janneman

Hey hieronder snapshot link http://speccy.piriform.com/results/3N2ukzaRHSkFehSUL8USE7b Dank u

Ik heb problemen met mijn scherm het wordt af en toe zwart , een paar seconden maar en soms gebeurt dit meermaals achter elkaar soms eenmalig , het gebeurt het meeste tijdens het gamen , maar ook tijdens normaal gebruik pc . Ik krijg geen foutmelding of raar geluid alleen scherm dat zwart wordt videokaart is ati 7850 Scherm is E 2250V processor E 2600 k pc en scherm zijn wel al +- 7 jaar oud

ok done !

Hey ik neem aan dat het is opgelost nu toch al veel uurtjes zonder vervelende pop ups . Dus dat heb jij goed gefixt , spijtig dat ik niet eerder van deze site wist zo'n snelle en goede hulp . Nogmaals bedankt !!!

Ja tot nu toe geen pop ups meer maar ik heb mijn pc maar juist opstaan zal morgen nog wel eens iets laten weten of het is opgelost ! Alvast dikke merci voor de hulp !!!

Zo raar allemaal keys maar ja ik ken erniet veel af

***** [ Register ] ***** [-] hersteldHKLM\SOFTWARE\Classes\PepperZip [-] hersteld[x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} [-] hersteld[x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} [-] hersteld[x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] hersteldHKCU\Software\Classes\CLSID\{BEBBC426-4F16-4567-8FE1-BE198C982027} [-] hersteldHKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9} [-] hersteldHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] hersteldHKU\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\eSupport.com [-] hersteldHKU\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\GlobalUpdate [#] *Key deleted on reboot: HKCU\Software\eSupport.com [#] *Key deleted on reboot: HKCU\Software\GlobalUpdate [-] hersteldHKLM\SOFTWARE\SiteSee [-] hersteldHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius Professional Edition_is1 [-] hersteldHKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner [-] hersteld[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 [-] hersteldHKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [-] hersteldHKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [-] hersteldHKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [-] hersteldHKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} ***** [ Internetbrowsers ] ***** ************************* :: "Tracing" sleutels verwijderd :: Winsock instellingen gereset ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [2463 bytes] - [15/08/2016 20:25:01] C:\AdwCleaner\AdwCleaner[S0].txt - [2670 bytes] - [15/08/2016 20:24:26] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2609 bytes] ##########

Hier het logje ! Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by jan on ma 15/08/2016 at 18:56:45,95. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\jan\Documents\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 15/08/2016 18:57:43 Zoek.exe System Restore Point Created Successfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Empty Folders Check ====================== C:\PROGRA~2\Adobe deleted successfully C:\PROGRA~2\Anvisoft deleted successfully C:\PROGRA~2\Lavasoft deleted successfully C:\PROGRA~2\predm deleted successfully C:\PROGRA~2\SiteLookup deleted successfully C:\Program Files\CPUID deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\DriverGenius deleted successfully C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} deleted successfully C:\Users\jan\AppData\Roaming\Philips deleted successfully C:\Users\jan\AppData\Roaming\VMware deleted successfully C:\Users\jan\AppData\Local\eSupport.com deleted successfully C:\Users\jan\AppData\Local\Skype deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43AC20F6-AA2E-4F0E-B718-ACF54927284} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7C0817FD-71C0-4623-BDA4-9AA7F1D8CED0} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8D5084BE-DCA9-468B-9EB5-27C15563E033} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C7B9BFF-155E-4526-B543-A4E05FF2224} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D08E29E-F673-47C6-9EA0-93425744E7E0} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1879DCE-4F58-436C-AA45-7090B51069B4} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0B342D2-7FD3-4DE2-9DDC-C538497B42C2} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE20E559-E355-4660-9997-683A7F8BC72} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully ==== Running Processes ====================== C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Users\jan\AppData\Roaming\Dashlane\DashlanePlugin.exe C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe C:\Program Files (x86)\Nero\Update\NASvc.exe C:\Users\jan\Documents\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by E Dev R2 - [AMD External Events Utility] - AMD External Events Utility - c:\windows\system32\atiesrxx.exe R2 - [avgfws] - AVG Firewall - c:\program files (x86)\avg\av\avgfwsa.exe R2 - [avgsvc] - AVG Service - c:\program files (x86)\avg\framework\common\avgsvca.exe R2 - [avgwd] - AVG WatchDog - c:\program files (x86)\avg\av\avgwdsvca.exe R2 - [Bonjour Service] - Bonjour-service - c:\program files\bonjour\mdnsresponder.exe R2 - [c2cautoupdatesvc] - Skype Click to Call Updater - c:\program files (x86)\skype\toolbars\autoupdate\skypec2cautoupdatesvc.exe R2 - [c2cpnrsvc] - Skype Click to Call PNR Service - c:\program files (x86)\skype\toolbars\pnrsvc\skypec2cpnrsvc.exe R2 - [HTCMonitorService] - HTCMonitorService - c:\program files (x86)\htc\htc sync manager\hsmserviceentry.exe R2 - [NAUpdate] - Nero Update - c:\program files (x86)\nero\update\nasvc.exe R2 - [PassThru Service] - Internet Pass-Through Service - c:\program files (x86)\htc\internet pass-through\passthrusvr.exe R2 - [PlaysService] - Plays.tv Update Service - c:\program files (x86)\raptr inc\playstv\plays_service.exe R2 - [SamsungRapidSvc] - Samsung RAPID Mode Service - system32\rapid\samsungrapidsvc.exe [x] R2 - [ss_conn_service] - SAMSUNG Mobile Connectivity Service - c:\program files (x86)\samsung\usb drivers\27_ssconn\conn\ss_conn_service.exe R2 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe R3 - [WMPNetworkSvc] - Windows Media Player Network Sharing Service - c:\program files\windows media player\wmpnetwk.exe S2 - [AVGIDSAgent] - AVGIDSAgent - c:\program files (x86)\avg\av\avgidsagenta.exe S2 - [clr_optimization_v4.0.30319_32] - Microsoft .NET Framework NGEN v4.0.30319_X86 - c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe S2 - [clr_optimization_v4.0.30319_64] - Microsoft .NET Framework NGEN v4.0.30319_X64 - c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe S2 - [gupdate] - Google Update-service (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [LiveUpdateSvc] - LiveUpdate - c:\program files (x86)\iobit\liveupdate\liveupdate.exe S2 - [MBAMScheduler] - MBAMScheduler - c:\program files (x86)\malwarebytes anti-malware\mbamscheduler.exe S2 - [MBAMService] - MBAMService - c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe S2 - [SkypeUpdate] - Skype Updater - c:\program files (x86)\skype\updater\updater.exe S2 - [sppsvc] - Software Protection - c:\windows\system32\sppsvc.exe S3 - [ALG] - Application Layer Gateway Service - c:\windows\system32\alg.exe S3 - [AvgAMPS] - AvgAMPS - c:\program files (x86)\avg\av\avgamps.exe S3 - [COMSysApp] - COM+ System Application - c:\windows\system32\dllhost.exe S3 - [ehRecvr] - Windows Media Center Receiver Service - c:\windows\ehome\ehrecvr.exe S3 - [ehSched] - Windows Media Center Scheduler Service - c:\windows\ehome\ehsched.exe S3 - [Fax] - Fax - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Windows Presentation Foundation Font Cache 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Google Update-service (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [IEEtwCollectorService] - Internet Explorer ETW Collector Service - c:\windows\system32\ieetwcollector.exe S3 - [Microsoft Office Groove Audit Service] - Microsoft Office Groove Audit Service - c:\program files (x86)\microsoft office\office12\grooveauditservice.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Distributed Transaction Coordinator - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [odserv] - Microsoft Office Diagnostics Service - c:\program files (x86)\common files\microsoft shared\office12\odserv.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Performance Counter DLL Host - c:\windows\syswow64\perfhost.exe S3 - [rpcapd] - Remote Packet Capture Protocol v.0 (experimental) - c:\program files (x86)\winpcap\rpcapd.exe S3 - [RpcLocator] - Remote Procedure Call (RPC) Locator - c:\windows\system32\locator.exe S3 - [SNMPTRAP] - SNMP Trap - c:\windows\system32\snmptrap.exe S3 - [TrustedInstaller] - Windows Modules Installer - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Virtual Disk - c:\windows\system32\vds.exe S3 - [VSS] - Volume Shadow Copy - c:\windows\system32\vssvc.exe S3 - [wbengine] - Block Level Backup Engine Service - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - WMI Performance Adapter - c:\windows\system32\wbem\wmiapsrv.exe S4 - [aspnet_state] - ASP.NET-statusservice - c:\windows\microsoft.net\framework64\v4.0.30319\aspnet_state.exe S4 - [clr_optimization_v2.0.50727_32] - Microsoft .NET Framework NGEN v2.0.50727_X86 - c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe S4 - [clr_optimization_v2.0.50727_64] - Microsoft .NET Framework NGEN v2.0.50727_X64 - c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ALSysIO deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ALSysIO deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\esgiguard deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\esgiguard deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\GPU-Z deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\GPU-Z deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VGPU deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VGPU deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\System\vmci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vmci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\System\vmci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vmci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VMnetAdapter deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\VMnetAdapter deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default user.js not found ---- Lines {6d0f26ba-45b8-4871-9c07-43ab341d5b73} removed from prefs.js ---- user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.config_sm", "1431163778397"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.daysPassed", "{\"t2d\":true,\"t10d\":true,\"t7d\":true}"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.installtime", "1409085810.246"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.isFirstRun", "false"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.is_bundle", "true"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.lastC", "{\"li\":406696,\"sm\":406696,\"mo\":406696}"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.last_version", ""); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.moEnabled", true); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.server", "https://s7921.webovernet.com"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.src", "7921"); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.toolbarButtonInstalled", true); user_pref("{6d0f26ba-45b8-4871-9c07-43ab341d5b73}.user_id", "A2E072B7-8512-43D4-94EB-45954C795013"); ---- Lines {6d0f26ba-45b8-4871-9c07-43ab341d5b73} modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program ---- FireFox user.js and prefs.js backups ---- prefs_20161508_1906_.backup ProfilePath: C:\Users\jan\AppData\Roaming\Songbird2\Profiles\dvw2rxfl.