Hoi Allen,
Afgelopen week is mijn internetverbinding geblokkeerd doordat er in korte tijd meer dan 650 mails zijn verstuurd. Ik heb een virusscan, hitman pro en spybot gedraaid op mijn pc en laptop. Op de laptop werd door AVIRA enkel opencandy.gen gevonden in de PowerIso map.
Ziggo heeft me na het opgeven van bovenstaand verhaal weer aangesloten met de waarschuwing dat ik bij herhaling een week afgesloten wordt. Ik begrijp heel goed waarom dit gedaan wordt en ben er niet zeker van dat opencandy de oorzaak is van de verstuurde mails. Ik heb momenteel poort 25 geblokkeerd zodat er geen mails uit kunnen vanuit mijn ziggo mail adres. Volgens mij blokkeert het niet mijn hotmail berichten.
Toen ik vandaag bitcomet opende klapte internet er uit. Op mijn modem bleek nog wel verbinding te zijn, maar mijn router werkte niet goed, alle apparaten verloren hun verbinding. Na het afsluiten van bitcomet ontstond weer verbinding met de router. Misschien heeft dit er niets mee te maken en is het puur toeval.
Om er zeker van te zijn dat mijn laptop en pc schoon zijn wil ik graag het logje laten controleren. Onderstaande log is van mijn laptop aangezien daar OpenCandy op gevonden is.
(In het logje is te zien dat WireShark draait. Ik vond op internet dat daarmee inzicht te krijgen is in het dataverkeer. Ik snap er echter helemaal niks van, maar als ik daar iets van moet posten hoor ik het graag)
Alvast bedankt!!
Groeten Sed
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-03-2017
Gestart door Amy (Beheerder) op AMY-MSI (05-03-2017 20:46:00)
Gestart vanaf C:\Users\Amy\Desktop
Geladen Profielen: Amy (Beschikbare Profielen: Amy & DefaultAppPool)
Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(The Wireshark developer community, hxxp://www.wireshark.org/) C:\Program Files\Wireshark\Wireshark.exe
(The Wireshark developer community) C:\Program Files\Wireshark\dumpcap.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
==================== Register (gefilterd) ====================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-02] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2072576 2009-08-05] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-09-04] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-09-04] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-02-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-02-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\PE_C_DEFAULTAPPPOOL\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [WinFLTray] => C:\windows\SysWow64\WinFLTray.ex
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.ex
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Steam] => D:\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Spotify Web Helper] => C:\Users\Amy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-05] (Spotify Ltd)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\RunOnce: [Uninstall 17.3.6743.1212\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\RunOnce: [Uninstall 17.3.6743.1212] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Geen bestand
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\i1Profiler Tray.lnk [2016-01-10]
ShortcutTarget: i1Profiler Tray.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\stle.exe [2010-09-28] (Leithauser Research)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk [2016-01-10]
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41024f9e-4698-4feb-bf1f-ec229ca7365a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{91a430ef-6dba-47da-bd39-76f949a72427}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a08b586-9f67-4c3b-b704-66c94e7c3ca6}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-nl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {6ED3F8CD-A3FC-4528-97FF-8D7AFA4140B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {3A4C54EC-0219-4DBC-B5B8-C988D5D3AFFB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> DefaultScope {A2610E39-F544-4072-A88C-8C5FF87198DF} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {1A75D00B-4764-4BD7-A207-E7E10ABE056A} URL = hxxp://nl.wikipedia.org/w/index.php?title=Speciaal:Zoeken&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {3A4C54EC-0219-4DBC-B5B8-C988D5D3AFFB} URL =
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {452CB57D-A3C3-6BAE-5D55-8CCC16A2C6DB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z125&form=ZGAIDF&install_date=20110913&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {6ED3F8CD-A3FC-4528-97FF-8D7AFA4140B9} URL =
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {A2610E39-F544-4072-A88C-8C5FF87198DF} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Geen Naam -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Geen bestand
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll [2011-04-22] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> Geen Naam - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Geen bestand
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: HKLM-x32 {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} hxxps://extranet.rvagroep.nl/nortel_cacheable/iewiper.cab
DPF: HKLM-x32 {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: f5xo4bih.default
FF ProfilePath: C:\Users\Amy\AppData\Roaming\Philips-Songbird\Profiles\2hwfiq8q.default [2013-12-08]
FF NetworkProxy: Philips-Songbird\Profiles\2hwfiq8q.default -> no_proxies_on", "127.0.0.1;localhost"
FF Extension: (7digital Music Store) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\7digital@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Concerts) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (H.264 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MPEG-4 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Dutch (nl) Language Pack) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-nl@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2013-12-04] [ niet getekend]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2013-12-04] [ niet getekend]
