Beste,


Heb deze laptop sinds 2013 en loopt laatste tijd nogal traag. Sinds dit jaar gedaan met school en wil gaan werken met InDesign en Illustrator. Daarom wil ik mijn hele laptop terug wat in orde brengen.

Beginnend met een HijackThis als dit zou helpen?? (heb dit nog nooit eerder gedaan op deze)

Nog andere tips om hem sneller te krijgen en deze laptop (terug) optimaal te maken zijn altijd welkom!

Ajaa, en lijkt het jullie een goed idee om over te stappen naar Windows 10?


Heb de Read Me doorgenomen en hieronder de resultaten:

Malwarebytes Anti-Malware
www.malwarebytes.org




Update, 18-1-2016 21:55, SYSTEM, KEVINSLECHTEN, Manual, Rootkit Database, 2015.9.18.1, 2016.1.9.1,
Update, 18-1-2016 21:55, SYSTEM, KEVINSLECHTEN, Manual, Remediation Database, 2015.9.16.1, 2016.1.14.1,
Update, 18-1-2016 21:55, SYSTEM, KEVINSLECHTEN, Manual, IP Database, 2015.9.21.2, 2016.1.18.1,
Update, 18-1-2016 21:55, SYSTEM, KEVINSLECHTEN, Manual, Domain Database, 2015.9.22.3, 2016.1.18.6,
Update, 18-1-2016 21:55, SYSTEM, KEVINSLECHTEN, Manual, Malware Database, 2015.9.22.5, 2016.1.18.5,
Scan, 18-1-2016 22:42, SYSTEM, KEVINSLECHTEN, Manual, Start: 18-1-2016 21:57, Duur: 43 min 47 sec, Bedreigingsscan, Voltooid, 1 malwaredetectie, 87 niet-malware detecties,


(end)

Malwarebytes Anti-Malware
www.malwarebytes.org


Scandatum: 18-1-2016
Scantijd: 21:57
Logboekbestand:
Beheerder: Ja


Versie: 2.2.0.1024
Malware-database: v2016.01.18.05
Rootkit-database: v2016.01.09.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld


Besturingssysteem: Windows 8.1
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Kevin Slechten


Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 427734
Verstreken tijd: 43 min, 47 sec


Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld


Processen: 0
(Geen kwaadaardige items gedetecteerd)


Modules: 0
(Geen kwaadaardige items gedetecteerd)


Registersleutels: 19
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In quarantaine, [9b8212290891e4527af31064956d629e],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In quarantaine, [9b8212290891e4527af31064956d629e],
PUP.Optional.Delta.ShrtCln, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In quarantaine, [9b8212290891e4527af31064956d629e],
PUP.Optional.SnapDo, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, In quarantaine, [1ffedb6095046dc96320c2b45ca650b0],
PUP.Optional.SnapDo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, In quarantaine, [1ffedb6095046dc96320c2b45ca650b0],
PUP.Optional.SearchProtect.AppFlsh, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In quarantaine, [a87594a7138676c03654147479899b65],
PUP.Optional.Babylon, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In quarantaine, [d94495a6158469cdcf290472ad55bb45],
PUP.Optional.DefaultTab, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \SETTINGS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, In quarantaine, [ef2ea497b1e831052b1c94e42cd6837d],
PUP.Optional.DefaultTab, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \STATS\{7F6AFBF1-E065-4627-A2FD-810366367D01}, In quarantaine, [ef2ea497b1e831052b1c94e42cd6837d],
PUP.Optional.DefaultTab, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \SETTINGS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, In quarantaine, [b16cb487188163d34efa096f6d9503fd],
PUP.Optional.DefaultTab, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, In quarantaine, [b16cb487188163d34efa096f6d9503fd],
PUP.Optional.BrowserDefender, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\BrowserD efendert, Verwijder-bij-herstart, [8c915cdfd3c6e155d6c51c93dc27a25e],
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\DataMngr, In quarantaine, [aa73fd3e31688fa73f738d9a60a432ce],
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\DefaultTab, In quarantaine, [d845a6956237ce685190a81108fb2ad6],
PUP.Optional.DefaultTab, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab, In quarantaine, [23fa86b5801988aeeff02990c43fde22],
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\DataMngr, In quarantaine, [e6378ead9dfc5bdb446c8a9d28dc956b],
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\DataMngr_Toolbar, In quarantaine, [100d310a7c1d2b0b436e2ff8ae5618e8],
PUP.Optional.Babylon, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\BABSOLUTION\Updater, In quarantaine, [1409df5cb0e95adc6ac83f6d4fb450b0],
PUP.Optional.BProtector, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT \bProtectSettings, In quarantaine, [130a1a21e9b00a2c79e3515d5fa4768a],