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20161508_1906_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Adobe not found C:\PROGRA~2\Anvisoft not found C:\PROGRA~2\Lavasoft not found C:\PROGRA~2\predm not found C:\PROGRA~2\SiteLookup not found C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} not found C:\PROGRA~3\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} not found C:\Users\jan\AppData\Local\Adobe deleted C:\Users\jan\AppData\Local\Anvisoft deleted C:\Program Files\Enigma Software Group deleted C:\Program Files\Alwil Software deleted C:\Users\jan\AppData\Roaming\IObit deleted C:\Program Files (x86)\IObit deleted C:\ProgramData\IObit deleted C:\Users\jan\AppData\LocalLow\IObit deleted C:\ProgramData\ProductData deleted C:\Users\jan\.android deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted C:\PROGRA~2\Driver-Soft deleted C:\PROGRA~2\globalUpdate deleted C:\Users\jan\AppData\Roaming\pcouffin.log deleted C:\Users\jan\AppData\Roaming\ProductData deleted C:\PROGRA~3\Avg_Update_0215tb deleted C:\PROGRA~3\Package Cache deleted C:\Users\jan\AppData\Local\globalUpdate deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip deleted C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted C:\Windows\wininit.ini deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\SETA8A6.tmp deleted C:\Windows\Syswow64\SETAC4F.tmp deleted C:\Windows\Syswow64\SETACD4.tmp deleted C:\Windows\Syswow64\SETB09D.tmp deleted C:\Windows\Syswow64\SETB0D1.tmp deleted C:\Windows\Syswow64\SETD520.tmp deleted C:\Windows\Syswow64\SETD580.tmp deleted C:\Windows\Syswow64\SETD72E.tmp deleted C:\Windows\Syswow64\SETDAA6.tmp deleted C:\Windows\Syswow64\SETDE17.tmp deleted C:\Windows\Syswow64\SETDE67.tmp deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default\extensions\{6d0f26ba-45b8-4871-9c07-43ab341d5b73} deleted "C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe" deleted "C:\Users\jan\AppData\Roaming\Dashlane\DashlanePlugin.exe" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWApplication.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWData.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebug.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWDebugDll_win32.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWExternLib.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Kwift_DP.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLibData.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWMainLib_win.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\KWUtils.4.5.1.15044.dll" deleted "C:\Users\jan\AppData\Roaming\Dashlane" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" deleted "C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components" deleted ==== System Specs ====================== Windows: Windows 7 Ultimate Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 8173 MB CPU Info: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz CPU Speed: 3469,3 MHz Sound Card: Luidsprekers (Realtek High Defi | Realtek Digital Output(Optical) | Realtek Digital Output (Realtek | 1 - E2250 (AMD High Definition | Display Adapters: AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | AMD Radeon HD 7800 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; LG E2250(HDMI) | Screen Resolution: 1920 X 1080 - 32 bit Network: Network Present Network Adapters: Realtek PCIe GBE Family Controller CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GH22NS40 Ports: COM1 LPT Port NOT Present. Mouse: 16 Button Wheel Mouse Present Hard Disks: C: 209,5GB | D: 100,0MB | F: 461,9GB | H: 298,0GB Hard Disks - Free: C: 108,1GB | D: 65,6MB | F: 76,4GB | H: 48,1GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 03/02/11 | _ASUS_ - 1072009 Time Zone: West-Europa (standaardtijd) Motherboard *: MSI P67A-GD65 (MS-7681) Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== AV: AVG Internet Security Business Edition *Disabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: AVG Internet Security Business Edition *Disabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Internet Security Business Edition *Enabled* {757AB44A-78C2-7D1A-E37F-CA42A037B368} Default Browser: Google Chrome 52.0.2743.116 Internet Explorer Version: 11.0.9600.18426 Mozilla Firefox version: 33.0 (x86 nl) Google Chrome version: 52.0.2743.116 Sun Java version: 1.8.0_77 (32-bit) Sun Java version: 1.8.0_77 (64-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\jan\AppData\Local\Temp ==== 2016-08-14 12:21:48 358D68AADE77E120C9C1ABC29B916F9E 513528 ----a-w- C:\Users\jan\AppData\Local\Temp\Dashlane_Launcher_1437420342.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-08-10 17:03:06 8241C71BECB78FE347E26F1444FF0408 251392 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-08-10 17:03:05 FF80DB2A3E58752C0D3DF84A8C122F92 22016 ----a-w- C:\Windows\SysWOW64\secur32.dll 2016-08-10 17:03:05 F5C14A878BF2E5910E10659B17301A0A 141312 ----a-w- C:\Windows\SysWOW64\rpchttp.dll 2016-08-10 17:03:05 B0357E6AD7A705F10B975638F984D003 260608 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-08-10 17:03:05 A5E65D7561D393E8C8653E242AEA5CC2 65536 ----a-w- C:\Windows\SysWOW64\TSpkg.dll 2016-08-10 17:03:05 8371D7D799B02E9856F87C4A5836C4E7 60416 ----a-w- C:\Windows\SysWOW64\msobjs.dll 2016-08-10 17:03:05 7B5FD967AE05EF838F478684281FC6C1 36352 ----a-w- C:\Windows\SysWOW64\cryptbase.dll 2016-08-10 17:03:05 6D6BDDB5C612877C7A2968F2811B738D 553472 ----a-w- C:\Windows\SysWOW64\kerberos.dll 2016-08-10 17:03:05 61FA0F6C5D5AA1EF14B0A78DEDA31577 172032 ----a-w- C:\Windows\SysWOW64\wdigest.dll 2016-08-10 17:03:05 5FF4AD435A1EFF524409B220ACCD78B4 146432 ----a-w- C:\Windows\SysWOW64\msaudite.dll 2016-08-10 17:03:05 54111CE7EFC1EF72FAFB927C316FB2EE 690688 ----a-w- C:\Windows\SysWOW64\adtschema.dll 2016-08-10 17:03:05 4CD27D535C6A15CCA00EDEBF8176C9E9 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-08-10 17:03:05 41241C3AE0B3229362AB5DE477BD7BC8 223232 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-08-10 17:03:05 39AB21759ADB139F8E8F8206F051491D 96768 ----a-w- C:\Windows\SysWOW64\sspicli.dll 2016-08-10 17:03:05 2CB48AD27A4A7CEB91874DB5FE313966 666112 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-08-10 17:03:05 1C77420F4551C8D71ECEA95E16117077 342528 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-08-10 17:03:05 0F6EA0C965294B39E1B2029CF8FCEB28 17408 ----a-w- C:\Windows\SysWOW64\credssp.dll 2016-08-10 17:03:03 F3EA89E72E6ADD295790092B57800DF8 91136 ----a-w- C:\Windows\SysWOW64\inseng.dll 2016-08-10 17:03:03 CF8D63650B723AD146882DE7238A21A4 346312 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-08-10 17:03:03 CAAFB21C8A0F20E3C422E284B077B28B 47616 ----a-w- C:\Windows\SysWOW64\ieetwproxystub.dll 2016-08-10 17:03:03 64CEAFB38C22478231B1DA2A0BC6CDF7 76288 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2016-08-10 17:03:03 586B9F1848F16DC8DD5E706ED1A3F27F 1316352 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-08-10 17:03:03 2E8B78648D278FCB07F5467F0431E3EF 30720 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2016-08-10 17:03:03 2B46512370A9EC8A8833C42998B4AC20 64000 ----a-w- C:\Windows\SysWOW64\MshtmlDac.dll 2016-08-10 17:03:03 227AABB662FFB3FA84D548CE0096D45E 130048 ----a-w- C:\Windows\SysWOW64\occache.dll 2016-08-10 17:03:02 F549CF4F85F6744F9BD836EFD0F2BB02 279040 ----a-w- C:\Windows\SysWOW64\dxtrans.dll 2016-08-10 17:03:02 EB0157E1E081D4B24E39819054187803 2724864 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2016-08-10 17:03:02 B234B83E0EFCA74F50E9EB6F6F899928 20343808 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-08-10 17:03:02 917A2834DD5B0715967C2B570B0F6307 497664 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-08-10 17:03:02 8CD353AE6565B8BA274DF7637F05F99A 60416 ----a-w- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2016-08-10 17:03:02 8394C481B63B959C1650AE5F73FF8E39 62464 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2016-08-10 17:03:02 10D8F6B20CDC95F058446A0A6468BB34 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-08-10 17:03:02 0EC9E3CA8AFD25FD2DF1C1051C07C754 692736 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-08-10 17:03:01 F8868261CE69123E9271AD9E12AB9693 476160 ----a-w- C:\Windows\SysWOW64\ieui.dll 2016-08-10 17:03:01 F2905A16B566C8C7D32CF1F0BBEC3880 620032 ----a-w- C:\Windows\SysWOW64\jscript9diag.dll 2016-08-10 17:03:01 C8DD4301F421E2B5633F86A94F7E2F56 13808128 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-08-10 17:03:01 BCF01E6EFF578F68407CC0B36C38EF17 416256 ----a-w- C:\Windows\SysWOW64\dxtmsft.dll 2016-08-10 17:03:01 A63EB09E14B5502C489262D4DE9C1FF3 47104 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2016-08-10 17:03:01 8560664EC9AFDB4DB83F32A326509259 2055680 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-08-10 17:03:01 3398621BF58F9A352B01E56FB52C5EEE 2286592 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-08-10 17:03:01 29AA0A28C71C3DF34B651C43FCCACC6A 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-08-10 17:03:00 B269D6CE33447A716668291DBD9E5C22 1155072 ----a-w- C:\Windows\SysWOW64\mshtmlmedia.dll 2016-08-10 17:03:00 74F975346D32CAB73552A9331CDA8C42 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-08-10 17:03:00 64829F4ED34D8339EC39D32204718ADD 2393088 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-08-10 17:03:00 