FF SearchPlugin: C:\Users\Amy\AppData\Roaming\Philips-Songbird\Profiles\2hwfiq8q.default\searchplugins\7digital.xml [2013-12-04]
FF ProfilePath: C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default [2017-03-05]
FF Extension: (Avira Browser Safety) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\Extensions\abs@avira.com [2017-03-02]
FF Extension: (Adblock Plus) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\features\{13d3600d-82bf-4331-9e47-50e3f09ebc11}\disableSHA1rollout@mozilla.org.xpi [2017-03-02]
FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\features\{13d3600d-82bf-4331-9e47-50e3f09ebc11}\tls13-compat-ff51@mozilla.org.xpi [2017-03-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [Geen bestand]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-09-04] (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security, S.L.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.nu.nl/"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => Geen bestand
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => Geen bestand
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\gcswf32.dll => Geen bestand
CHR Plugin: (20-20 3D Viewer for IKEA) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\NP_2020Player_IKEA.dll (20-20 Technologies)
CHR Plugin: (Intel(R) Threading Building Blocks for Windows) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\tbb.dll (Intel Corporation)
CHR Plugin: (Intel(R) Threading Building Blocks for Windows) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\tbbmalloc.dll (Intel Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll => Geen bestand
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll => Geen bestand
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll => Geen bestand
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Geen bestand
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll => Geen bestand
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll => Geen bestand
CHR Profile: C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default [2017-03-05]
CHR Extension: (Torrent Search) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2016-10-04]
CHR Extension: (Media Hint) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja [2014-04-12] [UpdateUrl: hxxps://mediahint.com/chromeupdates.xml] <==== AANDACHT
CHR Extension: (Google Drive) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (Biertijd.com Best fun & babes guaranteed
dotcom sinds 2005) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgdbblninljpemihdmcocedicapflch [2012-09-29]
CHR Extension: (Torrent Search Engine) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blojkkpcfjmhjbcdbdlifkflodghjeng [2012-09-29]
CHR Extension: (YouTube) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Facebook) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2012-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-05]
CHR Extension: (Offline Documenten) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-02]
CHR Extension: (nu.nl
Het laatste nieuws het eerst op nu.nl) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlnijahmebncpnefmpepadcookpglblo [2012-09-29]
CHR Extension: (Dropbox) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-10-03]
CHR Extension: (Auto HD voor YouTube) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-05-31]
CHR Extension: (Evernote Web) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-03-05]
CHR Extension: (Download Youtube as mp3) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepapnoaejebkkpkpacihjlfekoggahp [2013-10-06]
CHR Extension: (YouTube To MP3) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjjpcapcaijnbknmbklfjfajjopafpck [2013-10-06]
CHR Extension: (ScrewAds - Block, Skip, Remove YouTube Ads) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc [2013-05-18]
CHR Extension: (Autonieuws van de straat : Autoblog.nl) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpjphepfojmppemckknemcnednajablo [2012-09-29]
CHR Extension: (Aanmelden) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nangjmijgboblcmlpeedobafiohnalci [2012-09-29]
CHR Extension: (EXIF Reader) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-08-04]
CHR Extension: (Google Hangouts) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-01-28]
CHR Extension: (OneDrive) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-04-09]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm [2012-01-21]
CHR Extension: (VPN in Touch) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpdbhlplgmjciokcplneebmibpclalk [2013-09-12]
CHR Extension: (Netflix) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfiaopfckdkaalloknhljmkmjljakki [2013-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Amy\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-04-30]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-02-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349048 2017-02-22] (Avira Operations GmbH & Co. KG)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 FLService; C:\windows\SysWow64\WinFLService.exe [92360 2013-12-15] (New Softwares.net)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2017-03-01] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Bestand niet getekend]
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [Bestand niet getekend]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2015-08-11] (X-Rite Inc.)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-17] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-17] (Avira Operations GmbH & Co. KG)
R3 EST_BusEnum; C:\WINDOWS\System32\drivers\GenBus.sys [29696 2009-10-06] ( )
S3 EUCR; C:\WINDOWS\System32\drivers\EUCR6SK.SYS [87888 2009-12-05] (ENE Technology Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NEWDRIVER; C:\windows\SysWow64\WinVDEdrv6.sys [197648 2013-12-15] ()
R3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NUS_Bus; C:\WINDOWS\System32\drivers\NUS_Bus.sys [30208 2010-01-28] (Elite Silicon Technology Inc.)