Registerwaarden: 11
PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In quarantaine, [a27bae8dbedb04325deda33fb84a3ec2]
PUP.Optional.HelperBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foBC KbVXlDH0pXYgnYd8TTrcM,&q={searchTerms}, In quarantaine, [3ae33cff2e6b1d19433b48a7c53ea45c]
PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, In quarantaine, [57c63704772250e6d179687a11f17f81]
PUP.Optional.BProtector, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?babsrc...21564&tsp=4953, In quarantaine, [0617162506938ea858fff5259a6abd43]
PUP.Optional.SnapDo, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {006ee092-9658-4fd6-bd8e-a21a348e59f5}, In quarantaine, [9c8166d59ffa1e184ad76f3a41c2b749]
PUP.Optional.BProtector, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In quarantaine, [9b82ac8fb2e74ee8a8b0e238a3613bc5]
PUP.Optional.Conduit, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, http://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID &SearchSource=58&CUI=&UM=2&UP=SPEEC9E264-204A-43D2-87ED-CC912859E47F&q={searchTerms}&SSPV=, In quarantaine, [3fdee05beaaff046a27d7242e122a759]
PUP.Optional.Conduit, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}, In quarantaine, [d04db18a9dfc8aacbc637d3719ea916f]
PUP.Optional.Delta.ShrtCln, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, http://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E094EE85DE38C 232&affID=121564&tsp=4953, In quarantaine, [05181922f0a995a1a512801f59aa26da]
PUP.Optional.Babylon, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|FaviconURL, search.babylon.com/favicon.ico, In quarantaine, [d24bf84394058ea83cf805a7946f06fa]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}|URL, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, In quarantaine, [a37a5ae1cfcae3531766648b7a8919e7]


Registerdata: 8
PUP.Optional.HelperBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foBC KbVXlDH0pXYgnYd8TTrcM,&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foBC KbVXlDH0pXYgnYd8TTrcM,&q={searchTerms}),Vervangen,[f6270c2f643577bfa5d45f57f60e52ae]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}),Vervangen,[fa2339027e1b290dfd77b9fda85cfe02]
PUP.Optional.StartPage, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.yhs.delta-search.com/?aff...00ee85de38c232, Goed: (www.google.com), Slecht: (http://www.yhs.delta-search.com/?aff...232),Vervangen,[9e7ff3484158dd59f95f0ea663a1eb15]
PUP.Optional.StartPage, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, http://www1.delta-search.com/?babsrc...21564&tsp=4953, Goed: (www.google.com), Slecht: (http://www1.delta-search.com/?babsrc...953),Vervangen,[72ab3cff2a6f5adc2731bbf91be9fe02]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}),Vervangen,[2eef073474253402ea8ac2f4dd27ca36]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}),Vervangen,[39e4e8531c7d38fe4135ae08c1436997]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}),Vervangen,[39e465d61683e84ea3d3a90dbf45d42c]
PUP.Optional.HelperBar, HKU\S-1-5-21-4216702023-4089516770-95798617-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}, Goed: (www.google.com), Slecht: (http://feed.helperbar.com/?p=mKO_AwFzXIpYRa8ldwnKG51HJOT1XRoA82gVkpOeShKAuPl uFW8dcew5J4-KatiVDX30kwQpwNDYiTkoPGLVjAFShDYX4-UCxtFCy0OngVCyreBZpmVAxdVkeX4H-Kx-lWQfkOr_E9UugFpYRAzlmsA0mGsKl9ZouQJFi4tMv_gT_8foA0 IAzozG7D1qEQnZ0dfVhwQG&q={searchTerms}),Vervangen,[62bbad8ef8a15adc15626056fd07e917]


Mappen: 10
PUP.Optional.OpenCandy, C:\Users\Kevin Slechten\AppData\Roaming\OpenCandy, In quarantaine, [6ab35cdf306967cfac12187d1ee4cd33],
PUP.Optional.OpenCandy, C:\Users\Kevin Slechten\AppData\Roaming\OpenCandy\03B7640371FC4AE E883AE076EA48AAA5, In quarantaine, [6ab35cdf306967cfac12187d1ee4cd33],
PUP.Optional.OpenCandy, C:\Users\Kevin Slechten\AppData\Roaming\OpenCandy\A7A07A032CD94CE 5BF15E10A3F5E93F0, In quarantaine, [6ab35cdf306967cfac12187d1ee4cd33],
PUP.Optional.ExTutil, C:\Users\Kevin Slechten\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In quarantaine, [ca53fa410b8ed95d579c644a1be728d8],
PUP.Optional.Managera, C:\Users\Kevin Slechten\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In quarantaine, [5cc16dce3168e84e0f5855600af85da3],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant\Incomplet eDownloads, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant\Performin gUpdates, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect, In quarantaine, [52cb39026c2d54e23a174b81b1517c84],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\SysWOW64\SearchProtect\Logs, In quarantaine, [52cb39026c2d54e23a174b81b1517c84],