616FE9AB9C7A398500CA7D0921F0FF85 4608000 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-08-10 17:03:00 2B9F2BBB8FE8A95A81D2388B60C3E042 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-08-10 17:02:59 56610536AAA4C3D96FEAEF7595034007 168960 ----a-w- C:\Windows\SysWOW64\msrating.dll 2016-08-10 17:02:59 56276DD3F64D583675B2F183B1BEFF03 341504 ----a-w- C:\Windows\SysWOW64\html.iec ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-08-10 17:03:06 B6000CC0F681D94F2AFC15BE6193F241 343552 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-08-10 17:03:06 A648773888E64002EFBB7B5CE35DA7D7 1464320 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-08-10 17:03:05 F83C586FD2443B5138F74E10B9F46F95 312320 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-08-10 17:03:05 EEF212F3B6A6645D93CD0B2D424CF48A 135680 ----a-w- C:\Windows\Sysnative\sspicli.dll 2016-08-10 17:03:05 D0CEF11E5B55B717AD6E8066CA9F2AC2 463872 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-08-10 17:03:05 BA3BF48B745D3D5C90B360477A39AD52 690688 ----a-w- C:\Windows\Sysnative\adtschema.dll 2016-08-10 17:03:05 B287DB3318E465176A97953BD464C034 64000 ----a-w- C:\Windows\Sysnative\auditpol.exe 2016-08-10 17:03:05 A05D21704365D26EB2ED4F45A354CD50 22016 ----a-w- C:\Windows\Sysnative\credssp.dll 2016-08-10 17:03:05 9B09C31B1F32D0D408E531135C4915F8 28672 ----a-w- C:\Windows\Sysnative\sspisrv.dll 2016-08-10 17:03:05 93ABBD493174AE383BA5234826CFB51E 146432 ----a-w- C:\Windows\Sysnative\msaudite.dll 2016-08-10 17:03:05 85AE555C473DA14AF08A0515BA8E2D27 190464 ----a-w- C:\Windows\Sysnative\rpchttp.dll 2016-08-10 17:03:05 816606DFF52714CB2F80EB11388C720A 730624 ----a-w- C:\Windows\Sysnative\kerberos.dll 2016-08-10 17:03:05 814D408924CF9B4109216BBC458517A9 43520 ----a-w- C:\Windows\Sysnative\cryptbase.dll 2016-08-10 17:03:05 7770EE0B98AEC80A737652DC557C7F7E 86528 ----a-w- C:\Windows\Sysnative\TSpkg.dll 2016-08-10 17:03:05 47819B3FCC240EA34A696E5AC57DA4E8 316416 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-08-10 17:03:05 246A1663CA201B55796E9DDC027EB8ED 28160 ----a-w- C:\Windows\Sysnative\secur32.dll 2016-08-10 17:03:05 18459FCD4B657CF6452D992D984740DB 60416 ----a-w- C:\Windows\Sysnative\msobjs.dll 2016-08-10 17:03:05 13FE29C1C8E782829C7FAA3B14F4A666 30720 ----a-w- C:\Windows\Sysnative\lsass.exe 2016-08-10 17:03:05 0FD231D3BB3867BD2CF35D76E35E4157 210432 ----a-w- C:\Windows\Sysnative\wdigest.dll 2016-08-10 17:03:05 0CB631D7FAAAD66FECCFE64AF7502961 1212928 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-08-10 17:03:03 FB5E30FD58CFCB42C4C58AC4F6B193B4 48640 ----a-w- C:\Windows\Sysnative\ieetwproxystub.dll 2016-08-10 17:03:03 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-08-10 17:03:03 30AA13DD3AB392D31EE1F8280F02419F 2724864 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2016-08-10 17:03:03 231B7E1CF644F83DEE1D14C96D1CE64A 107520 ----a-w- C:\Windows\Sysnative\inseng.dll 2016-08-10 17:03:03 1DCC47231EF77587C6058D0DB1C619BE 34304 ----a-w- C:\Windows\Sysnative\iernonce.dll 2016-08-10 17:03:03 0795C990F18769F138B9C6DF757A1262 114688 ----a-w- C:\Windows\Sysnative\ieetwcollector.exe 2016-08-10 17:03:02 C6CBF1C307BD7FBC15DF4245C4466B13 77824 ----a-w- C:\Windows\Sysnative\JavaScriptCollectionAgent.dll 2016-08-10 17:03:01 F20E4D8EB4B99BCC109AE599193243FD 394440 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-08-10 17:03:01 F13C89FB78ACFF5540F198EBF36FCA9F 152064 ----a-w- C:\Windows\Sysnative\occache.dll 2016-08-10 17:03:01 F09B558573C9BBBC949FA6B3D3200456 66560 ----a-w- C:\Windows\Sysnative\iesetup.dll 2016-08-10 17:03:01 D30B023DC798FAC4ABA25D0B637C568A 315392 ----a-w- C:\Windows\Sysnative\dxtrans.dll 2016-08-10 17:03:01 C588FEF8EE8AD70A1A739B23EF4B987A 969216 ----a-w- C:\Windows\Sysnative\MsSpellCheckingFacility.exe 2016-08-10 17:03:01 BE5436294A01E3C7DD4DD231C724F5C4 4096 ----a-w- C:\Windows\Sysnative\ieetwcollectorres.dll 2016-08-10 17:03:01 7EE91314F7FFC8A566ADDCD13DD51242 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-08-10 17:03:01 3E154893570038A59F73A8F7418DCF75 1550848 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-08-10 17:03:00 F685AC29447B34F623D85C973E028287 572416 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-08-10 17:03:00 C7C7C333FDBECF16C29A39635B84A1EA 2894336 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-08-10 17:03:00 50828D61E8A3205B337DC49A7C3FFF38 2131456 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-08-10 17:03:00 22336934420C6862F0847DED6C437B76 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-08-10 17:02:59 EFB4DC94975BAFFE5FB0465E64A1E54B 54784 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2016-08-10 17:02:59 CA73619BE9ADCEB3934551C223F6ADD0 92160 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2016-08-10 17:02:59 8F9762BB257CAC7B119CB643212AAD75 489984 ----a-w- C:\Windows\Sysnative\dxtmsft.dll 2016-08-10 17:02:59 679442D0595FBF5A6D91705D364784A3 615936 ----a-w- C:\Windows\Sysnative\ieui.dll 2016-08-10 17:02:59 311416EBB1CFB6F39D0AE6176E79D2C2 15412224 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-08-10 17:02:58 C29752ECB73D5C92003568123975EA7C 1359360 ----a-w- C:\Windows\Sysnative\mshtmlmedia.dll 2016-08-10 17:02:58 8BE7C72DB66A760B2DC57DE1D99EDCA1 6047744 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-08-10 17:02:58 76A937F27F14BE9AB31901319335CED6 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-08-10 17:02:58 710634B4F8003066FB7329D776D0C5BE 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2016-08-10 17:02:58 429E72773966866CE5F6BBA9E07B750D 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-08-10 17:02:58 33821B684222F236711F7F8C78AA9247 2868224 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-08-10 17:02:58 2FC7C339A0310E9E7A55384B2B798F06 814080 ----a-w- C:\Windows\Sysnative\jscript9diag.dll 2016-08-10 17:02:57 E3E3B1226692DB497226CCD7F43AD7DF 25808384 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-08-10 17:02:57 51BD4D3D74CDF4EFB6C8023C86914C6D 199680 ----a-w- C:\Windows\Sysnative\msrating.dll 2016-08-10 17:02:57 2BCC67A19D5C041AE694DBCA3BA0A290 417792 ----a-w- C:\Windows\Sysnative\html.iec 2016-08-10 17:02:57 133BDD30B98E9158649E73B38434F673 88064 ----a-w- C:\Windows\Sysnative\MshtmlDac.dll 2016-08-10 17:02:48 F599F9438186D88E6A9D0F38806C1217 3218944 ----a-w- C:\Windows\Sysnative\win32k.sys 2016-08-05 13:15:10 F85BEEBE6288B73B03E193DB6162CC11 65536 ----a-w- C:\Windows\Sysnative\spu_storage.bin ====== C:\Windows\Sysnative\drivers ===== 2016-08-14 12:32:00 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\Windows\Sysnative\drivers\trufos.sys 2016-08-10 17:03:06 CFBA6BCBBDC7E33813D92FFB3460FA07 95464 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2016-08-10 17:03:05 CE66825289EE8326CB52C4E9E785ACB0 154856 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2016-08-10 17:03:05 B7FADA5E1E55BB63F90EB9F8F016113B 159744 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-08-10 17:03:05 34AFF1849B3EC042C40C5EEC9D78562A 291328 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-08-10 17:03:05 058CE7A55E140EB0C72FBA6FD2FA72DE 129536 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-08-08 16:50:46 78488AF2AB2111D67B3C4044707A519B 192216 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2016-08-08 16:50:36 78BFF5425E044086E74E78650A359FBB 27008 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2016-08-08 16:50:36 452ACB7A9914398D9E18CCCFFCF92208 64896 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2016-08-08 16:50:36 1239597BAB7EED2BB16D035AF87E65D9 140672 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2016-07-19 11:27:12 A1E22774E01EDB88EC9620EF017B3ABE 261888 ----a-w- C:\Windows\Sysnative\drivers\avgmfx64.sys 2016-07-18 22:20:14 85958749829568FE01B1A110DCA74775 305032 ----a-w- C:\Windows\Sysnative\drivers\amdacpksd.sys 2016-07-18 21:42:24 D15395F5818B327E64E5D8B93EDACFC0 26708992 ----a-w- C:\Windows\Sysnative\drivers\atikmdag.sys 2016-07-18 20:38:50 1648836B52C9194AC6AEE2E04FB142DD 43520 ----a-w- C:\Windows\Sysnative\drivers\ati2erec.dll 2016-07-18 20:32:52 B283403E7717FB0D41AD962C643FB7AC 500736 ----a-w- C:\Windows\Sysnative\drivers\atikmpag.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-08-15 12:06:55 -------- d-----w- C:\Program Files\trend micro 2016-08-14 10:45:31 -------- d-----w- C:\Program Files\Common Files\AV ======= C:\PROGRA~2 ===== 2016-08-14 12:27:49 -------- d-----w- C:\PROGRA~2\Dashlane 2016-08-14 12:20:52 -------- d-----w- C:\PROGRA~2\COMMON~1\IObit ======= C: ===== ====== C:\Users\jan\AppData\Roaming ====== 2016-08-14 12:28:30 -------- d-----w- C:\Users\jan\AppData\Locallow\Dashlane 2016-08-14 12:27:49 -------- d-----w- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dashlane 2016-08-14 12:27:49 -------- d-----w- C:\Users\jan\AppData\Local\Packages ====== C:\Users\jan ====== 2016-08-14 12:32:00 -------- d-----w- C:\ProgramData\BDLogging 2016-08-05 13:15:43 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings ====== C: exe-files == 2016-08-15 17:03:08 6B1B84C7E236995227B78EDE92870108 2394624 ----a-w- C:\Users\jan\Documents\Downloads\FRST64 (1).exe 2016-08-15 16:48:41 6B1B84C7E236995227B78EDE92870108 2394624 ----a-w- C:\Users\jan\Documents\Downloads\FRST64.exe 2016-08-15 12:06:56 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\jan.exe 2016-08-15 12:06:21 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\jan\Documents\Downloads\RSITx64.exe 2016-08-14 12:28:22 938967D6A55B1CAB5C0E1798C282537F 13312 ----a-w- C:\Program Files (x86)\Dashlane\Dashlane_launcher.exe 2016-08-14 12:28:21 938967D6A55B1CAB5C0E1798C282537F 13312 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane_launcher.exe 2016-08-14 12:28:21 7D9783DDCA177415AFC212810549454F 286080 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\DashlanePlugin_new.exe 2016-08-14 12:28:21 7D9783DDCA177415AFC212810549454F 286080 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\DashlanePlugin.exe 2016-08-14 12:28:21 6B8E0F1C220C29D16F86DF4FE501C016 515776 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\procdump.exe 2016-08-14 12:28:21 1131979E8FEEE4496F16A516DA353895 228224 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane_new.exe 2016-08-14 12:28:21 1131979E8FEEE4496F16A516DA353895 228224 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}\components\Dashlane.exe 2016-08-14 12:28:04 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Prerequisites\vcredist_x86_sp1.exe 2016-08-14 12:28:04 40395C175553CB14D2050888EFCCDF00 4961800 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\Prerequisites\x64\vcredist_x64_sp1.exe 