R0 pavboot; C:\WINDOWS\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 taphss6; C:\WINDOWS\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [34816 2013-12-15] ()
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2015-08-26] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\WINDOWS\SysWOW64\drivers\DDCDrv.sys [10240 2015-08-26] (Nicomsoft Ltd.) [Bestand niet getekend]
R2 WinVDEDrv; C:\windows\SysWow64\WinVDEdrv.sys [225680 2013-12-15] (NewSoftwares.net, Inc.)
U3 idsvc; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-03-05 20:46 - 2017-03-05 20:47 - 00038714 _____ C:\Users\Amy\Desktop\FRST.txt
2017-03-05 20:45 - 2017-03-05 20:46 - 00000000 ____D C:\FRST
2017-03-05 20:44 - 2017-03-05 20:44 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Avira
2017-03-05 20:42 - 2017-03-05 20:45 - 02423808 _____ (Farbar) C:\Users\Amy\Desktop\FRST64.exe
2017-03-05 20:07 - 2017-03-05 20:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-05 20:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-03-02 23:18 - 2017-03-05 20:26 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Wireshark
2017-03-02 23:13 - 2017-03-02 23:13 - 00001837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-03-02 23:13 - 2017-03-02 23:13 - 00001565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-03-02 23:13 - 2017-03-02 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-03-02 23:13 - 2017-03-02 23:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-03-02 23:11 - 2017-03-02 23:13 - 00000000 ____D C:\Program Files\Wireshark
2017-03-02 23:04 - 2017-03-02 23:04 - 00000790 _____ C:\Users\Amy\Desktop\Afbeeldingen - Snelkoppeling.lnk
2017-03-02 21:52 - 2017-03-02 21:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-03-02 21:50 - 2017-02-17 09:44 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-02 21:45 - 2017-03-02 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-02 21:45 - 2017-03-02 21:50 - 00000000 ____D C:\ProgramData\Avira
2017-03-02 21:45 - 2017-03-02 21:50 - 00000000 ____D C:\Program Files (x86)\Avira
2017-03-02 21:45 - 2017-03-02 21:45 - 00001295 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00001474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00001462 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-03-01 21:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-03-01 21:50 - 2017-03-01 21:50 - 00002850 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-01 21:50 - 2017-03-01 21:50 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-01 21:50 - 2017-03-01 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-01 21:49 - 2017-03-01 21:50 - 00000000 ____D C:\Program Files\CCleaner
2017-03-01 21:35 - 2017-03-01 21:35 - 00870022 _____ C:\Users\Amy\AppData\Local\census.cache
2017-03-01 21:34 - 2017-03-01 21:34 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-03-01 21:33 - 2017-03-01 21:33 - 00249125 _____ C:\Users\Amy\AppData\Local\ars.cache
2017-03-01 21:32 - 2017-03-01 21:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-03-01 21:31 - 2017-03-05 20:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-01 21:26 - 2017-03-05 20:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-01 21:25 - 2017-03-01 21:25 - 00003636 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-03-01 21:23 - 2017-03-01 21:23 - 00017022 _____ C:\WINDOWS\system32\.crusader
2017-03-01 21:03 - 2017-03-01 21:03 - 00000010 _____ C:\Users\Amy\AppData\Local\sponge.last.runtime.cache
2017-03-01 20:56 - 2017-03-01 20:56 - 00000000 ____D C:\WINDOWS\Trend Micro
2017-03-01 20:56 - 2017-03-01 20:56 - 00000000 ____D C:\ProgramData\Trend Micro
2017-03-01 20:52 - 2017-03-01 20:52 - 00000036 _____ C:\Users\Amy\AppData\Local\housecall.guid.cache
2017-03-01 20:52 - 2015-05-29 08:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2017-03-01 20:51 - 2017-03-01 21:25 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-01 20:51 - 2017-03-01 20:51 - 00001962 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-03-01 20:51 - 2017-03-01 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-03-01 20:51 - 2017-03-01 20:51 - 00000000 ____D C:\Program Files\HitmanPro