Bestanden: 40
PUP.Optional.Babylon, C:\Users\Kevin Slechten\AppData\Roaming\OpenCandy\03B7640371FC4AE E883AE076EA48AAA5\DeltaTB.exe, In quarantaine, [4ad382b912870e284633210f679a6a96],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Kevin Slechten\AppData\Local\Temp\nsoAB22.exe, In quarantaine, [a47938032e6b0b2bbc346c4221e06a96],
PUP.Optional.OpenCandy, C:\Users\Kevin Slechten\AppData\Local\Temp\FreemakeVideoConverter _4.1.2.1.exe, In quarantaine, [fc213dfe3366f6407006e8b48f71d828],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Kevin Slechten\AppData\Local\Temp\nscA8BA.exe, In quarantaine, [ba63d665cecb2c0a21cf69458b767b85],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Kevin Slechten\AppData\Local\Temp\nsd8394.exe, In quarantaine, [5ac33a01f7a2c37300f01b934eb36799],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Kevin Slechten\AppData\Local\Temp\nsfAF2A.exe, In quarantaine, [e73652e92f6a3afc9d5309a5a45d9f61],
PUP.Optional.SearchProtect.AppFlsh, C:\Users\Kevin Slechten\AppData\Local\Temp\nsg7FBA.exe, In quarantaine, [110cc576940541f5b33dfbb36a97d32d],
PUP.Optional.Conduit, C:\Users\Kevin Slechten\AppData\Local\Temp\SPSetup.exe, In quarantaine, [1409f249524756e04e073001649de818],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsg7E96.exe, In quarantaine, [96872d0e5b3e9c9ade1208a637ca04fc],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsg9B50.exe, In quarantaine, [091443f8fc9d3df95997a608649d0ef2],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nshCC4A.exe, In quarantaine, [3edff546049563d3727e535bc53ccc34],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsi4EA8.exe, In quarantaine, [5dc058e38f0a70c623cd822c28d94eb2],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsn4E2B.exe, In quarantaine, [ce4f4fec5f3a06309b556747c0415ea2],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nso5881.exe, In quarantaine, [0815c7749cfd6fc76b85406e0001f40c],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nso5882.exe, In quarantaine, [b36a88b34059d660618fc9e5758cf010],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsrB9B4.exe, In quarantaine, [17063efd970267cfca262f7f0bf6d42c],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsv7D6D.exe, In quarantaine, [0f0e40fbe9b091a5549c5b53ad5408f8],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsx39DD.exe, In quarantaine, [3edf8bb08b0ece68529ee7c73ac7639d],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsx39DE.exe, In quarantaine, [011c49f2e0b9e1553cb4b2fc7d84e719],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsx751C.exe, In quarantaine, [41dcca71841554e27d737e302bd6827e],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsyD09F.exe, In quarantaine, [1d0073c83a5f14225b95fab4d0311ce4],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nstABC3.exe, In quarantaine, [0518a893f3a64aec0fe1a30b0ff2fd03],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsa2503.exe, In quarantaine, [1805b289c8d17bbbab45fab456abba46],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsc55E8.exe, In quarantaine, [5fbec7748d0c9a9c7b756e40b44d837d],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nse7897.exe, In quarantaine, [908dac8fdcbddb5bec044f5fe9186f91],
PUP.Optional.SearchProtect.AppFlsh, C:\Windows\Temp\nsf2CCC.exe, In quarantaine, [db42320956436cca01ef426cf0116a96],
Adware.Linkular, C:\Users\Kevin Slechten\Downloads\Nevis Bold Setup.exe, In quarantaine, [e03de45765345cdaf20f6c487b8511ef],
PUP.Optional.Delta.ShrtCln, C:\Users\Kevin Slechten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage, In quarantaine, [809d77c45148b2843065c12052b0f20e],
PUP.Optional.Delta.ShrtCln, C:\Users\Kevin Slechten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal, In quarantaine, [42db59e2029715210095a83949b95aa6],
PUP.Optional.BProtector, C:\Users\Kevin Slechten\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data, In quarantaine, [8d9055e6217846f081d9cbe3dd26c13f],
PUP.Optional.BProtector, C:\Users\Kevin Slechten\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences, In quarantaine, [2df0b487d7c20234c19a37775ba8b14f],
PUP.Optional.BrowserDefender, C:\Windows\System32\Tasks\BrowserDefendert, In quarantaine, [1ffefc3f6c2d6fc70692307f1ae9d828],
PUP.Optional.ExTutil, C:\Users\Kevin Slechten\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In quarantaine, [ca53fa410b8ed95d579c644a1be728d8],
PUP.Optional.ExTutil, C:\Users\Kevin Slechten\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In quarantaine, [ca53fa410b8ed95d579c644a1be728d8],
PUP.Optional.ExTutil, C:\Users\Kevin Slechten\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In quarantaine, [ca53fa410b8ed95d579c644a1be728d8],
PUP.Optional.Managera, C:\Users\Kevin Slechten\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In quarantaine, [5cc16dce3168e84e0f5855600af85da3],
PUP.Optional.Managera, C:\Users\Kevin Slechten\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In quarantaine, [5cc16dce3168e84e0f5855600af85da3],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant\App.ico, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant\extension s.db, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],
PUP.Optional.SofTonicAssistant, C:\Users\Kevin Slechten\AppData\Local\SoftonicAssistant\nsisout.t xt, In quarantaine, [3ae3a19abadfa393a75ea21fa45e60a0],


Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)




(end)



GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2016-01-19 19:26:17
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 Hitachi_HTS547575A9E384 rev.JE4OA60A 698,64GB
Running: ut2ij62x.exe; Driver: C:\Users\KEVINS~1\AppData\Local\Temp\awlcikoc.sys