2016-08-14 12:21:48 358D68AADE77E120C9C1ABC29B916F9E 513528 ----a-w- C:\Users\jan\AppData\Local\Temp\Dashlane_Launcher_1437420342.exe 2016-08-14 11:51:03 44D446241A2B9582294DED8B9D156F80 43739048 ----a-w- C:\Users\jan\Documents\malware fighter\IObit-Malware-Fighter-Setup.exe 2016-08-10 17:03:05 B287DB3318E465176A97953BD464C034 64000 ----a-w- C:\Windows\System32\auditpol.exe 2016-08-10 17:03:05 4CD27D535C6A15CCA00EDEBF8176C9E9 50176 ----a-w- C:\Windows\SysWOW64\auditpol.exe 2016-08-10 17:03:05 13FE29C1C8E782829C7FAA3B14F4A666 30720 ----a-w- C:\Windows\System32\lsass.exe 2016-08-10 17:03:03 F34FCCD107EEE8F32E973B88B1B6879F 724992 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-08-10 17:03:03 83F98F75E0F3ED7C02B35B17853F6CAB 221184 ----a-w- C:\Program Files (x86)\Internet Explorer\ielowutil.exe 2016-08-10 17:03:03 0795C990F18769F138B9C6DF757A1262 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe 2016-08-10 17:03:01 F782AA6A534AE1536E2EB33A85E23A7B 474112 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-08-10 17:03:01 C588FEF8EE8AD70A1A739B23EF4B987A 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2016-08-10 17:03:01 BEEA90201596E8E30E9543A0E05837A6 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2016-08-10 17:03:00 6DC6F88B59CAE7DDEB356BF6075B90D6 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-08-10 17:03:00 2B9F2BBB8FE8A95A81D2388B60C3E042 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2016-08-10 17:02:58 710634B4F8003066FB7329D776D0C5BE 144384 ----a-w- C:\Windows\System32\ieUnatt.exe 2016-08-10 15:17:21 C99AD59FAC80FAA0266493AFD566D83A 78608 ----a-w- C:\ProgramData\Avg\Setup\av\avguirux.exe 2016-08-10 15:17:21 059AFB5B1037DCE5ADE6743FB12DBDE1 6107296 ----a-w- C:\ProgramData\Avg\Setup\av\avgmfapx.exe 2016-08-10 15:16:32 9B67F38DEBF526731309CEDCA08E6A5F 384272 ----a-w- C:\Program Files (x86)\AVG\Av\avgndisa.exe 2016-08-10 15:01:36 527BD8B4CD598E4A6EC4DF0B501E9444 59772984 ----a-w- C:\Users\jan\AppData\Roaming\PlaysTV\playstv-1.13.1-r115223-release.exe 2016-08-09 20:14:44 B4AD5A4E91BC286C69A79E6A6CBD5AED 4214544 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\vcredist_x86.exe 2016-08-09 20:14:44 7B2C78984E6F5ECC56DE88C165D289ED 61200 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\upload_logs.exe 2016-08-09 20:14:42 FFFE7BEEC525DFE7995EF6CC9583CB25 74512 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe 2016-08-09 20:14:42 AB3C494C6971AB686C44BFC341F93826 1107216 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_encoder_server64-114978.exe 2016-08-09 20:14:42 7C9ED47213D04958BD3CE0D0DB9F471D 71440 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe 2016-08-09 20:14:42 04325377B3D504927184CBAABF9D47FA 32528 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe 2016-08-09 20:14:40 C7F2B95545BF3C2FFE759A1EA5350EE4 1028880 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_encoder_server-114978.exe 2016-08-09 20:14:40 96C013213142D0113A432178283EA9BC 58640 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\f2p_ping.exe === C: other files == 2016-08-14 12:32:00 3E75A47D2DEFD2683DCA409572FBE8B2 452040 ----a-w- C:\Windows\System32\drivers\trufos.sys 2016-08-14 12:28:30 F6C0856FFE46F68032AFBFAA27D88CCF 834507 ----a-w- C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default\extensions\jetpack-extension@dashlane.com.xpi 2016-08-14 12:28:20 F6C0856FFE46F68032AFBFAA27D88CCF 834507 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\Extensions\JetPack_xpi\jetpack-extension@dashlane.com-4.0.0.xpi 2016-08-14 12:28:20 A65B5ABC1D905AC98440BD05A382ECD8 157 ----a-w- C:\Users\jan\AppData\Local\Packages\windows_ie_ac_001\AC\Dashlane\4.5.1.15044\bin\IEInstaller.bat 2016-08-10 17:03:06 CFBA6BCBBDC7E33813D92FFB3460FA07 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2016-08-10 17:03:05 CE66825289EE8326CB52C4E9E785ACB0 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2016-08-10 17:03:05 B7FADA5E1E55BB63F90EB9F8F016113B 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-08-10 17:03:05 34AFF1849B3EC042C40C5EEC9D78562A 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-08-10 17:03:05 058CE7A55E140EB0C72FBA6FD2FA72DE 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-08-10 17:02:48 F599F9438186D88E6A9D0F38806C1217 3218944 ----a-w- C:\Windows\System32\win32k.sys 2016-08-09 20:14:38 EAE40FC468EDCFFBFA0BA06235CC0D41 12050221 ----a-w- C:\Program Files (x86)\Raptr Inc\PlaysTV\library.zip ==== Orphaned Tasks deleted from Registry ====================== avast Emergency Update deleted ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "Dashlane"="C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe autoLaunchAtStartup" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files (x86)\AVG\Av\avuirunnerx.exe C:\Program Files (x86)\AVG\Av\avgui.exe" "AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe /lps=fmw" "Raptr"="C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe --startup" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "PlaysTV"="C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe --startup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" "Dashlane"="C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe autoLaunchAtStartup" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCN"="C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUi] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AvgUi" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\AVG\\Framework\\Common\\avguirnx.exe\" /lps=fmw" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AVG_UI" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\AVG\\Av\\avuirunnerx.exe\" C:\\Program Files (x86)\\AVG\\Av\\avgui.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Driver Genius] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Driver Genius" "hkey"="HKLM" "command"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GrooveMonitor] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="GrooveMonitor" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office12\\GrooveMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PlaysTV] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PlaysTV" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Raptr Inc\\PlaysTV\\playstv_launcher.exe\" --startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Raptr] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Raptr" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Raptr Inc\\Raptr\\raptrstub.exe\" --startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RTHDVCPL] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RTHDVCPL" "hkey"="HKLM" "command"="\"C:\\Program Files\\Realtek\\Audio\\HDA\\RtkNGUI64.exe\" -s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SamsungRapidApp] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SamsungRapidApp" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\RAPID\\CacheFilter\\SamsungRapidApp.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Skype" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SunJavaUpdateSched" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2012-07-12 11:46:02 306 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD 2012-07-12 11:46:02 306 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RUN.CMD ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 11:00] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [28/08/2015 11:00] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AMD Updater" ["C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe"] "C:\Windows\SysNative\tasks\{846C1C80-F664-446C-9D4E-3D5017AD1027}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2016-02-27 15:30:43 -------- d-----w- C:\PROGRA~3\HTC 2016-04-20 15:00:58 -------- d-----w- C:\PROGRA~3\Avg 2016-04-20 15:01:02 -------- d-----w- C:\PROGRA~3\MFAData 2016-05-29 07:41:29 -------- d-----w- C:\PROGRA~3\install_clap 2016-05-29 07:41:29 -------- d-----w- C:\PROGRA~3\SUPPORTDIR 2016-05-29 07:41:57 -------- d-----w- C:\PROGRA~3\CyberLink 2016-05-29 07:42:21 -------- d-----w- C:\PROGRA~3\PDVD 2016-05-29 07:59:26 -------- d-----w- C:\PROGRA~3\Temp 2016-08-14 12:32:00 -------- d-----w- C:\PROGRA~3\BDLogging ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{442718d9-475e-452a-b3e1-fb1ee16b8e9f}"="C:\Users\jan\AppData\Roaming\Dashlane\4.5.1.15044\bin\Firefox_Extension\{442718d9-475e-452a-b3e1-fb1ee16b8e9f}" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default - Dashlane - %ProfilePath%\extensions\jetpack-extension@dashlane.com.xpi ProfilePath: C:\Users\jan\AppData\Roaming\Songbird2\Profiles\dvw2rxfl.default - Undetermined - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com - Undetermined - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] Google Slides - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.himediads.com_0.localstorage deleted successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.himediads.com_0.localstorage-journal deleted successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Start Page Redirect Cache"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Start Page Redirect Cache"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page Redirect Cache"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes "DefaultScope"="{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} HKCU\SearchScopes "DefaultScope"="{D15200C5-79C8-40A8-A0CF-D7223E606AB4}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} HKCU\SearchScopes\{D15200C5-79C8-40A8-A0CF-D7223E606AB4} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B236E3E-80B2-4322-B6A2-529D751B7FB1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2882025041-3884981816-3174003818-1000\Software\Mozilla\Firefox\Extensions\{442718d9-475e-452a-b3e1-fb1ee16b8e9f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{669695BC-A811-4A9D-8CDF-BA8C795F261C} deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe, O1 - Hosts: ::1 localhost O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" O4 - HKCU\..\Run: [Dashlane] "C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - Unknown owner - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2214 folders=326 365652707 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\jan\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\jan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on ma 15/08/2016 at 19:12:17,41 ======================

Had het blijkbaar verkeerd gedaan ahum ! Addition.txt

Hopelijk heb ik het juist gedaan , alvast bedankt voor de reactie !