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-03-05 19:57 - 2011-11-19 16:26 - 00000000 ____D C:\Users\Amy\AppData\Roaming\BitComet
2017-03-05 19:50 - 2016-08-29 20:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 15:27 - 2017-01-31 00:07 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-05 15:27 - 2015-10-06 18:31 - 00002430 _____ C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-05 15:27 - 2015-10-06 18:31 - 00000000 ___RD C:\Users\Amy\OneDrive
2017-03-05 14:22 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-05 14:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 12:36 - 2016-11-20 08:46 - 00000000 ____D C:\Users\Amy\AppData\LocalLow\Mozilla
2017-03-02 23:12 - 2015-10-03 08:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-02 22:35 - 2016-08-29 21:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 22:35 - 2016-08-29 20:30 - 05079216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-02 22:34 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 21:37 - 2010-09-03 20:16 - 00000000 ____D C:\Users\Amy\AppData\Local\Adobe
2017-03-01 17:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-01 15:18 - 2016-09-16 06:40 - 00000000 ____D C:\Users\Amy\AppData\Local\Citrix
2017-02-27 07:30 - 2013-08-16 11:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-27 07:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-27 07:24 - 2010-12-23 15:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-14 15:23 - 2016-11-17 23:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-14 15:23 - 2015-11-22 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-08 19:22 - 2010-11-23 14:34 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:39 - 2013-12-15 15:57 - 00000000 ____D C:\Users\Amy\AppData\Local\Spotify
2017-02-05 20:30 - 2013-12-15 15:57 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Spotify
2017-02-05 19:51 - 2011-09-13 23:35 - 00000000 ____D C:\Users\Amy\AppData\Roaming\vlc
==================== Bestanden in de root van sommige mappen =======
2013-04-10 16:53 - 2013-04-10 16:53 - 0000132 _____ () C:\Users\Amy\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-06 19:55 - 2013-12-06 19:55 - 0000132 _____ () C:\Users\Amy\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-02-07 20:18 - 2014-06-04 20:17 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Synth Textures
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Tables
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Techno Kit
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Templates
2010-10-26 22:07 - 2010-12-23 12:02 - 0000328 _____ () C:\Users\Amy\AppData\Roaming\wklnhst.dat
2013-05-11 22:13 - 2013-05-11 22:15 - 0001456 _____ () C:\Users\Amy\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-01 21:33 - 2017-03-01 21:33 - 0249125 _____ () C:\Users\Amy\AppData\Local\ars.cache
2017-03-01 21:35 - 2017-03-01 21:35 - 0870022 _____ () C:\Users\Amy\AppData\Local\census.cache
2013-10-06 07:41 - 2013-10-06 07:48 - 0003584 _____ () C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-01 20:52 - 2017-03-01 20:52 - 0000036 _____ () C:\Users\Amy\AppData\Local\housecall.guid.cache
2011-03-10 20:15 - 2012-09-11 19:18 - 0000453 _____ () C:\Users\Amy\AppData\Local\Images.fl
2013-09-13 20:20 - 2013-09-13 23:08 - 0000600 _____ () C:\Users\Amy\AppData\Local\PUTTY.RND
2013-08-16 11:01 - 2013-08-18 14:15 - 0136169 _____ () C:\Users\Amy\AppData\Local\RAContactHistory.xml
2012-02-10 17:38 - 2012-06-08 19:47 - 0007606 _____ () C:\Users\Amy\AppData\Local\Resmon.ResmonCfg
2017-03-01 21:03 - 2017-03-01 21:03 - 0000010 _____ () C:\Users\Amy\AppData\Local\sponge.last.runtime.cache
2013-12-15 20:37 - 2013-12-15 21:38 - 0000700 ___SH () C:\Users\Amy\AppData\Local\systemFL7.dat
2013-12-15 20:34 - 2013-12-15 20:37 - 0000693 ___SH () C:\Users\Amy\AppData\Local\win_lockerdb_sys.dat
2013-12-15 20:31 - 2013-12-15 21:38 - 0003465 ___SH () C:\Users\Amy\AppData\Local\win_stlthdb_sys.dat
