478D6FAC6853DF70B698846 4576 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5 2014-05-26 07:07:10 9FF196459C6C8EABBF5A132065407306 1452 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job 2014-05-26 07:07:10 28A8C14B863DCCE096B010E0F74D9254 4482 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2 2014-05-26 07:07:09 42A2C192A0A521836B4DAE3774E6BC3E 4510 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1 2014-05-26 07:07:09 32F02D3E629FC6381129774535426EC1 1480 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job 2014-05-26 07:07:07 F768AFDA5C72D5FFC6D5707C9AC2D827 5388 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4 2014-05-26 07:07:07 71AD6233D3F1CA99DB987C65174A06C9 2358 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job 2014-05-26 07:07:05 C86D8869A4FEA475E2B5C26C085DCCBD 1486 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job 2014-05-26 07:07:05 384DAB1EDAABE1C1BD04E6EE40F33792 4516 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-17 17:15:29 -------- d-----w- C:\Program Files\trend micro 2014-06-02 18:17:09 -------- d-----w- C:\Program Files\Lavasoft 2014-05-27 04:56:41 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-05-26 19:14:31 -------- d-----w- C:\Program Files\Microsoft Office 2014-05-26 07:09:20 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2014-06-09 13:44:11 -------- d-----w- C:\PROGRA~2\SpywareBlaster 2014-06-03 20:45:49 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-05-31 18:51:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-31 18:51:44 -------- d-----w- C:\PROGRA~2\Java 2014-05-31 18:36:01 -------- d-----w- C:\PROGRA~2\VS Revo Group 2014-05-28 12:20:20 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\Adobe 2014-05-27 14:58:18 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2014-05-27 04:56:41 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-05-26 19:16:40 -------- d-----w- C:\PROGRA~2\Microsoft Works 2014-05-26 19:13:59 -------- d-----w- C:\PROGRA~2\Microsoft Office 2014-05-26 17:24:42 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2014-05-26 17:23:54 -------- d-----w- C:\PROGRA~2\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:49 -------- d-----w- C:\PROGRA~2\epson 2014-05-26 07:09:12 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-05-26 07:08:07 -------- d-----w- C:\PROGRA~2\OpenOffice 4 2014-05-26 07:04:55 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== ====== C:\Users\maes\AppData\Roaming ====== 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-17 20:19:53 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-17 20:19:52 -------- d-----w- C:\Users\maes\AppData\Local\Temp 2014-06-16 16:13:00 -------- d-----w- C:\Users\maes\AppData\Local\Diagnostics 2014-06-08 10:55:19 -------- d-----w- C:\Users\maes\AppData\Local\CrashRpt 2014-06-08 05:31:30 -------- d-----w- C:\Users\maes\AppData\Roaming\cloudbkp 2014-06-08 05:24:40 -------- d-----w- C:\Users\maes\AppData\Local\Programs 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Roaming\Mozilla 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Local\Mozilla 2014-06-02 18:45:10 -------- d-----w- C:\Users\maes\AppData\Roaming\LavasoftStatistics 2014-06-02 18:13:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Lavasoft 2014-06-02 16:23:54 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-05-31 18:51:16 -------- d-----w- C:\Users\maes\AppData\Locallow\Sun 2014-05-31 18:36:01 -------- d-----w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-05-31 18:11:46 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieSiteList 2014-05-31 18:11:40 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieSiteList 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Locallow\Adobe 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Local\Adobe 2014-05-27 21:43:03 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-05-27 16:04:34 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-26 19:24:39 -------- dc----w- C:\Users\maes\AppData\Local\MigWiz 2014-05-26 19:14:00 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft Help 2014-05-26 17:37:49 -------- d-----w- C:\Users\maes\AppData\Local\CrashDumps 2014-05-26 17:22:04 -------- d-----w- C:\Users\maes\AppData\Roaming\InstallShield 2014-05-26 16:37:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Tific 2014-05-26 16:12:11 -------- d-----w- C:\Users\maes\AppData\Local\Spotify 2014-05-26 16:11:59 -------- d-----w- C:\Users\maes\AppData\Roaming\Spotify 2014-05-26 16:05:20 -------- d-----w- C:\Users\maes\AppData\Roaming\Google 2014-05-26 16:04:05 -------- d-----w- C:\Users\maes\AppData\Local\NPE 2014-05-26 07:33:09 8617031F4C7FC784057B2AD6C1BE62BC 574592 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-05-26 07:08:46 -------- d-----w- C:\Users\maes\AppData\Roaming\OpenOffice 2014-05-26 07:07:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-05-26 07:07:30 -------- d-----w- C:\Users\maes\AppData\Roaming\QuickScan 2014-05-26 07:04:53 -------- d-----w- C:\Users\maes\AppData\Local\Google 2014-05-26 07:04:49 -------- d-----w- C:\Users\maes\AppData\Local\Apps 2014-05-26 07:04:48 -------- d-----w- C:\Users\maes\AppData\Local\Deployment 2014-05-26 07:03:49 -------- d-----w- C:\Users\maes\AppData\Locallow\Microsoft 2014-05-26 07:03:37 23342E3E612DD3CE9F1BD5C44130C5D4 74336 ----a-w- C:\Users\maes\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-26 07:03:37 -------- d-----w- C:\Users\maes\AppData\Roaming\Intel Corporation 2014-05-26 07:02:34 -------- d-----w- C:\Users\maes\AppData\Roaming\Adobe 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-26 07:02:28 -------- d-----w- C:\Users\maes\AppData\Roaming\Identities 2014-05-26 07:02:27 -------- d-----w- C:\Users\maes\AppData\Local\VirtualStore 2014-05-26 07:02:14 -------- d-s---w- C:\Users\maes\AppData\Roaming\Microsoft 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Roaming\Media Center Programs 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\maes ====== 2014-06-16 21:02:04 -------- d--h--w- C:\ProgramData\Common Files 2014-06-15 14:04:28 -------- d-----w- C:\ProgramData\CDB 2014-06-09 13:44:12 -------- d---a-w- C:\ProgramData\TEMP 2014-06-09 13:44:12 -------- d-----w- C:\ProgramData\Licenses 2014-06-09 13:44:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-06-09 13:43:06 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\maes\Downloads\spywareblastersetup50.exe 2014-06-08 05:24:23 777D36B3525273BFC2EAF4ED33D0D7CC 4996872 ----a-w- C:\Users\maes\Downloads\rcpafterdownloadcm_ad_18793_cm2.exe 2014-06-03 20:45:49 -------- d-----w- C:\ProgramData\Mozilla 2014-06-02 18:13:21 -------- d-----w- C:\ProgramData\Lavasoft 2014-05-31 18:52:08 -------- d-----w- C:\ProgramData\Oracle 2014-05-31 18:51:50 -------- d-----w- C:\ProgramData\Sun 2014-05-31 18:51:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-31 18:43:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-31 06:38:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-27 21:46:26 -------- d-----w- C:\ProgramData\Adobe 2014-05-27 04:57:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-05-26 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-26 19:13:59 -------- d-----w- C:\ProgramData\Microsoft Help 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\UDL 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite 2014-05-26 17:24:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:57 -------- d-----w- C:\ProgramData\EPSON 2014-05-26 17:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-26 16:05:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-05-26 07:09:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-05-26 07:08:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\Searches 2014-05-26 07:02:27 -------- d-----r- C:\Users\maes\Contacts 2014-05-26 07:02:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\maes\ntuser.ini 2014-05-26 07:02:14 -------- d--h--w- C:\Users\maes\AppData 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Videos 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Saved Games 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Pictures 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Music 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Links 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Favorites 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Downloads 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Documents 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Desktop 2014-05-26 07:02:11 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Contacts ====== C: exe-files == 2014-06-17 20:38:47 7F79C8EDFD4F454E54C7954756E1A31A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I596US2.exe 2014-06-17 20:38:27 3B9C7F8BC60DA6663ADC206B3127021A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$IHL6B2S.exe 2014-06-17 20:38:15 FA39179C81171F785619E9BB64B0E386 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$I8B7TJB.exe 2014-06-17 17:15:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maes.exe 2014-06-17 17:14:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\maes\Desktop\Beveiliging PC\RSITx64.exe 2014-06-16 20:41:28 47811D50390A86A17102D7496E6EABB9 388608 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$RHL6B2S.exe 2014-06-15 14:03:42 E816A7B714E3F1CD46FCD75BF4B13D03 817568 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-640646408-3305349783-2111966010-1000\$R596US2.exe 2014-06-14 17:48:38 DF61864BA778845C6E725F7BF1EAEB0E 2675280 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe === C: other files == 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "TdmNotify"="C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" ==== Startup Folders ====================== 2014-05-26 19:29:01 1312 ----a-w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job --a------ [undetermined Task] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job --a------ C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 23:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\WSCEAA" [C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Analyzer 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Processor 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2" [18/06/2014 17:35] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== IE Start and Search Settings ====================== [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll O4 - HKLM\..