FRST.txt FRST64.exe

Hey ik had hier een oud forum gelezen over pop ups , advertenties iK heb RSIT 64 bit eens effe laten runnen maar ik ken er niks van. hiei onder log files Logfile of random's system information tool 1.10 (written by random/random) Run by jan at 2016-08-15 13:27:44 Microsoft Windows 7 Ultimate Service Pack 1 System drive C: has 108 GB (50%) free of 215 GB Total RAM: 8172 MB (50% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:27:49, on 15/08/2016 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Unable to get Internet Explorer version! Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe C:\Program Files (x86)\AVG\Framework\Common\avguix.exe C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Users\jan\AppData\Roaming\Dashlane\DashlanePlugin.exe C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\trend micro\jan.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Dashlane BHO - {42D79B50-CC4A-4A8E-860F-BE674AF053A2} - C:\Users\jan\AppData\Roaming\Dashlane\ie\Dashlanei.dll O2 - BHO: Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll O3 - Toolbar: (no name) - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - (no file) O3 - Toolbar: Dashlane Toolbar - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\Users\jan\AppData\Roaming\Dashlane\ie\KWIEBar.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw O4 - HKLM\..\Run: [Raptr] "C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe" --startup O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe O4 - HKLM\..\Run: [PlaysTV] "C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe" --startup O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean O4 - HKCU\..\Run: [Dashlane] "C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - .DEFAULT User Startup: RUN.CMD (User 'Default user') O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HTCMonitorService - Nero AG - C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe O23 - Service: MBAMScheduler - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe O23 - Service: Plays.tv Update Service (PlaysService) - Plays.tv, LLC - C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Riverbed Technology, Inc. - C:\Program Files (x86)\WinPcap\rpcapd.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Samsung RAPID Mode Service (SamsungRapidSvc) - Unknown owner - C:\Windows\system32\RAPID\SamsungRapidSvc.exe (file missing) O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 10757 bytes ======Listing Processes====== \SystemRoot\System32\smss.exe c:\PROGRA~2\AVG\Av\avgrsa.exe /boot %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 wininit.exe %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16 C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k NetworkService atieclxx C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork "C:\Program Files (x86)\AVG\Av\avgfwsa.exe" "C:\Program Files (x86)\AVG\Av\avgidsagenta.exe" taskeng.exe {376191A2-FA49-4360-8103-FADDA2B1B722} "C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe" "C:\Windows\system32\Dwm.exe" C:\Windows\Explorer.EXE "taskhost.exe" "C:\Program Files (x86)\AVG\Av\avgwdsvca.exe" "C:\Program Files\Bonjour\mDNSResponder.exe" "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service C:\Windows\System32\svchost.exe -k utcsvc "C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" "C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe" atlogon "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR "C:\Program Files (x86)\AVG\Av\avgnsa.exe" "C:\Program Files (x86)\AVG\Av\avgemca.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe" /starttray "C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe" "C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe" "C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe" autoLaunchAtStartup /TRAYONLY adb fork-server server /fmw.trayonly "C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" system32\RAPID\SamsungRapidSvc.exe "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" "C:\Users\jan\AppData\Roaming\Dashlane\DashlanePlugin.exe " ws "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" "C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe" C:\Windows\system32\svchost.exe -k imgsvc "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe" C:\Windows\system32\wbem\unsecapp.exe -Embedding C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" ctfmon.exe taskeng.exe {5D4B1B5F-1792-4AC0-9749-781F1C0CEEC6} "C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe" /AUTOHIDE "C:\Program Files (x86)\Nero\Update\NASvc.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --no-rate-limit "--database=C:\Users\jan\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel=-m --annotation=plat=Win32 --annotation=prod=Chrome --annotation=ver=52.0.2743.116 --handshake-handle=0xb0 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --channel="8096.0.2059343082\2138767524" --mojo-application-channel-token=DAF043A8A443BCB7A05F7BBD2F35495B --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/DisallowFetchForDocWrittenScriptsInMainFrame/Default/EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/PreconnectMore/Default/*QUIC/EnabledTimeLossDetectionJuly/ReportCertificateErrors/ShowAndPossiblySend/ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/SafeBrowsingUpdateFrequency/Default/SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_53/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,27,55 --gpu-vendor-id=0x1002 --gpu-device-id=0x6819 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=16.300.2311.0 --gpu-driver-date=7-18-2016 --mojo-platform-channel-handle=1124 --ignored=" --type=renderer " /prefetch:2 C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-b08d-832c12216a78 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16 "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledTimeLossDetectionJuly/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_53/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=0E06F2EA1F65E0AAB174ADC2AFE3091D --lang=nl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=B2C1DE83B8920E59FE7466B38C6E33D6 --mojo-application-channel-token=BD44D380CF3A5FE4FDCEB2F091B0DB68 --channel="8096.70.1897657704\1987064165" --mojo-platform-channel-handle=4664 /prefetch:1 C:\Windows\servicing\TrustedInstaller.exe "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --enable-features=AutomaticTabDiscarding<AutomaticTabDiscarding,*PreconnectMore<PreconnectMore,UsePasswordSeparatedSigninFlow<PasswordSeparatedSigninFlow --disable-features=DocumentWriteEvaluator<DisallowFetchForDocWrittenScriptsInMainFrame,UpdateRendererPriorityOnStartup<UpdateRendererPriorityOnStartup --force-fieldtrials=AppBannerTriggering/Aggressive/*AutofillProfileOrderByFrecency/Enabled/*AutomaticTabDiscarding/Enabled_Once_10-gen2/CaptivePortalInterstitial/Enabled/ChildAccountDetection/Disabled/*ClientSideDetectionModel/Model0/DirectWriteFontProxy/UseDirectWriteFontProxy/*DisallowFetchForDocWrittenScriptsInMainFrame/Default/*EnableMediaRouter/Enabled/ExtensionDeveloperModeWarning/Enabled/*GFE/Default/GoogleBrandedContextMenu/default/InstanceID/Enabled/MaterialDesignDownloads/Enabled/*NetworkQualityEstimator/Enabled/*OmniboxBundledExperimentV1/Unused_2/OutOfProcessPac/Default/*PasswordBranding/Disabled/*PasswordGeneration/Disabled/*PasswordManagerSettingsMigration/Disable/PasswordSeparatedSigninFlow/Enabled/*PasswordSmartBubble/Default/*PreconnectMore/Default/*QUIC/EnabledTimeLossDetectionJuly/ReportCertificateErrors/ShowAndPossiblySend/*ResourcePriorities/Control25PermanentA/SHA1IdentityUIWarning/Enabled/SHA1ToolbarUIJanuary2016/Warning/SHA1ToolbarUIJanuary2017/Error/*SRTPromptFieldTrial/On/SSLCommonNameMismatchHandling/Enabled/*SafeBrowsingIncidentReportingService/Default/SafeBrowsingUnverifiedDownloads/DisableByParameterMostSbTypes2/*SafeBrowsingUpdateFrequency/Default/*SchedulerExpensiveTaskBlocking/Enabled/SyncHttpContentCompression/Enabled/*TriggeredResetFieldTrial/On/*UMA-Dynamic-Uniformity-Trial/Group6/*UMA-Population-Restrict/normal/*UMA-Uniformity-Trial-1-Percent/group_53/*UMA-Uniformity-Trial-10-Percent/group_04/*UMA-Uniformity-Trial-100-Percent/group_01/*UMA-Uniformity-Trial-20-Percent/default/*UMA-Uniformity-Trial-5-Percent/group_03/*UMA-Uniformity-Trial-50-Percent/group_01/*UMA_CheckStates/Checks/ --primordial-pipe-token=4AD2BBBB23E680F37D99BAD21A8331A6 --lang=nl --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --mojo-channel-token=7D89FC8782147C7CC3892F6316258364 --mojo-application-channel-token=BFC081F9DF3F67E498EB1C08F3F247F2 --channel="8096.76.1713807772\281269362" --mojo-platform-channel-handle=7980 /prefetch:1 "C:\Users\jan\Documents\Downloads\RSITx64.exe" ======Scheduled tasks folder====== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler =========Mozilla firefox========= ProfilePath - C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default prefs.js - "browser.search.useDBForOrder" - true prefs.js - "browser.startup.homepage" - "https://mysearch.avg.com/?cid={95234D42-D2AC-4B68-960E-5FA7DE2347FA}&mid=76c8efc176bc47d2b056bd2b2bda38ab-12f5cb7cc6ff5fac9715cf12ca91a111083fdcaf&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0615pii&pr=fr&d=2015-11-21 10:10:26&v=4.2.0.886&pid=wtu&sg=&sap=hp" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.77.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.77.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Nero.com/KM] "Description"= "Path"=C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.1.