2016-07-03 22:33 - 2016-07-03 22:33 - 0000016 _____ () C:\ProgramData\mntemp
2012-02-07 20:03 - 2016-01-17 17:39 - 0000020 ____H () C:\ProgramData\PKP_DLdy.DAT
2011-06-15 22:08 - 2011-06-15 22:08 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-06-15 22:08 - 2016-01-17 18:28 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-06-15 22:08 - 2013-04-28 16:11 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-06-04 20:17 - 2014-06-04 20:17 - 0000000 _____ () C:\ProgramData\Stingers
2012-02-07 20:18 - 2014-06-04 20:17 - 0000268 ___RH () C:\ProgramData\Techno Kit
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Themes
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Track Settings
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Trance Pad
2012-02-07 20:18 - 2014-06-04 20:17 - 0000012 ___RH () C:\ProgramData\Trumpet Section
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\WebServer
2013-12-15 20:31 - 2013-12-15 21:38 - 0002568 ___SH () C:\ProgramData\win_mpwd_sys.dat
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\Woodwind
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\win_mpwd_sys.dat
C:\Windows\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}.job
Sommige bestanden in TEMP:
====================
2016-08-29 22:36 - 2016-08-29 22:36 - 0515584 _____ () C:\Users\Amy\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-03-01 21:42
==================== Eind van FRST.txt ============================
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 05-03-2017
Gestart door Amy (05-03-2017 20:48:16)
Gestart vanaf C:\Users\Amy\Desktop
Windows 10 Home Versie 1607 (X64) (2016-08-29 20:17:32)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1097378128-3316138746-2142345461-500 - Administrator - Disabled)
Amy (S-1-5-21-1097378128-3316138746-2142345461-1000 - Administrator - Enabled) => C:\Users\Amy
DefaultAccount (S-1-5-21-1097378128-3316138746-2142345461-503 - Limited - Disabled)
Gast (S-1-5-21-1097378128-3316138746-2142345461-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1097378128-3316138746-2142345461-1002 - Limited - Enabled)
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Genstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2012 (HKLM-x32\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.4.1 64-bit (HKLM\...\{8BBA6F77-4A79-4E90-BD82-E24669ACF221}) (Version: 3.4.2 - Adobe)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Reader 9.1 - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Albelli Fotoboeken (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1) (Version: - Albelli)
Any Video Converter 5.9.6 (HKLM-x32\...\Any Video Converter) (Version: 5.9.6 - Anvsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}) (Version: 2.0.10.102 - ArcSoft)
ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version: - ArcSoft)
ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{C5D7039E-0803-4FE8-976D-156DE1147E4F}) (Version: 3.0.255.407 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{25478065-4CB1-448C-80E4-8C4529017EE3}) (Version: 3.0.32.262 - ArcSoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{7b509672-8eb5-466b-b85a-482e26ccc500}) (Version: 1.2.81.30631 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.30631 - Avira Operations GmbH & Co. KG) Hidden
BitComet 1.35 (HKLM-x32\...\BitComet) (Version: 1.35 - CometNetwork)
BorderMaker (HKLM-x32\...\BorderMaker) (Version: 4.1 - SEMANTICA)
Bridge! (HKLM-x32\...\{22EDD164-65D5-41DD-961E-08C7CDA4D471}) (Version: 1.00 - aerosoft)
BulletProof FTP Client 2010 (remove only) (HKLM-x32\...\BulletProof FTP Client 2010_is1) (Version: - BulletProof Software LLC)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.912.401 - Micro-Star International Co., Ltd.)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.8.0 - Nikon)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Citrix Receiver 4.5 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.5.0.10018 - Citrix Systems, Inc.)
Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIYPhotoBits.com Camera Control 5.2 (HKLM-x32\...\{6A5B1D32-CC86-4689-B43C-AD52A9B8773B}) (Version: 5.2 - Raymond Lowe)
Dropbox (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ePub to PDF Converter 2.0.4 (HKLM-x32\...\ePub to PDF Converter_is1) (Version: - DONGSOFT Company, Inc.)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
ffdshow v1.1.3562 [2010-09-07] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3562.0 - )
File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Fundy Designer version 1.9.34 (HKLM-x32\...\{2EB6CDD7-506F-4D1A-989A-27DC85A11739}_is1) (Version: 1.9.34 - Fundy Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Huur- en zorgtoeslag 2010 (HKLM-x32\...\Huur- en zorgtoeslag 2010) (Version: - Belastingdienst)
Huur- en zorgtoeslag 2011 (HKLM-x32\...\Huur- en zorgtoeslag 2011) (Version: - Belastingdienst)
i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 1.6.3 - X-Rite)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KooBits 4.0 (HKLM-x32\...\koobits.koobits4.com) (Version: 4.0.1.9 - UNKNOWN)
KooBits 4.0 (x32 Version: 4.0.1 - UNKNOWN) Hidden
Light Image Resizer 4.0.4.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.1 - ObviousIdea)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes Anti-Malware versie 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation)
Movavi Video Converter 16 (HKLM-x32\...\Movavi Video Converter 16) (Version: 16.2.0 - Movavi)
Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
msi Software Install (HKLM-x32\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.911.2701 - msi)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
my Picturetown Uploader (HKLM-x32\...\com.mypicturetown.myptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A64B.1) (Version: 1.4 - NIKON CORPORATION)
my Picturetown Uploader (x32 Version: 1.4 - NIKON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\MyFreeCodec) (Version: - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Online Plug-in (x32 Version: 14.5.0.10018 - Citrix Systems, Inc.) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0014 - Panda Security)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 5.4.1980 (1980) - Koninklijke Philips Electronics N.V.)
Photomatix Pro version 4.0.2 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.2 - HDRsoft Sarl)
PHOTOWEBSERVICE (HKLM-x32\...\PHOTOWEBSERVICE.09E811A49857C99F38513E5AB8806E09FBF6F7FA.1) (Version: v7.4050 - AREAL - MEDIA, DESENVOLVIMENTO DE SOFTWARE, LDA)
PHOTOWEBSERVICE (x32 Version: 7.255 - AREAL - MEDIA, DESENVOLVIMENTO DE SOFTWARE, LDA) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
Pinnacle videodriver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayItAll media player 1.0.5 (HKLM-x32\...\PlayItAll media player) (Version: 1.0.5 - PlayItAll)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PolderbitS Sound Recorder and Editor (32-bit Edition) (HKLM-x32\...\PolderbitSRecorder) (Version: 9.0.0.129 - PolderbitS Software)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
QNAP QGet (HKLM-x32\...\QGet) (Version: 3.0.8.1030 - QNAP Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.75.0 - Samsung Electronics Co., Ltd.)
Samsung Easy Color Manager (HKLM-x32\...\{778EACF8-06C1-47AA-9284-91550E9BAD39}) (Version: - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Self-service Plug-in (x32 Version: 4.5.0.14155 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Software Informer 1.1 (HKLM-x32\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Software Time Lock (HKLM-x32\...\Software Time Lock) (Version: - )
Spotify (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StorageCrypt 4.1.0 (HKLM-x32\...\{C1F113F5-7EA6-43E4-9F01-4AF0EF86EAF7}_is1) (Version: - Magiclab software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.209.0805.005.02 - Micro-Star International Co., Ltd.)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
The TVDB XML Fetcher for the WDTV Live Hub (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\124d7bfeeda3fda0) (Version: 1.7.1.3 - TVDB XML Fetcher)
Transmission Remote GUI 3.2 (HKLM-x32\...\transgui_is1) (Version: - Yury Sidorov)
USB Server (HKLM-x32\...\InstallShield_{1BD0D662-EDF3-412A-8893-F9B405A73662}) (Version: 0.10.0917.0048 - Sharkoon)
USB Server (Version: 0.10.0917.0048 - Sharkoon) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) (HKLM\...\7F973C87231D745EBF31E772CC38BB9B185D3819) (Version: 12/04/2009 5.89.0.64 - ENE)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
X-Rite Device Services Manager (HKLM-x32\...\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}) (Version: 2.3.212 - X-Rite)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {0810588A-1E9E-4533-BA91-38D3AE636334} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0E340339-66E4-4AFD-92C5-4FDC7C24B984} - System32\Tasks\{D6EE75C7-0F68-4BB6-A05B-CA7B3AB7420C} => pcalua.exe -a I:\Setup.exe -d I:\
Task: {1FBED381-1734-4E39-BBA6-5AA4AA4975AB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {22BAE83D-9B7D-48F8-8D1E-C7591951761B} - System32\Tasks\{5D4F23E5-7AC5-4BED-A3E0-562E2463F051} => pcalua.exe -a E:\SA52XX_installer_WMP.exe -d E:\
Task: {23DC1A07-61BA-4D00-8C3F-93FA95E4675B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.)