---- User code sections - GMER 2.1 ----


.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleInfor mation 00007ffa06b93e10 7 bytes JMP 00007ffb049902d0
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!RegQueryValueExW 00007ffa06b93e20 7 bytes JMP 00007ffb04990308
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExW 00007ffa06c439b0 7 bytes JMP 00007ffb049903b0
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!RegDeleteValueW 00007ffa06c43ef0 7 bytes JMP 00007ffb04990340
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!RegSetValueExA 00007ffa06c43fe0 7 bytes JMP 00007ffb04990378
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!K32EnumProcessMod ulesEx 00007ffa06c706c0 7 bytes JMP 00007ffb04990228
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!K32GetMappedFileN ameW 00007ffa06c70730 7 bytes JMP 00007ffb04990298
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNEL32.DLL!K32GetModuleFileN ameExW 00007ffa06c70760 7 bytes JMP 00007ffb04990260
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNELBASE.dll!FreeLibrary 00007ffa049a21d0 5 bytes JMP 00007ffb04990180
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandle W 00007ffa049a29d0 7 bytes JMP 00007ffb049900d8
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNELBASE.dll!GetModuleHandle ExW 00007ffa049a4310 5 bytes JMP 00007ffb04990110
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\KERNELBASE.dll!LoadLibraryExW 00007ffa049a8900 5 bytes JMP 00007ffb04990148
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\USER32.dll!CreateWindowExW 00007ffa05199920 10 bytes JMP 00007ffb04990490
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesW 00007ffa051a4430 5 bytes JMP 00007ffb04990458
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\USER32.dll!DisplayConfigGetDev iceInfo 00007ffa051a44f0 9 bytes JMP 00007ffb049903e8
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\USER32.dll!EnumDisplayDevicesA 00007ffa051b3b80 5 bytes JMP 00007ffb04990420
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\GDI32.dll!D3DKMTGetDisplayMode List 00007ffa070c1500 8 bytes JMP 00007ffb049901b8
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\system32\GDI32.dll!D3DKMTQueryAdapterIn fo 00007ffa070c1750 8 bytes JMP 00007ffb049901f0
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory 00007ffa01b57750 5 bytes JMP 00007ffb01b300d8
.text C:\WINDOWS\System32\dwm.exe[8436] C:\WINDOWS\System32\dxgi.dll!CreateDXGIFactory1 00007ffa01b58ee0 5 bytes JMP 00007ffb01b30110


---- Threads - GMER 2.1 ----


Thread C:\WINDOWS\system32\csrss.exe [8264:8876] fffff960009b12d0
---- Processes - GMER 2.1 ----


Process C:\Users\Kevin Slechten\AppData\Roaming\Dropbox\bin\Dropbox.exe (*** suspicious ***) @ C:\Users\Kevin Slechten\AppData\Roaming\Dropbox\bin\Dropbox.exe [5968] (FILE NOT FOUND) 0000000000c60000