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@videolan.org/vlc,version=2.2.1] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0] "Description"= "Path"=C:\Windows\system32\npDeployJava1.dll C:\Program Files (x86)\Mozilla Firefox\extensions\ belgiumeid@eid.belgium.be C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\amripyqj.default\extensions\ {6d0f26ba-45b8-4871-9c07-43ab341d5b73} ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25 2111616] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{42D79B50-CC4A-4A8E-860F-BE674AF053A2}] Dashlane BHO - C:\Users\jan\AppData\Roaming\Dashlane\ie\Dashlanei.dll [2016-07-18 958848] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}] Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-04-11 462400] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}] Skype Click to Call for Internet Explorer - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25 1637504] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-11 173120] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar] {6c97a91e-4524-4019-86af-2aa2d567bf5c} {669695BC-A811-4A9D-8CDF-BA8C795F261C} - Dashlane Toolbar - C:\Users\jan\AppData\Roaming\Dashlane\ie\KWIEBar.dll [2016-07-18 136064] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "StartCN"=C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [2016-07-18 6626696] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2014-09-26 6482200] "SpybotPostWindows10UpgradeReInstall"=C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [2015-07-28 1011200] "Spybot-S&D Cleaning"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [2016-03-21 5915776] "Dashlane"=C:\Users\jan\AppData\Roaming\Dashlane\Dashlane.exe [2016-07-18 228224] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi] C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-07-20 186640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI] C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-28 32528] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Driver Genius] [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PlaysTV] C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-08-09 71440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Raptr] C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-02 58640] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2014-01-23 7510232] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SamsungRapidApp] C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe [2014-09-16 281776] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype] C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-12-17 50385536] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-03-20 595480] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-28 32528] "AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-07-20 186640] "Raptr"=C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [2016-08-02 58640] "KiesTrayAgent"=C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [2016-06-02 318128] "PlaysTV"=C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [2016-08-09 71440] "SDTray"=C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [2014-06-24 4101576] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=0 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 "NoResolveSearch"=1 "NoResolveTrack"=1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoActiveDesktop"=1 "NoActiveDesktopChanges"=1 "ForceActiveDesktopOn"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot - Search & Destroy tray access" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater" "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=lvcod64.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.l3pacm"=l3codecp.acm "msacm.aacacm"=AACACM.acm "msacm.ac3acm"=ac3acm.acm "VIDC.LAGS"=lagarith.dll "VIDC.FFDS"=ff_vfw.dll "vidc.x264"=x264vfw.dll "msacm.ac3filter"=ac3filter.acm "VIDC.MLCY"=mlc.dll "MSVideo8"=VfWWDM32.dll "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "aux2"=wdmaud.drv "MSVideo"=vfwwdm32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux3"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2016-08-15 13:06:55 ----D---- C:\rsit 2016-08-15 13:06:55 ----D---- C:\Program Files\trend micro 2016-08-14 13:32:57 ----D---- C:\Users\jan\AppData\Roaming\ProductData 2016-08-14 13:32:00 ----D---- C:\ProgramData\BDLogging 2016-08-14 13:32:00 ----A---- C:\Windows\system32\drivers\trufos.sys 2016-08-14 13:27:49 ----D---- C:\Users\jan\AppData\Roaming\Dashlane 2016-08-14 13:27:49 ----D---- C:\Program Files (x86)\Dashlane 2016-08-14 13:20:57 ----D---- C:\Users\jan\AppData\Roaming\IObit 2016-08-14 13:20:53 ----D---- C:\ProgramData\ProductData 2016-08-14 13:20:49 ----D---- C:\Program Files (x86)\IObit 2016-08-14 13:20:35 ----D---- C:\ProgramData\IObit 2016-08-14 13:20:35 ----D---- C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705} 2016-08-14 11:45:31 ----D---- C:\Program Files\Common Files\AV 2016-08-14 11:44:33 ----A---- C:\Windows\system32\sdnclean64.exe 2016-08-10 18:03:06 ----A---- C:\Windows\SYSWOW64\schannel.dll 2016-08-10 18:03:06 ----A---- C:\Windows\system32\schannel.dll 2016-08-10 18:03:06 ----A---- C:\Windows\system32\lsasrv.dll 2016-08-10 18:03:06 ----A---- C:\Windows\system32\drivers\ksecdd.sys 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\wdigest.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\TSpkg.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\sspicli.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\secur32.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\rpchttp.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\ncrypt.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\msv1_0.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\msobjs.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\msaudite.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\kerberos.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\cryptbase.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\credssp.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\certcli.dll 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\auditpol.exe 2016-08-10 18:03:05 ----A---- C:\Windows\SYSWOW64\adtschema.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\wdigest.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\TSpkg.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\sspisrv.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\sspicli.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\secur32.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\rpcrt4.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\rpchttp.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\ncrypt.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\msv1_0.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\msobjs.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\msaudite.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\lsass.exe 2016-08-10 18:03:05 ----A---- C:\Windows\system32\kerberos.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys 2016-08-10 18:03:05 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys 2016-08-10 18:03:05 ----A---- C:\Windows\system32\drivers\mrxsmb.sys 2016-08-10 18:03:05 ----A---- C:\Windows\system32\drivers\ksecpkg.sys 2016-08-10 18:03:05 ----A---- C:\Windows\system32\cryptbase.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\credssp.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\certcli.dll 2016-08-10 18:03:05 ----A---- C:\Windows\system32\auditpol.exe 2016-08-10 18:03:05 ----A---- C:\Windows\system32\adtschema.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\urlmon.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\occache.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\mshtmled.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\inseng.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\iernonce.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll 2016-08-10 18:03:03 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll 2016-08-10 18:03:03 ----A---- C:\Windows\system32\inseng.dll 2016-08-10 18:03:03 ----A---- C:\Windows\system32\iernonce.dll 2016-08-10 18:03:03 ----A---- C:\Windows\system32\ieetwproxystub.dll 2016-08-10 18:03:03 ----A---- C:\Windows\system32\ieetwcollector.exe 2016-08-10 18:03:03 ----A---- C:\Windows\system32\ie4uinit.exe 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\vbscript.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\mshtml.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\msfeeds.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\iesetup.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll 2016-08-10 18:03:02 ----A---- C:\Windows\SYSWOW64\dxtrans.dll 2016-08-10 18:03:02 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\jsproxy.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\jscript.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\ieui.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\iertutil.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\ieframe.dll 2016-08-10 18:03:01 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\urlmon.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\occache.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe 2016-08-10 18:03:01 ----A---- C:\Windows\system32\msfeeds.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\iesetup.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\ieetwcollectorres.