\Run: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [spotify] "C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (file missing) O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EmbassyService - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\EMBASSY Client Core\EmbassyServer.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing) O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - Unknown owner - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe O23 - Service: Intel® PROSet Monitoring Service - Unknown owner - C:\Windows\system32\IProsetMonitor.exe (file missing) O23 - Service: Invincea Enterprise Service (InvProtectSvc) - Invincea, Inc. - C:\Program Files (x86)\Invincea\Enterprise\X64\InvProtectSvc64.exe O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Dell PBA x64 Service (PbaDrvSvc_x64) - Unknown owner - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\hapi64\pbadrvsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SboxSvc - Unknown owner - C:\Program Files (x86)\Invincea\Enterprise\Sandbox\SboxSvc.exe O23 - Service: SecureStorageService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Secure Storage Manager\SecureStorageService.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SI TSS v1.2.1.41 TCS (tcsd_win32.exe) - Unknown owner - C:\Program Files (x86)\Security Innovation\SI TSS\bin\tcsd_win32.exe O23 - Service: TdmService - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: Wave Authentication Manager Service - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Authentication Manager\WaveAMService.exe O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: WvPCR - Wave Systems Corp. - C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Common\WvPCR.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=204 folders=62 21872825 bytes) ==== EOF on wo 18/06/2014 at 17:45:46,85 ======================

Kape, ziehier de code. Ik had het logje van zoek-results.txt deze nacht al doorgestuurd als bijlage. Heb wel even moeten alle tekst doorlezen die je doorgestuurd (vanaf windows 7...) vandaar het eerdere probleem. Zoek.exe v5.0.0.0 Updated 16-June-2014 Tool run by maes on di 17/06/2014 at 22:11:42,77. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\maes\Desktop\zoek.exe [scan all users] [Checkboxes used] ==== System Restore Info ====================== 17/06/2014 22:12:53 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update BrowseBurst deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update BrowseBurst deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\maes\AppData\Roaming\Mozilla\Firefox\Profiles\8n0mok8p.default user.js not found ---- Lines Search removed from prefs.js ---- user_pref("extensions.ab1ac2ff78e514bb68bf887f1d567919a4bb97481aead4c2ea62be25e264651bbcom49074.49074.description", "Enhance your search results with ---- FireFox user.js and prefs.js backups ---- prefs_20141706_2217_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml deleted C:\PROGRA~2\The weDownload Manager deleted C:\PROGRA~2\globalUpdate deleted C:\PROGRA~2\AVG SafeGuard toolbar deleted C:\PROGRA~2\COMMON~1\AVG Secure Search deleted C:\Users\maes\AppData\Roaming\systweak deleted C:\PROGRA~3\Systweak deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\Allmyapps deleted C:\PROGRA~3\AVG Secure Search deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\Users\maes\AppData\Local\globalUpdate deleted C:\Users\maes\AppData\Local\AVG SafeGuard toolbar deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\SysNative\sasnative64.exe deleted C:\Users\maes\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\Reimage.ini deleted C:\windows\SysNative\Tasks\Advanced System Protector_startup deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job deleted C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineCore deleted C:\windows\SysNative\tasks\globalUpdateUpdateTaskMachineUA deleted C:\Users\maes\Desktop\N360Downloader.exe deleted C:\Users\maes\AppData\Roaming\Mozilla\Firefox\Profiles\8n0mok8p.default\extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com deleted "C:\PROGRA~2\BrowseBurst\updateBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\updateBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\BrowseBurst.BrowserAdapter.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\BrowseBurst.PurBrowse64.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\{890a8319-7c6f-45e4-a506-152b8d2d9310}.dll" deleted "C:\PROGRA~2\BrowseBurst\bin\BrowseBurst.BrowserAdapter.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\BrowseBurst.PurBrowse64.