---- Disk sectors - GMER 2.1 ----


Disk \Device\Harddisk0\DR0 unknown MBR code


---- EOF - GMER 2.1 ----


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18124 BrowserJavaVersion: 11.25.2
Run by Kevin Slechten at 19:37:32 on 2016-01-19
Microsoft Windows 8.1 Pro 6.3.9600.0.1252.32.1043.18.6030.3527 [GMT 1:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition *Enabled/Updated* {4D41356F-32AD-7C42-C820-63775EE4F413}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition *Enabled/Updated* {F620D48B-1497-73CC-F290-58052563BEAE}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\nvvsvc.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\System32\svchost.exe -k LocalServicePeerNet
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
C:\WINDOWS\system32\taskhostex.exe
C:\Program Files\ASUS\P4G\BatteryLife.exe
C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\GWX\GWX.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
C:\Windows\System32\skydrive.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Users\Kevin Slechten\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\AVG\Av\avgui.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\WINDOWS\SysWOW64\ctfmon.exe
C:\Program Files (x86)\AVG\Av\avgcsrva.exe
C:\WINDOWS\system32\CompatTelRunner.exe
C:\WINDOWS\system32\CompatTelRunner.exe
C:\Windows\System32\SettingSyncHost.exe
C:\Program Files (x86)\Common Files\InstallShield\Driver\9\Intel 32\IDriver.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\taskhost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\AVG\Av\avgemca.exe
C:\Program Files (x86)\AVG\Av\avgnsa.exe
C:\Program Files (x86)\AVG\Av\avgrsa.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
uSearch Bar = www.google.com
uSearch Page = www.google.com
uSearchAssistant = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll
uRun: [GoogleChromeAutoLaunch_2C90AD41E4CEE0A33246F405247 E130D] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [Dropbox Update] "C:\Users\Kevin Slechten\AppData\Local\Dropbox\Update\DropboxUpdat e.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [AdobeBridge] <no file>
uRunOnce: [Uninstall C:\Users\Kevin Slechten\AppData\Local\Microsoft\SkyDrive\17.0.200 3.1112] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\Kevin Slechten\AppData\Local\Microsoft\SkyDrive\17.0.200 3.1112"
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avgui.exe" /TRAYONLY
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Inepro Client] C:\Program Files (x86)\Inepro\ineproclient.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.ex e" -launchedbylogin
mRun: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
StartupFolder: C:\Users\KEVINS~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Kevin Slechten\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\KEVINS~1\AppData\Roaming\MICROS~1\Windows \STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Verzenden naar OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: Verzenden naar Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{149BF310-CE96-4CA2-8677-24024BD5DD06} : DHCPNameServer = 195.130.131.3 195.130.130.131
TCP: Interfaces\{4E226EA9-CEE7-4680-972E-1EF83EA4AC0B} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4E226EA9-CEE7-4680-972E-1EF83EA4AC0B}\14E64627F696461405 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{4E226EA9-CEE7-4680-972E-1EF83EA4AC0B}\35C65636864756E6 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{4E226EA9-CEE7-4680-972E-1EF83EA4AC0B}\7596B484C496D6F5075726C69636 : DHCPNameServer = 193.190.59.3 193.190.59.2
TCP: Interfaces\{4E226EA9-CEE7-4680-972E-1EF83EA4AC0B}\C696E6B6379737 : DHCPNameServer = 195.130.131.3 195.130.130.131
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\Inst aller\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: <No Name>: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - LocalServer32 - <no file>
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
x64-BHO: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\WINDOWS\System32\drivers\avgi dsha.sys [2015-8-20 298416]
R0 Avgloga;AVG Logging Driver;C:\WINDOWS\System32\drivers\avgloga.sys [2015-8-14 398256]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\WINDOWS\System32\drivers\avgmfx64.sys [2015-11-6 256432]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\WINDOWS\System32\drivers\avgrkx64.sys [2015-8-10 42416]
R0 intelpep;Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing ;C:\WINDOWS\System32\drivers\intelpep.sys [2014-12-11 39744]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpc iflt.sys [2013-9-5 30496]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2014-4-29 157016]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-5-19 80384]
R1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2011-9-7 17536]
R1 Avgdiska;AVG Disk Driver;C:\WINDOWS\System32\drivers\avgdiska.sys [2015-11-6 184240]
R1 AVGIDSDriver;AVGIDSDriver;C:\WINDOWS\System32\driv ers\avgidsdrivera.sys [2015-11-6 313776]
R1 Avgldx64;AVG AVI Loader Driver;C:\WINDOWS\System32\drivers\avgldx64.sys [2015-10-21 284080]
R1 Avgwfpa;AVG Firewall Driver;C:\WINDOWS\System32\drivers\avgwfpa.sys [2015-10-8 306608]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-9-4 2016448]
R2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-7-2 15416]
R2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [2012-4-13 277120]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\Av\avgidsagent.exe [2015-11-20 3857272]
R2 avgsvc;AVG Service;C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-1-12 1048488]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [2015-11-20 579776]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-27 1112000]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-9-6 1124288]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-24 2802360]
R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-3-19 38792]
R2 DigitalWave.Update.Service;Digital Wave Update Service;C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [2015-12-16 388968]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-2-3 2451456]
R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-11-16 339968]