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\iedkcs32.dll 2016-08-10 18:03:01 ----A---- C:\Windows\system32\dxtrans.dll 2016-08-10 18:03:00 ----A---- C:\Windows\SYSWOW64\wininet.dll 2016-08-10 18:03:00 ----A---- C:\Windows\SYSWOW64\webcheck.dll 2016-08-10 18:03:00 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll 2016-08-10 18:03:00 ----A---- C:\Windows\SYSWOW64\jscript9.dll 2016-08-10 18:03:00 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe 2016-08-10 18:03:00 ----A---- C:\Windows\system32\vbscript.dll 2016-08-10 18:03:00 ----A---- C:\Windows\system32\iertutil.dll 2016-08-10 18:03:00 ----A---- C:\Windows\system32\ieapfltr.dll 2016-08-10 18:02:59 ----A---- C:\Windows\SYSWOW64\msrating.dll 2016-08-10 18:02:59 ----A---- C:\Windows\system32\mshtmled.dll 2016-08-10 18:02:59 ----A---- C:\Windows\system32\jsproxy.dll 2016-08-10 18:02:59 ----A---- C:\Windows\system32\ieui.dll 2016-08-10 18:02:59 ----A---- C:\Windows\system32\ieframe.dll 2016-08-10 18:02:59 ----A---- C:\Windows\system32\dxtmsft.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\wininet.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\webcheck.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\mshtmlmedia.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\jscript9diag.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\jscript9.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\jscript.dll 2016-08-10 18:02:58 ----A---- C:\Windows\system32\ieUnatt.exe 2016-08-10 18:02:57 ----A---- C:\Windows\system32\msrating.dll 2016-08-10 18:02:57 ----A---- C:\Windows\system32\MshtmlDac.dll 2016-08-10 18:02:57 ----A---- C:\Windows\system32\mshtml.dll 2016-08-10 18:02:48 ----A---- C:\Windows\system32\win32k.sys 2016-08-08 17:50:46 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys 2016-08-08 17:50:36 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware 2016-08-08 17:50:36 ----A---- C:\Windows\system32\drivers\mwac.sys 2016-08-08 17:50:36 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys 2016-08-08 17:50:36 ----A---- C:\Windows\system32\drivers\mbam.sys 2016-07-19 12:27:12 ----A---- C:\Windows\system32\drivers\avgmfx64.sys 2016-07-18 23:22:10 ----A---- C:\Windows\SYSWOW64\amdave32.dll 2016-07-18 23:22:10 ----A---- C:\Windows\system32\amdave64.dll 2016-07-18 23:22:04 ----A---- C:\Windows\system32\amdhcp64.dll 2016-07-18 23:22:02 ----A---- C:\Windows\SYSWOW64\amdhcp32.dll 2016-07-18 23:21:58 ----A---- C:\Windows\system32\atimpc64.dll 2016-07-18 23:21:58 ----A---- C:\Windows\system32\amdpcom64.dll 2016-07-18 23:21:56 ----A---- C:\Windows\SYSWOW64\atimpc32.dll 2016-07-18 23:21:56 ----A---- C:\Windows\SYSWOW64\amdpcom32.dll 2016-07-18 23:21:42 ----A---- C:\Windows\SYSWOW64\atiuxpag.dll 2016-07-18 23:21:40 ----A---- C:\Windows\system32\atiu9p64.dll 2016-07-18 23:21:38 ----A---- C:\Windows\SYSWOW64\atiu9pag.dll 2016-07-18 23:21:30 ----A---- C:\Windows\SYSWOW64\aticfx32.dll 2016-07-18 23:21:20 ----A---- C:\Windows\SYSWOW64\atidxx32.dll 2016-07-18 23:21:12 ----A---- C:\Windows\SYSWOW64\atiumdva.dll 2016-07-18 23:21:04 ----A---- C:\Windows\SYSWOW64\atiumdag.dll 2016-07-18 23:20:54 ----A---- C:\Windows\system32\atiumd6a.dll 2016-07-18 23:20:50 ----A---- C:\Windows\system32\atiumd64.dll 2016-07-18 23:20:14 ----A---- C:\Windows\system32\drivers\amdacpksd.sys 2016-07-18 23:07:28 ----A---- C:\Windows\system32\amfrt64.dll 2016-07-18 23:06:02 ----A---- C:\Windows\SYSWOW64\amfrt32.dll 2016-07-18 23:04:46 ----A---- C:\Windows\system32\amdvlk64.dll 2016-07-18 22:54:52 ----A---- C:\Windows\SYSWOW64\amdvlk32.dll 2016-07-18 22:42:24 ----A---- C:\Windows\system32\drivers\atikmdag.sys 2016-07-18 22:37:38 ----A---- C:\Windows\system32\atio6axx.dll 2016-07-18 22:31:54 ----A---- C:\Windows\system32\coinst_16.30.dll 2016-07-18 22:28:24 ----A---- C:\Windows\system32\clinfo.exe 2016-07-18 22:28:12 ----A---- C:\Windows\system32\amdocl64.dll 2016-07-18 22:27:00 ----A---- C:\Windows\SYSWOW64\amdocl.dll 2016-07-18 22:25:52 ----A---- C:\Windows\system32\OpenCL.dll 2016-07-18 22:25:48 ----A---- C:\Windows\SYSWOW64\OpenCL.dll 2016-07-18 22:22:58 ----A---- C:\Windows\system32\amdlvr64.dll 2016-07-18 22:22:16 ----A---- C:\Windows\SYSWOW64\amdlvr32.dll 2016-07-18 22:21:48 ----A---- C:\Windows\system32\amdocl12cl64.dll 2016-07-18 22:21:38 ----A---- C:\Windows\SYSWOW64\amdocl12cl.dll 2016-07-18 22:21:38 ----A---- C:\Windows\system32\mantle64.dll 2016-07-18 22:21:26 ----A---- C:\Windows\SYSWOW64\mantle32.dll 2016-07-18 22:21:10 ----A---- C:\Windows\system32\amdmantle64.dll 2016-07-18 22:11:18 ----A---- C:\Windows\SYSWOW64\amdmantle32.dll 2016-07-18 22:06:24 ----A---- C:\Windows\SYSWOW64\atioglxx.dll 2016-07-18 22:04:42 ----A---- C:\Windows\system32\amdmmcl6.dll 2016-07-18 22:04:38 ----A---- C:\Windows\SYSWOW64\amdmmcl.dll 2016-07-18 22:03:22 ----A---- C:\Windows\system32\mantleaxl64.dll 2016-07-18 22:03:14 ----A---- C:\Windows\SYSWOW64\mantleaxl32.dll 2016-07-18 21:46:50 ----A---- C:\Windows\system32\atiapfxx.exe 2016-07-18 21:46:44 ----A---- C:\Windows\system32\aticalrt64.dll 2016-07-18 21:46:40 ----A---- C:\Windows\SYSWOW64\aticalrt.dll 2016-07-18 21:46:32 ----A---- C:\Windows\system32\aticalcl64.dll 2016-07-18 21:46:30 ----A---- C:\Windows\SYSWOW64\aticalcl.dll 2016-07-18 21:46:18 ----A---- C:\Windows\system32\aticaldd64.dll 2016-07-18 21:45:20 ----A---- C:\Windows\SYSWOW64\aticaldd.dll 2016-07-18 21:39:22 ----A---- C:\Windows\system32\atisamu64.dll 2016-07-18 21:39:18 ----A---- C:\Windows\SYSWOW64\atisamu32.dll 2016-07-18 21:39:18 ----A---- C:\Windows\system32\atidemgy.dll 2016-07-18 21:39:14 ----A---- C:\Windows\system32\dgtrayicon.exe 2016-07-18 21:39:08 ----A---- C:\Windows\system32\GameManager64.dll 2016-07-18 21:39:04 ----A---- C:\Windows\SYSWOW64\GameManager32.dll 2016-07-18 21:39:00 ----A---- C:\Windows\system32\atieah64.exe 2016-07-18 21:38:58 ----A---- C:\Windows\SYSWOW64\atieah32.exe 2016-07-18 21:38:52 ----A---- C:\Windows\system32\amdgfxinfo64.dll 2016-07-18 21:38:50 ----A---- C:\Windows\SYSWOW64\amdgfxinfo32.dll 2016-07-18 21:38:50 ----A---- C:\Windows\system32\drivers\ati2erec.dll 2016-07-18 21:38:48 ----A---- C:\Windows\system32\atimuixx.dll 2016-07-18 21:38:42 ----A---- C:\Windows\system32\atieclxx.exe 2016-07-18 21:38:24 ----A---- C:\Windows\system32\atiesrxx.exe 2016-07-18 21:37:38 ----A---- C:\Windows\system32\atitmm64.dll 2016-07-18 21:33:38 ----A---- C:\Windows\system32\atiadlxx.dll 2016-07-18 21:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxy.dll 2016-07-18 21:33:30 ----A---- C:\Windows\SYSWOW64\atiadlxx.dll 2016-07-18 21:33:22 ----A---- C:\Windows\system32\atig6pxx.dll 2016-07-18 21:33:18 ----A---- C:\Windows\SYSWOW64\atiglpxx.dll 2016-07-18 21:33:18 ----A---- C:\Windows\system32\atiglpxx.dll 2016-07-18 21:33:14 ----A---- C:\Windows\system32\atig6txx.dll 2016-07-18 21:33:04 ----A---- C:\Windows\SYSWOW64\atigktxx.dll 2016-07-18 21:32:52 ----A---- C:\Windows\system32\drivers\atikmpag.sys 2016-07-18 21:29:22 ----A---- C:\Windows\system32\hsa-thunk64.dll 2016-07-18 21:29:16 ----A---- C:\Windows\SYSWOW64\hsa-thunk.dll 2016-07-17 18:30:24 ----D---- C:\Windows\EOONotify ======List of files/folders modified in the last 1 month====== 2016-08-15 13:24:11 ----D---- C:\Windows\Temp 2016-08-15 13:10:54 ----D---- C:\Windows\system32\config 2016-08-15 13:06:55 ----D---- C:\Program Files 2016-08-15 12:55:36 ----D---- C:\ProgramData\MFAData 2016-08-15 12:55:17 ----SHD---- C:\Windows\Installer 2016-08-15 12:55:17 ----SHD---- C:\Config.Msi 2016-08-15 08:30:15 ----D---- C:\Windows\System32 2016-08-15 08:30:15 ----D---- C:\Windows\inf 2016-08-15 08:30:15 ----A---- C:\Windows\system32\PerfStringBackup.INI 2016-08-15 08:24:03 ----D---- C:\Users\jan\AppData\Roaming\PlaysTV 2016-08-14 17:23:37 ----D---- C:\Users\jan\AppData\Roaming\vlc 2016-08-14 17:22:34 ----D---- C:\Users\jan\AppData\Roaming\FileZilla 2016-08-14 17:09:53 ----D---- C:\Users\jan\AppData\Roaming\Vso 2016-08-14 13:57:42 ----D---- C:\Windows\Tasks 2016-08-14 13:57:42 ----D---- C:\Windows\SysWOW64 2016-08-14 13:57:42 ----D---- C:\Windows\system32\Tasks 2016-08-14 13:54:24 ----SHD---- C:\System Volume Information 2016-08-14 13:32:00 ----HD---- C:\ProgramData 2016-08-14 13:32:00 ----D---- C:\Windows\system32\drivers 2016-08-14 13:27:49 ----RD---- C:\Program Files (x86) 2016-08-14 13:20:52 ----D---- C:\Program Files (x86)\Common Files 2016-08-14 12:11:50 ----D---- C:\Windows\system32\drivers\etc 2016-08-14 11:45:31 ----D---- C:\Program Files\Common Files 2016-08-14 11:45:30 ----D---- C:\Program Files (x86)\Spybot - Search & Destroy 2 2016-08-14 11:44:36 ----SD---- C:\ProgramData\Microsoft 2016-08-14 11:44:32 ----D---- C:\ProgramData\Spybot - Search & Destroy 2016-08-12 17:15:19 ----D---- C:\Windows\rescache 2016-08-11 09:15:14 ----D---- C:\Windows\winsxs 2016-08-11 09:15:07 ----D---- C:\Windows 2016-08-11 09:14:04 ----D---- C:\Windows\SYSWOW64\nl-NL 2016-08-11 09:14:04 ----D---- C:\Windows\SYSWOW64\en-US 2016-08-11 09:14:04 ----D---- C:\Windows\system32\nl-NL 2016-08-11 09:14:04 ----D---- C:\Program Files\Internet Explorer 2016-08-11 09:14:03 ----D---- C:\Windows\system32\en-US 2016-08-11 09:14:03 ----D---- C:\Program Files (x86)\Internet Explorer 2016-08-10 19:06:28 ----D---- C:\ProgramData\Microsoft Help 2016-08-10 19:05:42 ----D---- C:\Windows\system32\MRT 2016-08-10 19:02:30 ----D---- C:\Windows\debug 2016-08-10 19:02:26 ----AC---- C:\Windows\system32\MRT.exe 2016-08-10 18:02:16 ----D---- C:\Windows\system32\catroot2 2016-08-10 16:01:09 ----D---- C:\Windows\PLA 2016-08-07 09:44:56 ----D---- C:\Program Files\CPUID 2016-08-07 09:44:37 ----D---- C:\Program Files (x86)\Adobe 2016-08-05 14:16:39 ----D---- C:\Windows\system32\catroot 2016-08-05 14:16:24 ----D---- C:\Users\jan\AppData\Roaming\Raptr 2016-08-05 14:14:52 ----D---- C:\Windows\system32\DriverStore 2016-08-05 14:14:34 ----D---- C:\Program Files\AMD 2016-07-25 15:56:26 ----D---- C:\Windows\Microsoft.NET 2016-07-25 12:16:28 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI 2016-07-20 08:29:48 ----SD---- C:\Windows\SYSWOW64\GWX 2016-07-20 08:29:48 ----SD---- C:\Windows\system32\GWX 2016-07-19 09:12:50 ----D---- C:\Program Files (x86)\VulkanRT 2016-07-19 09:11:00 ----D---- C:\AMD 2016-07-18 23:21:44 ----A---- C:\Windows\system32\atiuxp64.dll 2016-07-18 23:21:34 ----A---- C:\Windows\system32\aticfx64.dll 2016-07-18 23:21:24 ----A---- C:\Windows\system32\atidxx64.dll ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-06-01 261376] R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736] R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-07-19 261888] R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992] R0 avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-06-20 77056] R0 iaStorA;iaStorA; C:\Windows\system32\DRIVERS\iaStorA.sys [2013-11-16 632168] R0 iaStorF;iaStorF; C:\Windows\system32\DRIVERS\iaStorF.sys [2013-11-16 28008] R0 JRAID;JRAID; C:\Windows\system32\DRIVERS\jraid.sys [2012-09-17 123704] R0 mv91cons;Marvell 91xx Config Device Driver; C:\Windows\system32\DRIVERS\mv91cons.sys [2013-04-01 27944] R0 mvs91xx;mvs91xx; C:\Windows\system32\DRIVERS\mvs91xx.sys [2013-01-24 324392] R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352] R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888] R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver; C:\Windows\system32\DRIVERS\SamsungRapidDiskFltr.sys [2014-09-16 268976] R0 SamsungRapidFSFltr;SamsungRapidFSFltr; C:\Windows\system32\DRIVERS\SamsungRapidFSFltr.sys [2014-09-16 111280] R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-05-13 163072] R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6a.sys [2016-06-06 73480] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-06-30 314112] R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2016-06-01 260352] R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2016-07-12 298752] R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-21 514560] R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2016-07-18 26708992] R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2016-07-18 500736] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-03-30 96256] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2014-01-23 3849304] R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [2013-05-30 64280] R3 lvpopf64;Logitech POP Suppression Filter; C:\Windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640] R3 LVRS64;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704] R3 LVUVC64;Logitech QuickCam Pro 5000(UVC); C:\Windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288] R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2016-03-10 27008] R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2016-08-15 192216] R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2016-03-10 64896] R3 MBfilt;MBfilt; C:\Windows\system32\drivers\MBfilt64.sys [2014-01-23 32344] R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys [2013-01-23 64624] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver; C:\Windows\system32\DRIVERS\nusb3hub.sys [2012-08-27 107912] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver; C:\Windows\system32\DRIVERS\nusb3xhc.sys [2012-08-27 226696] R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2013-12-18 888536] R3 SmbDrvI;SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [2013-08-14 34544] R4 RegFilter;RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [] S3 ALSysIO;ALSysIO; \??\C:\Users\jan\AppData\Local\Temp\ALSysIO64.sys [] S3 b06diag;Broadcom NetXtreme II Diag Driver; C:\Windows\system32\drivers\bxdiaga.sys [2012-03-08 88104] S3 BFN7x64;Bigfoot Networks Killer Gaming Service; C:\Windows\system32\drivers\Xeno7x64.sys [2012-02-22 157288] S3 BFNVis64;Bigfoot Networks Killer Gaming Service; C:\Windows\system32\drivers\XenoVa64.sys [2012-02-22 157288] S3 bxfcoe;bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [2012-02-22 178216] S3 bxois;bxois; C:\Windows\system32\drivers\bxois.sys [2012-02-22 539176] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-01-08 120416] S3 dmvsc;dmvsc; C:\Windows\system32\drivers\dmvsc.sys [2010-11-21 71168] S3 DrvAgent64;DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [2016-07-02 22200] S3 E1G60;Stuurprogramma voor Intel(R) PRO/1000 NDIS 6-adapter; C:\Windows\system32\DRIVERS\E1G6032E.sys [2009-06-10 145792] S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [] S3 GPU-Z;GPU-Z; \??\C:\Users\jan\AppData\Local\Temp\GPU-Z.sys [] S3 htcnprot;HTC NDIS Protocol Driver; C:\Windows\system32\DRIVERS\htcnprot.sys [2013-10-17 36928] S3 HtcVCom32;HTC Diagnostic Port; C:\Windows\system32\DRIVERS\HtcVComV64.sys [2010-03-08 121800] S3 IAMTVE;Stuurprogramma voor Intel(R) Active Management Technology - KCS; C:\Windows\system32\drivers\IAMTVE.sys [2007-04-11 43416] S3 IAMTXPE;Stuurprogramma voor Intel(R) Active Management Technology - KCS; C:\Windows\system32\drivers\IAMTXPE.sys [2007-04-11 51096] S3 IFCoEMP;IFCoEMP; C:\Windows\system32\drivers\ifM60x64.sys [2011-11-30 388368] S3 IFCoEVB;IFCoEVB; C:\Windows\system32\drivers\ifP60X64.sys [2011-11-30 78096] S3 ioatdma1;ioatdma1; C:\Windows\System32\Drivers\qd162x64.sys [2009-11-16 40144] S3 ioatdma2;Intel(R) QuickData Technology device ver.2; C:\Windows\System32\Drivers\qd262x64.sys [2009-11-16 42192] S3 NPF;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2013-03-01 36600] S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-21 165888] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2015-06-11 20992] S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-21 6656] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2016-01-08 213088] S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-21 34688] S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver; C:\Windows\system32\drivers\Synth3dVsc.sys [2010-11-21 88960] S3 terminpt;Microsoft Remote Desktop Input Driver; C:\Windows\system32\drivers\terminpt.sys [2010-11-21 34816] S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392] S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;Remote Deskotop USB Hub; C:\Windows\system32\drivers\tsusbhub.sys [2010-11-21 117248] S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496] S3 VGPU;VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [] S3 vmbus;vmbus; C:\Windows\system32\drivers\vmbus.sys [2010-11-21 199552] S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-21 21760] S3 vmci;VMware VMCI Bus Driver; C:\Windows\system32\DRIVERS\vmci.sys [] S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\Windows\system32\DRIVERS\vmnetadapter.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2016-07-18 269824] R2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2016-07-28 2049016] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-07-28 5267456] R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-07-20 1097488] R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-07-28 760024] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 462184] R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2016-05-25 1364096] R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2016-05-25 1687680] R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136] R2 HTCMonitorService;HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [2014-06-27 87368] R2 MBAMScheduler;MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2016-03-10 1514464] R2 MBAMService;MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-03-10 1136608] R2 NAUpdate;@C:\Program Files (x86)\Nero\Update\NASvc.exe,-200; C:\Program Files (x86)\Nero\Update\NASvc.exe [2013-07-18 762192] R2 PassThru Service;Internet Pass-Through Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2013-10-17 166912] R2 PlaysService;Plays.tv Update Service; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [2016-08-09 32528] R2 SamsungRapidSvc;Samsung RAPID Mode Service; C:\Windows\system32\RAPID\SamsungRapidSvc.exe [2014-09-16 28848] R2 SDScannerService;Spybot-S&D 2 Scanner Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-06-24 1738168] R2 SDUpdateService;Spybot-S&D 2 Updating Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-06-27 2088408] R2 SDWSCService;Spybot-S&D 2 Security Center Service; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-04-25 171928] R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-01-08 754784] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-11-05 105144] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2015-11-05 125112] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200] S2 LiveUpdateSvc;LiveUpdate; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2016-06-14 2960672] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296] S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 27136] S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-07-28 674552] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28 144200] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-08-02 114688] S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2014-10-11 114288] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696] S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S3 rpcapd;Remote Packet Capture Protocol v.0 (experimental); C:\Program Files (x86)\WinPcap\rpcapd.exe [2013-03-01 118520] S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 27136] S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2015-11-05 51376] S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2015-11-05 135848] -----------------EOF----------- Hopelijk kan iemand me helpen !