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\utilBrowseBurst.exe" deleted "C:\PROGRA~2\BrowseBurst\bin\{890a8319-7c6f-45e4-a506-152b8d2d9310}.dll" deleted "C:\PROGRA~2\BrowseBurst" not deleted "C:\PROGRA~2\BrowseBurst" not deleted "C:\PROGRA~2\BrowseBurst\bin" not deleted "C:\PROGRA~2\BrowseBurst\bin" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-05-26 17:18:28 981B512C2187202216056E911CE6E37A 25 ----a-w- C:\Windows\CDE SX400DEFGIPS.ini ====== C:\Users\maes\AppData\Local\Temp ==== ====== Java Cache ===== 2014-06-01 16:10:52 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\maes\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-38b644ae ====== C:\Windows\SysWOW64 ===== 2014-06-11 14:56:46 A5F833506BF6A1B5D693E1499DEE2444 626688 ----a-w- C:\Windows\SysWOW64\usp10.dll 2014-06-11 14:56:44 E227B810296AA27E6C69307A7B6456E5 1389056 ----a-w- C:\Windows\SysWOW64\msxml6.dll 2014-06-11 14:56:44 8B8D1CEF498678CAB9DF17145D34BC64 1237504 ----a-w- C:\Windows\SysWOW64\msxml3.dll 2014-06-11 14:56:44 2E673E776136354ECFB57BFD62E7EC3D 2048 ----a-w- C:\Windows\SysWOW64\msxml6r.dll 2014-06-11 14:56:44 0789F82BAE171323F74B8F175D406AB8 2048 ----a-w- C:\Windows\SysWOW64\msxml3r.dll 2014-06-11 14:56:43 D5ECBB3BFDC73A59440D9CA79AB3A342 17271296 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2014-06-11 14:56:43 C1F5812F355D0C9495C1B2E7165DA2AF 32256 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 BB9BADED14F0963498855AC28446CED5 51200 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-11 14:56:43 8DF06ACA017949D37C38B6A0EF747D4E 526336 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2014-06-11 14:56:43 7E27FB6AB8976897A530FB30F5FF7691 69632 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2014-06-11 14:56:43 6D8E6A9A524FFAAFA4D2F6C8EF38D0BB 592896 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2014-06-11 14:56:43 0AFCE8EEF3751810FE2101FD608FB8B3 1143296 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2014-06-11 14:56:43 017B99D09904DCA35D5F66AD79084B5F 368128 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2014-06-11 14:56:42 E0EA58834CD19FDFCD1BC37B22E1D3D8 43008 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2014-06-11 14:56:42 D9F5B424C307B195E16A9B0A21E53BCC 61952 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2014-06-11 14:56:42 D36574C287D0764C95AC777DFF367715 32768 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2014-06-11 14:56:42 C69FDD49AB9E8BCF2BAAC469CE0CC756 1964544 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2014-06-11 14:56:42 9EAAB4305536829D6B7D9C3A47E92861 2179072 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2014-06-11 14:56:42 814E0D53EF020BD93097F26B53B573F0 440832 ----a-w- C:\Windows\SysWOW64\ieui.dll 2014-06-11 14:56:42 688227D38A6FF6403B293D0C50B454B9 11725312 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2014-06-11 14:56:42 5B5815477A53ED92B89955FFE7EDCB2E 242688 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2014-06-11 14:56:41 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 14:56:41 C58E97EEB1CB80CE91D5E7FD5E78794F 4244992 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2014-06-11 14:56:41 4D3074AA172DCFD5D56BE764B671085A 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2014-06-11 14:56:41 0AC4E3C93D49E37D5B008ED99092115C 1068032 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-11 14:56:40 EB960643DC62832C88272573204B6DBA 164864 ----a-w- C:\Windows\SysWOW64\msrating.dll 2014-06-11 14:56:40 771CDBC3D62437D6DB070820BB1EDCCF 1790976 ----a-w- C:\Windows\SysWOW64\wininet.dll 2014-06-11 14:56:40 22D7FFA4B94916F18EB1F1D107B86839 704512 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2014-06-11 14:56:40 09771ABC896D2A88370F3AB8BADC242E 455168 ----a-w- C:\Windows\SysWOW64\vbscript.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-11 14:56:46 088CF6AFCD5CDD44E40C0ACDE3C1A5E0 801280 ----a-w- C:\Windows\Sysnative\usp10.dll 2014-06-11 14:56:44 EF2D8BBA6E077559B675513BC0EE5FC2 3178496 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2014-06-11 14:56:44 ECA6AC33BD9E441F7B47D173D715D268 1882112 ----a-w- C:\Windows\Sysnative\msxml3.dll 2014-06-11 14:56:44 3408DD8081DC22858AE2E6ABD2594C02 2048 ----a-w- C:\Windows\Sysnative\msxml6r.dll 2014-06-11 14:56:44 2147C5330F983D76A36B73F4A804F778 16384 ----a-w- C:\Windows\Sysnative\RdpGroupPolicyExtension.dll 2014-06-11 14:56:44 0E3A7EC2B9590EA7767BBB1823630DEA 2002432 ----a-w- C:\Windows\Sysnative\msxml6.dll 2014-06-11 14:56:44 0465A8CFDDB4FFDB569802A70B9443D5 2048 ----a-w- C:\Windows\Sysnative\msxml3r.dll 2014-06-11 14:56:43 DA7AAB5D4E5F7160E906C0D2EB9A2B9F 38400 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2014-06-11 14:56:43 3ED5C9055F7A635399FC12892F565287 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2014-06-11 14:56:42 DFD834E89B819B5ECE8E251C56B5A3CE 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2014-06-11 14:56:42 D5C446B14DC667B7B9FBB30EA1701D92 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2014-06-11 14:56:42 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2014-06-11 14:56:42 867DD52B23D3B0390B88F3D7AD1E600C 631808 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2014-06-11 14:56:42 3A1AB9DE852F2BC1ECE6403BDD01B9F0 1398272 ----a-w- C:\Windows\Sysnative\urlmon.dll 2014-06-11 14:56:42 12BA419E27DBC5DBF9262C8A885FA361 452096 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2014-06-11 14:56:41 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2014-06-11 14:56:41 B34D3F303769E65CE7EFBD4E6FB62B25 66048 ----a-w- C:\Windows\Sysnative\iesetup.dll 2014-06-11 14:56:41 3FC3828E8820D1C93DBFBAD4BE456D85 2040832 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2014-06-11 14:56:41 063EF4239479F52DAF9F4849B0B304F1 2768384 ----a-w- C:\Windows\Sysnative\iertutil.dll 2014-06-11 14:56:40 