R3 AiCharger;ASUS Charger Driver;C:\WINDOWS\System32\drivers\AiCharger.sys [2012-7-24 17152]
R3 ATP;ASUS PS/2 Port Input Device;C:\WINDOWS\System32\drivers\AsusTP.sys [2012-10-31 61824]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2013-8-22 26008]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\dr ivers\MBAMSwissArmy.sys [2016-1-18 192216]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-3-19 38792]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtual Bus.sys [2013-8-22 16384]
R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:\WINDOWS\System32\drivers\RtsBaStor.sys [2013-2-3 295056]
R3 RTL8168;Realtek 8168 NT-stuurprogramma;C:\WINDOWS\System32\drivers\Rt630x6 4.sys [2013-8-22 591360]
S0 Avgboota;AVG Early Launch Anti-Malware Driver;C:\WINDOWS\System32\drivers\avgboota.sys [2015-9-9 23152]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2016-1-18 1135416]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-6-3 327296]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-18 2699568]
S3 ACSSCR;ACR38 Smart Card Reader;C:\WINDOWS\System32\drivers\a38usb.sys [2014-11-13 62976]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80x x.sys [2013-8-22 782176]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtuele adapter;C:\WINDOWS\System32\drivers\AmpPal.sys [2012-9-13 162344]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-3-19 38792]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-3-19 38792]
S3 AvgAMPS;AvgAMPS;C:\Program Files (x86)\AVG\Av\avgamps.exe [2015-11-20 615584]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2013-8-22 17624]
S3 BthHFSrv;Bluetooth Hands-free-service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-3-19 38792]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 108800]
S3 iaLPSSi_GPIO;Stuurprogramma van Intel(R) Serial IO GPIO-controller;C:\WINDOWS\System32\drivers\iaLPSSi_GPI O.sys [2013-8-22 24568]
S3 iaLPSSi_I2C;Stuurprogramma voor Intel(R) Serial IO I2C-controller;C:\WINDOWS\System32\drivers\iaLPSSi_I2C .sys [2013-8-22 99320]
S3 iaStorAV;Intel(R) SATA RAID-controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2013-8-22 651248]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2014-11-13 114688]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2013-8-22 39320]
S3 kbldfltr;kbldfltr;C:\WINDOWS\System32\drivers\kbld fltr.sys [2013-9-30 22272]
S3 lfsvc;Windows Location Framework Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-3-19 38792]
S3 LSI_SAS3;LSI_SAS3;C:\WINDOWS\System32\drivers\lsi_ sas3.sys [2013-8-22 81760]
S3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\dr ivers\mbam.sys [2016-1-18 25816]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\WINDO WS\System32\drivers\mwac.sys [2016-1-18 64216]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-18 272176]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc63 .sys [2015-3-19 87040]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2015-3-19 921920]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-3-19 38792]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2013-12-15 146776]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-3-19 38792]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 206080]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudserd.sys [2014-1-22 206080]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2013-11-19 57176]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 UEFI;Microsoft UEFI-stuurprogramma;C:\WINDOWS\System32\drivers\uefi.sy s [2013-8-22 26976]
S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\drivers\vmbusr.sys [2013-9-30 129536]
S3 vmicguestinterface;Hyper-V Gastservice-interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-3-19 38792]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-8-12 114520]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-8-12 366552]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-3-19 38792]
S3 wmbclass;Stuurprogramma voor USB-versie van mobiele breedbandadapter;C:\WINDOWS\System32\drivers\wmbcl ass.sys [2014-4-29 268288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-3-19 38792]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\ WUDFRd.sys [2015-3-19 226304]
S4 MsKeyboardFilter;Microsoft Keyboard Filter;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-3-19 38792]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-01-18 21:41:58 79064 ----a-w- C:\WINDOWS\System32\drivers\wmnnyf.sys
2016-01-18 20:55:23 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2016-01-18 20:54:52 64216 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2016-01-18 20:54:52 25816 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2016-01-18 20:54:52 109272 ----a-w- C:\WINDOWS\System32\drivers\mbamchameleon.sys
2016-01-18 20:54:52 -------- d-----w- C:\ProgramData\Malwarebytes
2016-01-18 20:54:52 -------- d-----w- C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-12 21:01:42 -------- d-----w- C:\ProgramData\ALM
2016-01-12 20:10:08 685432 ----a-w- C:\WINDOWS\System32\advapi32.dll
2016-01-12 20:09:59 99136 ----a-w- C:\WINDOWS\SysWow64\MP3DMOD.DLL
2016-01-12 20:07:27 -------- d-----r- C:\Users\Kevin Slechten\Creative Cloud Files
2016-01-05 20:34:59 -------- d-----w- C:\ProgramData\boost_interprocess
2016-01-05 20:34:59 -------- d-----r- C:\Users\Kevin Slechten\andreslechten@hotmail.com Creative Cloud Files
2015-12-23 20:16:00 -------- d-----w- C:\Program Files (x86)\FreeCodecPack
2015-12-23 20:15:59 -------- d-----w- C:\Program Files (x86)\DVDVideoSoft
.
==================== Find3M ====================
.
2016-01-05 20:04:40 826872 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-01-05 20:04:40 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2015-12-30 19:32:35 7453016 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2015-12-30 19:32:19 1499912 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2015-12-30 19:32:15 1735000 ----a-w- C:\WINDOWS\System32\ntdll.dll
2015-12-11 04:00:08 571904 ----a-w- C:\WINDOWS\System32\vbscript.dll
2015-12-11 03:55:28 6051328 ----a-w- C:\WINDOWS\System32\jscript9.dll
2015-12-11 03:21:10 496640 ----a-w- C:\WINDOWS\SysWow64\vbscript.dll