Task: {241733F0-D895-43EF-909E-CC38B4E47676} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3C7246CE-988C-402F-9A6F-75624DD27808} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4EBC2F2D-50CF-4BF9-81F1-CD399DBF783D} - System32\Tasks\{9AE48527-8FA3-453E-997E-C039A39B744B} => pcalua.exe -a "C:\Users\Amy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D49GHKG1\hz2010_win_setup[1].exe" -d C:\Users\Amy\Desktop
Task: {4F11D597-3405-4E00-898B-7FD6645AA659} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.)
Task: {55F1541C-050C-4596-B457-796FEA35048D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5EBF2BFB-D3D4-4FF2-80D0-7374934C75A5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {61DE75D0-AAD9-4338-A97E-CC2D551AC4B3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {65BE8F7E-B08A-485F-BD25-AE28BAFABD22} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {667F31A4-A4D8-4442-8D9E-4374B7B1CBB9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {713C36F1-F75B-463E-A4B5-CDEA02632D12} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2015-08-11] (X-Rite Inc.)
Task: {714437DD-ABB5-456C-9CA1-836A43E57B1A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8967C0FE-DE6C-4FCF-B2F7-AE8A6B909C47} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {89F85E76-B926-4B43-B734-A08F874BD2BF} - System32\Tasks\{3882478D-C70E-4891-B8D1-6A8E91E95925} => pcalua.exe -a C:\Users\Amy\Downloads\ADE_2.0_Installer.exe -d C:\Users\Amy\Downloads
Task: {8AEFDF57-43F8-4429-A288-9527BA6AB395} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {8D4DECB9-A982-4714-98CC-8A3A821B855A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {9A492B1F-385D-4274-93A7-296BA67403D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT
Task: {A3274A8B-5C15-419A-9322-4E639A7AEE7F} - System32\Tasks\AdobeAAMUpdater-1.0-Amy-msi-Amy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A42FBCE1-8118-44F1-BBCE-831335B3A272} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A48015C2-6172-414C-8965-2E90227B2F7F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A522359E-9371-4C45-B3D4-45174B1439F6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {A578B8DA-C018-4E93-BF7C-5D91A2E62C33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B627DD65-0274-4EDB-BBBD-793AD918A71D} - System32\Tasks\{E53DB491-B9F1-49C1-8380-932E9BC2922C} => pcalua.exe -a I:\setup.exe -d I:\
Task: {B73DC593-65EA-404C-BCE3-F3591AB08A34} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {B7FDB0F4-9EF0-4EA4-824A-20C386D40F1B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B879879F-0A91-42CC-8300-C62958131C26} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {B89AFF7C-5CA4-4465-96AF-C41EE20776B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {B8B942E9-7A32-4B64-A0F1-AB54455705A3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BE29E9B8-DABE-4B67-9926-FD011C4E1027} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {C2C10530-E3FB-4953-B09A-C9D8CF9DC6B6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {C55353CC-AFB1-4924-A6F5-3F01966EF3BF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {C5B2320B-5635-428C-9B84-7C9DC2FF8A3B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C83337C8-C0F5-4696-A896-C2266F5FDDFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {CC932A44-AE40-473E-A9C0-93A3A62CB371} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D61DD979-6C6E-4384-8BA5-20A0FA55EC13} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-28] (Adobe Systems Incorporated)
Task: {DBA47769-BEC3-480F-8103-D75CAF947D77} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {DBDF5CAC-6BDC-4966-8177-765DAE31DE8B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {DC267B4B-2332-4973-8492-6E3707061395} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {DF5568A3-F65E-4C33-87F1-660C02621998} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E0958FB6-2E69-4A6D-827F-174A6F8A5848} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {E474E3CD-9EE9-4C7B-89BD-E424FB7D1613} - System32\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22} => C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe <==== AANDACHT
Task: {E569DEA9-81ED-488F-9A4D-DE397057B107} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EC136B3D-06AF-439E-9286-066AB3FA5E55} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {ECCE4A05-808E-453D-9363-71D5ADFBCACD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EFFB74B8-4A9B-4E09-B0B8-6CF60C6133A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {F781F170-915F-46EF-A217-BFB24C341288} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {F7BF3F9B-8994-4368-8D9A-81E5FEFC2646} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