CE6109C73C3A04CC2B8C6110B0F0FEF9 33792 ----a-w- C:\Windows\Sysnative\iernonce.dll 2014-06-11 14:56:40 CC603EF96BA456D4BCD9FF849ED07A2A 85504 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2014-06-11 14:56:40 CB8A91074AE1B5051E240B50A328DCF5 295424 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2014-06-11 14:56:40 B2C037F50A02D6C057B1E0791BBF41A5 574976 ----a-w- C:\Windows\Sysnative\ieui.dll 2014-06-11 14:56:40 790FD40601502C5FE8213D4F335DA0BD 51200 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2014-06-11 14:56:40 2DBB9127794BC30BC31D26FA088F8BAB 13522944 ----a-w- C:\Windows\Sysnative\ieframe.dll 2014-06-11 14:56:39 AB3FA3D9B1F1D0571CBC43D1487CCD6F 5782528 ----a-w- C:\Windows\Sysnative\jscript9.dll 2014-06-11 14:56:39 A4A58E3171C03A1145D1C3EC488D1B4F 1249280 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2014-06-11 14:56:39 9013D5BBE1B6D3A060F54B4B5BB2C3A3 846336 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2014-06-11 14:56:39 8E3C6008250A904C06943BCEA585E344 195584 ----a-w- C:\Windows\Sysnative\msrating.dll 2014-06-11 14:56:39 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2014-06-11 14:56:39 6B9925F498D4E91FB57576CC3776D428 752640 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2014-06-11 14:56:39 40BFD9D6EC8E174145F012246CA73CCD 2266112 ----a-w- C:\Windows\Sysnative\wininet.dll 2014-06-11 14:56:39 2F474D40626B0C694400589F3FBB9AA9 548352 ----a-w- C:\Windows\Sysnative\vbscript.dll 2014-06-11 14:56:38 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2014-06-11 14:56:38 56803B20D168C1B740D12CE0BE4588F5 23414784 ----a-w- C:\Windows\Sysnative\mshtml.dll 2014-06-11 14:56:26 84A13AB118F433898B5ABA36E8D7CA91 424448 ----a-w- C:\Windows\Sysnative\aeinv.dll 2014-06-11 14:56:26 2C053C9B2A8249F1F9B38ED1AE455771 506368 ----a-w- C:\Windows\Sysnative\aepdu.dll ====== C:\Windows\Sysnative\drivers ===== 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys 2014-06-11 14:56:44 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-11 14:56:44 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-05-29 18:36:12 E9981ECE8D894CEF7038FD1D040EB426 56832 ----a-w- C:\Windows\Sysnative\drivers\TsUsbFlt.sys 2014-05-29 18:36:03 AD64450A4ABE076F5CB34CC08EEACB07 30208 ----a-w- C:\Windows\Sysnative\drivers\TsUsbGD.sys 2014-05-29 18:36:03 313F68E1A3E6345A4F47A36B07062F34 19456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-05-27 04:57:31 DDA4CAF29D8C0A297F886BFE561E6659 198656 ----a-w- C:\Windows\Sysnative\drivers\WUDFRd.sys 2014-05-27 04:57:31 AB886378EEB55C6C75B4F2D14B6C869F 87040 ----a-w- C:\Windows\Sysnative\drivers\WUDFPf.sys 2014-05-27 04:57:30 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\Sysnative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2014-05-27 04:54:19 353009DEDF918B2A51414F330CF72DEC 95680 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2014-05-27 04:54:19 1C2D8E18AA8FD50CD04C15CC27F7F5AB 155072 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-05-27 04:53:44 A3F0BC5897F9D3786A3CB695B163633A 190912 ----a-w- C:\Windows\Sysnative\drivers\storport.sys 2014-05-27 04:53:44 96BB922A0981BC7432C8CF52B5410FE6 274880 ----a-w- C:\Windows\Sysnative\drivers\msiscsi.sys 2014-05-27 04:53:44 7A4BF0F3F2C8D78FA0FC2C3BB9ED360A 27584 ----a-w- C:\Windows\Sysnative\drivers\Diskdump.sys 2014-05-27 04:53:36 1A29A59A4C5BA6F8C85062A613B7E2B2 1684928 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys 2014-05-26 16:28:24 E403AACF8C7BB11375122D2464560311 34152 ----a-w- C:\Windows\Sysnative\drivers\GEARAspiWDM.sys 2014-05-26 16:28:24 3071D77E134BF12120058431F6473AFA 7488 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT 2014-05-26 16:28:24 28771B716418BC13E4A84864EFC1B11A 855 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF 2014-05-26 16:28:24 21A1C2D694C3CF962D31F5E873AB3D6F 174200 ----a-w- C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS 2014-05-26 15:05:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-05-26 15:02:57 2F8CB02987EC953272DF20D2DCB77796 61120 ----a-w- C:\Windows\Sysnative\drivers\{890a8319-7c6f-45e4-a506-152b8d2d9310}Gw64.sys 2014-05-26 07:07:12 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_User_WUDFUsbccidDriver_01_09_00.Wdf ====== C:\Windows\Tasks ====== 2014-05-31 18:42:42 D98BA1208E9D05EF7C3AB54B363025F5 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2014-05-31 18:42:42 D2CD169EEBDE1123951CA1F8A4C85222 1052 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-05-31 18:42:42 B1D33DA73BC68A521AB33B8C23DCC07F 3796 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore 2014-05-31 18:42:42 5E28E84EA57450AE3501848D80AF42E9 1048 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-05-26 07:07:12 A6096AC9C478D6FAC6853DF70B698846 4576 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5 2014-05-26 07:07:12 585DCF7E3BB742E3B7E195C0CC0FE920 1546 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job 2014-05-26 07:07:10 B0E717716B6BB2EF884C10AABBC8DB49 1452 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job 2014-05-26 07:07:10 28A8C14B863DCCE096B010E0F74D9254 4482 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-2 2014-05-26 07:07:09 DB47FF4BCDDECA82FC6D21E69F7C11B7 1480 