2015-12-11 03:09:52 1032704 ----a-w- C:\WINDOWS\System32\inetcomm.dll
2015-12-11 02:43:42 880128 ----a-w- C:\WINDOWS\SysWow64\inetcomm.dll
2015-12-11 02:43:19 4610560 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2015-12-11 02:38:30 2487808 ----a-w- C:\WINDOWS\System32\wininet.dll
2015-12-11 02:12:12 2011136 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2015-12-10 00:40:19 33456 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2015-12-09 21:39:00 1070232 ----a-w- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
2015-12-08 19:07:49 507176 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2015-12-07 10:56:53 1380600 ----a-w- C:\WINDOWS\System32\gdi32.dll
2015-12-04 15:00:36 1097216 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2015-12-03 19:42:08 561952 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2015-12-03 19:42:08 137968 ----a-w- C:\WINDOWS\System32\ncrypt.dll
2015-12-03 19:42:08 106960 ----a-w- C:\WINDOWS\System32\ncryptsslp.dll
2015-12-03 19:42:07 397224 ----a-w- C:\WINDOWS\System32\bcryptprimitives.dll
2015-12-03 19:41:17 177488 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2015-12-03 18:52:09 91416 ----a-w- C:\WINDOWS\SysWow64\ncryptsslp.dll
2015-12-03 18:52:09 340872 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2015-12-03 18:52:09 120376 ----a-w- C:\WINDOWS\SysWow64\ncrypt.dll
2015-12-03 18:28:57 202240 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2015-12-03 18:28:00 401920 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2015-12-03 18:07:57 340992 ----a-w- C:\WINDOWS\System32\qdvd.dll
2015-12-03 18:07:05 289792 ----a-w- C:\WINDOWS\System32\ksproxy.ax
2015-12-03 18:05:48 644608 ----a-w- C:\WINDOWS\System32\WMVXENCD.DLL
2015-12-03 18:02:34 1664000 ----a-w- C:\WINDOWS\System32\WMSPDMOE.DLL
2015-12-03 18:00:42 451072 ----a-w- C:\WINDOWS\System32\WMVSENCD.DLL
2015-12-03 17:58:15 378880 ----a-w- C:\WINDOWS\System32\SysFxUI.dll
2015-12-03 17:51:47 445440 ----a-w- C:\WINDOWS\System32\certcli.dll
2015-12-03 17:36:41 1697792 ----a-w- C:\WINDOWS\System32\quartz.dll
2015-12-03 17:30:44 468480 ----a-w- C:\WINDOWS\System32\MFWMAAEC.DLL
2015-12-03 17:28:41 519680 ----a-w- C:\WINDOWS\SysWow64\qdvd.dll
2015-12-03 17:28:01 245760 ----a-w- C:\WINDOWS\SysWow64\ksproxy.ax
2015-12-03 17:27:02 736256 ----a-w- C:\WINDOWS\SysWow64\WMVXENCD.DLL
2015-12-03 17:24:50 1411584 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOE.DLL
2015-12-03 17:23:13 402432 ----a-w- C:\WINDOWS\SysWow64\WMVSENCD.DLL
2015-12-03 17:16:32 324096 ----a-w- C:\WINDOWS\SysWow64\certcli.dll
2015-12-03 17:13:34 1441280 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2015-12-03 17:07:06 432128 ----a-w- C:\WINDOWS\System32\schannel.dll
2015-12-03 17:06:36 1501184 ----a-w- C:\WINDOWS\SysWow64\quartz.dll
2015-12-03 17:01:46 743936 ----a-w- C:\WINDOWS\SysWow64\MFWMAAEC.DLL
2015-12-03 16:45:16 357888 ----a-w- C:\WINDOWS\SysWow64\schannel.dll
2015-12-03 16:40:13 1010688 ----a-w- C:\WINDOWS\System32\WMSPDMOD.DLL
2015-12-03 16:29:36 887296 ----a-w- C:\WINDOWS\SysWow64\WMSPDMOD.DLL
2015-12-02 15:04:17 670208 ----a-w- C:\WINDOWS\System32\qedit.dll
2015-12-02 15:01:58 561664 ----a-w- C:\WINDOWS\SysWow64\qedit.dll
2015-11-22 06:59:22 1659568 ----a-w- C:\WINDOWS\System32\winload.efi
2015-11-22 06:59:22 1519592 ----a-w- C:\WINDOWS\System32\winload.exe
2015-11-22 06:59:22 1487008 ----a-w- C:\WINDOWS\System32\winresume.efi
2015-11-22 06:59:22 1355848 ----a-w- C:\WINDOWS\System32\winresume.exe
2015-11-21 18:32:33 16896 ----a-w- C:\WINDOWS\System32\ntvdm64.dll
2015-11-21 17:50:31 14336 ----a-w- C:\WINDOWS\SysWow64\ntvdm64.dll
2015-11-21 16:59:56 1706496 ----a-w- C:\WINDOWS\System32\comsvcs.dll
2015-11-21 16:49:44 1344000 ----a-w- C:\WINDOWS\SysWow64\comsvcs.dll
2015-11-21 16:47:09 522240 ----a-w- C:\WINDOWS\System32\catsrvut.dll
2015-11-21 16:40:31 414208 ----a-w- C:\WINDOWS\SysWow64\catsrvut.dll
2015-11-20 16:47:36 35840 ----a-w- C:\WINDOWS\System32\wuapp.exe
2015-11-20 16:46:51 140288 ----a-w- C:\WINDOWS\System32\wuwebv.dll
2015-11-20 16:44:35 409088 ----a-w- C:\WINDOWS\System32\WUSettingsProvider.dll
2015-11-20 16:44:05 95744 ----a-w- C:\WINDOWS\System32\wudriver.dll
2015-11-20 16:42:20 2243584 ----a-w- C:\WINDOWS\System32\wucltux.dll
2015-11-20 16:30:10 29696 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe
2015-11-20 16:29:43 124928 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll
2015-11-20 16:28:06 81920 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll
2015-11-17 21:07:58 705024 ----a-w- C:\WINDOWS\System32\invagent.dll
2015-11-17 21:07:57 792064 ----a-w- C:\WINDOWS\System32\generaltel.dll
2015-11-17 21:07:57 505344 ----a-w- C:\WINDOWS\System32\devinv.dll
2015-11-17 21:07:56 210432 ----a-w- C:\WINDOWS\System32\aepic.dll
2015-11-17 21:07:56 1380864 ----a-w- C:\WINDOWS\System32\appraiser.dll
2015-11-17 21:07:55 76800 ----a-w- C:\WINDOWS\System32\acmigration.dll
2015-11-17 21:07:55 1164800 ----a-w- C:\WINDOWS\System32\aeinv.dll
2015-11-10 00:11:38 64000 ----a-w- C:\WINDOWS\SysWow64\MshtmlDac.dll
2015-11-09 23:36:09 2050560 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2015-11-09 23:25:40 1048576 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll
2015-11-09 00:41:33 1540728 ----a-w- C:\WINDOWS\System32\user32.dll
2015-11-08 22:30:50 4176384 ----a-w- C:\WINDOWS\System32\win32k.sys
2015-11-08 21:23:34 1994752 ----a-w- C:\WINDOWS\System32\DWrite.dll
2015-11-08 21:13:56 1383936 ----a-w- C:\WINDOWS\System32\FntCache.dll
2015-11-08 21:13:40 2123264 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2015-11-08 21:01:23 1753600 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2015-11-08 20:53:57 2880000 ----a-w- C:\WINDOWS\System32\actxprxy.dll
2015-11-08 20:52:10 1559552 ----a-w- C:\WINDOWS\SysWow64\DWrite.dll
2015-11-08 20:48:20 1376256 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2015-11-08 20:42:50 1490944 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2015-11-06 14:50:34 184240 ----a-w- C:\WINDOWS\System32\drivers\avgdiska.sys
2015-11-06 14:49:38 313776 ----a-w- C:\WINDOWS\System32\drivers\avgidsdrivera.sys
2015-11-06 14:49:38 256432 ----a-w- C:\WINDOWS\System32\drivers\avgmfx64.sys
2015-11-05 08:59:33 145408 ----a-w- C:\WINDOWS\System32\drivers\rmcast.sys
2015-10-28 15:49:00 2775552 ----a-w- C:\WINDOWS\System32\authui.dll
2015-10-28 15:29:39 2462720 ----a-w- C:\WINDOWS\SysWow64\authui.dll
2015-10-27 17:37:29 449024 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll
2015-10-27 17:34:16 2490368 ----a-w- C:\WINDOWS\apppatch\AcGenral.dll
2015-10-22 17:43:35 7168 ----a-w- C:\WINDOWS\System32\kbdgeoqw.dll
2015-10-22 17:43:32 7168 ----a-w- C:\WINDOWS\System32\KBDAZEL.DLL
.
============= FINISH: 19:38:55,63 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8.1 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 14-11-2013 09:43:57
System Uptime: 18-1-2016 20:27:47 (23 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | K55VD
Processor: Intel(R) Core(TM) i7-3610QM CPU @ 2.30GHz | SOCKET 0 | 2301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 279 GiB total, 121,763 GiB free.
D: is FIXED (NTFS) - 394 GiB total, 303,01 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description:
Device ID: ROOT\LEGACY_INEPRO_CLIENT_MONITOR\0000
Manufacturer:
Name:
PNP Device ID: ROOT\LEGACY_INEPRO_CLIENT_MONITOR\0000
Service:
.
==== System Restore Points ===================
.
RP119: 12-1-2016 21:30:44 - Windows Update
RP120: 14-1-2016 23:20:09 - Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
RP121: 14-1-2016 23:20:46 - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
RP122: 18-1-2016 20:07:48 - Removed Adobe Reader XI (11.0.14) - Nederlands.
.
==== Installed Programs ======================
.
Adobe Creative Suite 6 Master Collection
Adobe Illustrator CS6
Adobe Photoshop CS6
ASUS FaceLogon
ASUS InstantOn
ASUS LifeFrame3
ASUS Power4Gear Hybrid
ASUS Smart Gesture
ASUS USB Charger Plus
ASUS Virtual Camera
ATK Package
AVG
AVG 2016
AVG Protection
Belfius Smart Card Reader Chrome-App
Belgium e-ID middleware 4.0.7 (build 7466)
BitTorrent
Canon MP550 series MP Drivers
D3DX10
Definition Update for Microsoft Office 2010 (KB3114563) 32-Bit Edition
Dropbox
FMW 1
Free YouTube To MP3 Converter
Google Chrome
Google Update Helper
IBM SPSS Statistics 21
Intel PROSet Wireless
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel® PROSet/Wireless WiFi Software
Java 7 Update 71
Java 8 Update 25
Java Auto Updater
Malwarebytes Anti-Malware versie 2.2.0.1024
Microsoft Application Error Reporting
Microsoft Office 365 ProPlus - nl-nl
Microsoft Office Access MUI (Dutch) 2010
Microsoft Office Excel MUI (Dutch) 2010
Microsoft Office Groove MUI (Dutch) 2010
Microsoft Office InfoPath MUI (Dutch) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (Dutch) 2010
Microsoft Office Outlook MUI (Dutch) 2010
Microsoft Office PowerPoint MUI (Dutch) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (Dutch) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proofing (Dutch) 2010
Microsoft Office Publisher MUI (Dutch) 2010
Microsoft Office Shared 64-bit MUI (Dutch) 2010
Microsoft Office Shared MUI (Dutch) 2010
Microsoft Office Word MUI (Dutch) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Movie Maker
MSVCRT
MSVCRT Redists
MSVCRT110
MSVCRT110_amd64
NVIDIA-configuratiescherm 327.02
NVIDIA Grafisch stuurprogramma 327.02
NVIDIA Install Application
NVIDIA Optimus 1.10.8
NVIDIA Update 1.10.8
NVIDIA Update Components
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Pando Media Booster
Photo Common
Photo Gallery
Realtek PCIE Card Reader
Security Update for Microsoft Access 2010 (KB3101544) 32-Bit Edition
Security Update for Microsoft Excel 2010 (KB3114564) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2878230) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553313) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881029) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2965310) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3054848) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3085528) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3085560) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB3114553) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB3054978) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB3114396) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2817478) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB3114402) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2965313) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB3114557) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 7.6
Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD
TmNationsForever
Update for Microsoft Excel 2010 (KB2956084) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2881026) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553347) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553388) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589318) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2791057) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition
Update for Microsoft Office 2010 (KB2889828) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054873) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054886) 32-Bit Edition
Update for Microsoft Office 2010 (KB3054977) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055042) 32-Bit Edition
Update for Microsoft Office 2010 (KB3055047) 32-Bit Edition
Update for Microsoft Office 2010 (KB3085512) 32-Bit Edition
Update for Microsoft Office 2010 (KB3114555) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2956075) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2760779) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB3114570) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553308) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2881021) 32-Bit Edition
VASCO Card Reader Plug-In (64-Bit)
VASCO Smart Card Reader Plug-In (User)
VirtualDJ PRO Full
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.0.5
Windows-stuurprogrammapakket - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Messenger
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (64-bit)
.
==== End Of File ===========================


Alvast bedank voor jullie tijd en moeite!

Groetjes, Kevin