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job 2014-05-26 07:07:09 42A2C192A0A521836B4DAE3774E6BC3E 4510 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-1 2014-05-26 07:07:07 F768AFDA5C72D5FFC6D5707C9AC2D827 5388 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4 2014-05-26 07:07:07 B6C0FB6B6CB51D09F5C16DE9DD7C7103 2358 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job 2014-05-26 07:07:05 A6216BF098A708375FB5E90F8767B988 1486 ----a-w- C:\Windows\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job 2014-05-26 07:07:05 384DAB1EDAABE1C1BD04E6EE40F33792 4516 ----a-w- C:\Windows\Sysnative\Tasks\03091666-40b5-44af-b8b1-7438214ece0b-6 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-17 17:15:29 -------- d-----w- C:\Program Files\trend micro 2014-06-02 18:17:09 -------- d-----w- C:\Program Files\Lavasoft 2014-05-27 04:56:41 -------- d-----w- C:\Program Files\Microsoft Silverlight 2014-05-26 19:14:31 -------- d-----w- C:\Program Files\Microsoft Office 2014-05-26 07:09:20 -------- d-----w- C:\Program Files\DIFX ======= C:\PROGRA~2 ===== 2014-06-09 13:44:11 -------- d-----w- C:\PROGRA~2\SpywareBlaster 2014-06-03 20:45:49 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service 2014-05-31 18:51:50 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2014-05-31 18:51:44 -------- d-----w- C:\PROGRA~2\Java 2014-05-31 18:36:01 -------- d-----w- C:\PROGRA~2\VS Revo Group 2014-05-28 12:20:20 -------- d-----w- C:\PROGRA~2\COMMON~1\DESIGNER 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Adobe 2014-05-27 21:46:32 -------- d-----w- C:\PROGRA~2\Adobe 2014-05-27 14:58:18 -------- d-----w- C:\PROGRA~2\MSXML 4.0 2014-05-27 04:56:41 -------- d-----w- C:\PROGRA~2\Microsoft Silverlight 2014-05-26 19:16:40 -------- d-----w- C:\PROGRA~2\Microsoft Works 2014-05-26 19:13:59 -------- d-----w- C:\PROGRA~2\Microsoft Office 2014-05-26 17:24:42 -------- d-----w- C:\PROGRA~2\COMMON~1\InstallShield 2014-05-26 17:23:54 -------- d-----w- C:\PROGRA~2\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:49 -------- d-----w- C:\PROGRA~2\epson 2014-05-26 07:09:12 -------- d-----w- C:\PROGRA~2\Belgium Identity Card 2014-05-26 07:08:07 -------- d-----w- C:\PROGRA~2\OpenOffice 4 2014-05-26 07:06:58 -------- d-----w- C:\PROGRA~2\BrowseBurst 2014-05-26 07:04:55 -------- d-----w- C:\PROGRA~2\Google ======= C: ===== ====== C:\Users\maes\AppData\Roaming ====== 2014-06-16 16:13:00 -------- d-----w- C:\Users\maes\AppData\Local\Diagnostics 2014-06-08 10:55:19 -------- d-----w- C:\Users\maes\AppData\Local\CrashRpt 2014-06-08 05:31:30 -------- d-----w- C:\Users\maes\AppData\Roaming\cloudbkp 2014-06-08 05:24:40 -------- d-----w- C:\Users\maes\AppData\Local\Programs 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Roaming\Mozilla 2014-06-03 20:45:56 -------- d-----w- C:\Users\maes\AppData\Local\Mozilla 2014-06-02 18:45:10 -------- d-----w- C:\Users\maes\AppData\Roaming\LavasoftStatistics 2014-06-02 18:13:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Lavasoft 2014-06-02 16:23:54 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2014-05-31 18:51:16 -------- d-----w- C:\Users\maes\AppData\Locallow\Sun 2014-05-31 18:36:01 -------- d-----w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2014-05-31 18:11:46 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieUserList 2014-05-31 18:11:41 -------- d-sh--w- C:\Users\maes\AppData\Local\EmieSiteList 2014-05-31 18:11:40 -------- d-sh--w- C:\Users\maes\AppData\Locallow\EmieSiteList 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Locallow\Adobe 2014-05-27 21:47:31 -------- d-----w- C:\Users\maes\AppData\Local\Adobe 2014-05-27 21:43:03 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-05-27 16:04:34 -------- d-s---w- C:\Windows\serviceprofiles\Localservice\AppData\Locallow\Microsoft 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2014-05-27 14:55:50 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2014-05-26 19:24:39 -------- dc----w- C:\Users\maes\AppData\Local\MigWiz 2014-05-26 19:14:00 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft Help 2014-05-26 17:37:49 -------- d-----w- C:\Users\maes\AppData\Local\CrashDumps 2014-05-26 17:22:04 -------- d-----w- C:\Users\maes\AppData\Roaming\InstallShield 2014-05-26 16:37:44 -------- d-----w- C:\Users\maes\AppData\Roaming\Tific 2014-05-26 16:12:11 -------- d-----w- C:\Users\maes\AppData\Local\Spotify 2014-05-26 16:11:59 -------- d-----w- C:\Users\maes\AppData\Roaming\Spotify 2014-05-26 16:05:20 -------- d-----w- C:\Users\maes\AppData\Roaming\Google 2014-05-26 16:04:05 -------- d-----w- C:\Users\maes\AppData\Local\NPE 2014-05-26 07:33:09 8617031F4C7FC784057B2AD6C1BE62BC 574592 ----a-w- C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat 2014-05-26 07:08:46 -------- d-----w- C:\Users\maes\AppData\Roaming\OpenOffice 2014-05-26 07:07:30 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\QuickScan 2014-05-26 07:07:30 -------- d-----w- C:\Users\maes\AppData\Roaming\QuickScan 2014-05-26 07:04:53 -------- d-----w- C:\Users\maes\AppData\Local\Google 2014-05-26 07:04:49 -------- d-----w- C:\Users\maes\AppData\Local\Apps 2014-05-26 07:04:48 -------- d-----w- C:\Users\maes\AppData\Local\Deployment 2014-05-26 07:03:49 -------- d-----w- C:\Users\maes\AppData\Locallow\Microsoft 2014-05-26 07:03:37 23342E3E612DD3CE9F1BD5C44130C5D4 74336 ----a-w- C:\Users\maes\AppData\Local\GDIPFONTCACHEV1.DAT 2014-05-26 07:03:37 -------- d-----w- C:\Users\maes\AppData\Roaming\Intel Corporation 2014-05-26 07:02:34 -------- d-----w- C:\Users\maes\AppData\Roaming\Adobe 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2014-05-26 07:02:28 -------- d-----w- C:\Users\maes\AppData\Roaming\Identities 2014-05-26 07:02:27 -------- d-----w- C:\Users\maes\AppData\Local\VirtualStore 2014-05-26 07:02:14 -------- d-s---w- C:\Users\maes\AppData\Roaming\Microsoft 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Roaming\Media Center Programs 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Local\Temp 2014-05-26 07:02:14 -------- d-----w- C:\Users\maes\AppData\Local\Microsoft 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\maes ====== 2014-06-17 17:14:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\maes\Desktop\RSITx64.exe 2014-06-16 21:02:04 -------- d--h--w- C:\ProgramData\Common Files 2014-06-15 14:04:28 -------- d-----w- C:\ProgramData\CDB 2014-06-15 14:03:42 E816A7B714E3F1CD46FCD75BF4B13D03 817568 ----a-w- C:\Users\maes\Downloads\ReimageRepair.exe 2014-06-09 13:44:12 -------- d---a-w- C:\ProgramData\TEMP 2014-06-09 13:44:12 -------- d-----w- C:\ProgramData\Licenses 2014-06-09 13:44:11 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster 2014-06-09 13:43:06 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\maes\Downloads\spywareblastersetup50.exe 2014-06-08 05:24:23 777D36B3525273BFC2EAF4ED33D0D7CC 4996872 ----a-w- C:\Users\maes\Downloads\rcpafterdownloadcm_ad_18793_cm2.exe 2014-06-03 20:45:49 -------- d-----w- C:\ProgramData\Mozilla 2014-06-03 20:45:21 8F6E1D1D87DF86C4DF5F9A3C62310D9A 282968 ----a-w- C:\Users\maes\Downloads\Firefox Setup Stub 29.0.1.exe 2014-06-02 18:13:21 -------- d-----w- C:\ProgramData\Lavasoft 2014-05-31 18:52:08 -------- d-----w- C:\ProgramData\Oracle 2014-05-31 18:51:50 -------- d-----w- C:\ProgramData\Sun 2014-05-31 18:51:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-05-31 18:43:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-05-31 06:38:30 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Searches 2014-05-27 21:46:26 -------- d-----w- C:\ProgramData\Adobe 2014-05-27 04:57:14 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-05-26 19:16:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2014-05-26 19:13:59 -------- d-----w- C:\ProgramData\Microsoft Help 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\UDL 2014-05-26 17:25:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Creativity Suite 2014-05-26 17:24:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint 2014-05-26 17:18:57 -------- d-----w- C:\ProgramData\EPSON 2014-05-26 17:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2014-05-26 16:05:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2014-05-26 07:09:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belgium - eID 2014-05-26 07:08:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-05-26 07:02:34 -------- d-----r- C:\Users\maes\Searches 2014-05-26 07:02:27 -------- d-----r- C:\Users\maes\Contacts 2014-05-26 07:02:14 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\maes\ntuser.ini 2014-05-26 07:02:14 -------- d--h--w- C:\Users\maes\AppData 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Videos 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Saved Games 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Pictures 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Music 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Links 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Favorites 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Downloads 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Documents 2014-05-26 07:02:14 -------- d-----r- C:\Users\maes\Desktop 2014-05-26 07:02:11 -------- d-----r- C:\Windows\SysNative\config\systemprofile\Contacts ====== C: exe-files == 2014-06-17 19:55:20 26F56C925927B2DBAC29D6777231C97C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-640646408-3305349783-2111966010-1000\$ISS0AVA.exe 2014-06-17 19:51:50 A54C79E93AD021ED5532F9EEE462C52F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-640646408-3305349783-2111966010-1000\$I0S9TXK.exe 2014-06-17 19:51:26 352E8561E633B17ED22012366721FFDC 1285120 ----a-w- C:\$Recycle.Bin\S-1-5-21-640646408-3305349783-2111966010-1000\$R0S9TXK.exe 2014-06-17 19:48:50 352E8561E633B17ED22012366721FFDC 1285120 ----a-w- C:\$Recycle.Bin\S-1-5-21-640646408-3305349783-2111966010-1000\$RSS0AVA.exe 2014-06-17 17:15:29 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\maes.exe 2014-06-17 17:14:38 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\maes\Desktop\RSITx64.exe 2014-06-16 14:46:44 109DF3325586515705BFAF3117347B37 96544 ----a-w- C:\Program Files (x86)\BrowseBurst\bin\BrowseBurst.BrowserAdapter.exe 2014-06-15 14:03:42 E816A7B714E3F1CD46FCD75BF4B13D03 817568 ----a-w- C:\Users\maes\Downloads\ReimageRepair.exe 2014-06-14 17:48:38 DF61864BA778845C6E725F7BF1EAEB0E 2675280 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe 2014-06-11 14:56:43 4F2AA3E7BD7257E4937E071E3700819E 810200 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-06-11 14:56:43 4AFAE8BAF6E85311AD78395C47351A1D 222720 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2014-06-11 14:56:42 BFD3178735D97C858FFA467F8199700C 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-06-11 14:56:42 60F88F6CA6303E8273AF7AAA9AAFECAC 812248 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2014-06-11 14:56:42 50989AAF09CDCEBC0FD8EB0FE79C2A98 470016 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2014-06-11 14:56:42 4076E62E061769E42186AE860007FA08 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-06-11 14:56:41 EAAA62F272858695814A1F42D5E59BD3 608768 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-06-11 14:56:41 CC0077F9C7ACD7E97707DFC763A4EA99 112128 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2014-06-11 14:56:41 159C5979C61F51EEFC84D9AB17C4E0E7 482816 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-06-11 14:56:39 770F067D833DC017CEB8A36A2A1EC942 139264 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-06-11 14:56:38 F343ECB3C683EBD7E3990C03AD680855 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-06-11 14:56:26 EF15B0554634BD981BB718E9BF6EE891 46784 ----a-w- C:\Windows\System32\CompatTel\wicainventory.exe 2014-06-11 14:56:26 511E0519B437C263E95EA46330312B7F 172224 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe === C: other files == 2014-06-16 21:02:43 9FD4BC46784309176AEFA26AA8241DA1 50464 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys 2014-06-11 14:56:44 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\System32\drivers\FWPKCLNT.SYS 2014-06-11 14:56:44 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe 60" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify"="C:\Users\maes\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart" "Spotify Web Helper"="C:\Users\maes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtDCpl64.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "TdmNotify"="C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\Trusted Drive Manager\TdmNotify.exe" ==== Startup Folders ====================== 2014-05-26 19:29:01 1312 ----a-w- C:\Users\maes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1.job --a------ [undetermined Task] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5.job --a------ C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe [] C:\Windows\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6.job --a------ C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe [] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 23:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [31/05/2014 20:42] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-1" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-2" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-2.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-4" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-4.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-5" [C:\Program Files (x86)\The weDownload Manager\03091666-40b5-44af-b8b1-7438214ece0b-5.exe] "C:\Windows\SysNative\tasks\03091666-40b5-44af-b8b1-7438214ece0b-6" [C:\Program Files (x86)\The weDownload Manager\The weDownload Manager-novainstaller.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\WSCEAA" [C:\Program Files\Dell\Dell Data Protection\Access\Advanced\Wave\RemoteManagement\WSCEAA.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Analyzer 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] "C:\Windows\SysNative\tasks\Symantec\Norton Error Processor 5.2.2.3" [C:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "avg@toolbar"="C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.0.443" [] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chrome Look ====================== Google Docs - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - maes\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {47F318FD-AF35-41CF-8B21-B2B5D460D626} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-640646408-3305349783-2111966010-1000\Software\Microsoft\Internet Explorer\SearchScopes\{47F318FD-AF35-41CF-8B21-B2B5D460D626} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\maes\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\maes\AppData\Local\Mozilla\Firefox\Profiles\8n0mok8p.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\maes\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=204 folders=62 21872825 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\maes\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\maes\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~2\BrowseBurst" not found "C:\PROGRA~2\BrowseBurst" not found ==== EOF on di 17/06/2014 at 22:20:28,33 ======================

Beste Kape, Blijkbaar moet je een beetje geduld hebben met een grijzer wordende man. Heb het logje dan toch kunnen maken... (natuurlijk als je niet alle tekst leest!!) [ATTACH]33094[/ATTACH] zoek-results.txt

Hey Kape, De Norton is uitgeschakeld en de zoek.exe is op het bureaublad gezet maar na uitvoeren als administrator volgt geen log. Wat nu? Kan je met deze log iets aanvangen? [ATTACH]33090[/ATTACH] log.txt