Task: C:\WINDOWS\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}.job => C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe ?/exenoupdates /exelang 1043 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE D:\ TRANSFORMS=:1043 AI_PREREQFILES=C:\Users\Amy\AppData\Local\Temp\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}\drivers64.msi AI_PREREQDIRS=C:\Users\Amy\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp <==== AANDACHT
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\WINDOWS\System32\cl31cl6.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2005-06-07 20:26 - 2005-06-07 20:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll
2016-09-15 19:44 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:34 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 21:33 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:33 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-02-23 21:15 - 2017-02-23 21:17 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:15 - 2017-02-23 21:17 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:15 - 2017-02-23 21:17 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-08 19:27 - 2017-02-08 19:31 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-05 14:20 - 2017-03-05 14:21 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-04 07:19 - 2016-06-04 07:20 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-05 09:19 - 2016-03-05 09:19 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00585296 _____ () C:\Program Files\Wireshark\libgcrypt-20.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00122960 _____ () C:\Program Files\Wireshark\zlib1.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00108112 _____ () C:\Program Files\Wireshark\libgpg-error6-0.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00215456 _____ () C:\Program Files\Wireshark\libcares-2.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00493832 _____ () C:\Program Files\Wireshark\libGeoIP-1.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 01032312 _____ () C:\Program Files\Wireshark\libgnutls-28.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00744560 _____ () C:\Program Files\Wireshark\libsmi-2.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00269392 _____ () C:\Program Files\Wireshark\lua52.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00460864 _____ () C:\Program Files\Wireshark\libgmp-10.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00197792 _____ () C:\Program Files\Wireshark\libhogweed-2-4.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00195248 _____ () C:\Program Files\Wireshark\libnettle-4-6.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00260296 _____ () C:\Program Files\Wireshark\libp11-kit-0.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00093536 _____ () C:\Program Files\Wireshark\libtasn1-6.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00045472 _____ () C:\Program Files\Wireshark\libffi-6.dll
2017-03-01 21:55 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-03-01 21:55 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-03-01 21:55 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-03-01 21:55 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-03-01 21:55 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-07-13 10:33 - 2015-07-13 10:33 - 01592832 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 14:03 - 2013-06-21 14:03 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2017-02-08 19:22 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 19:22 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123simsen.com -> www.123simsen.com
Er zijn 7718 Meer websites.
==================== Hosts inhoud: ==========================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2009-07-14 03:34 - 2014-06-04 20:15 - 00000060 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 sams.nikonimaging.com
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\PE_C_DEFAULTAPPPOOL\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Viewer\Achtergrond van Windows Photo Viewer.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QNAP QGet.lnk => C:\windows\pss\QNAP QGet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KooBits 4.lnk => C:\windows\pss\KooBits 4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk => C:\windows\pss\OneNote 2010 Schermopname en Snel starten.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6C099CC1D08F8E3594D1CD726B240377 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QGet => "C:\Program Files (x86)\QNAP\QGet\QGet.exe" /min
MSCONFIG\startupreg: Sharkoon USB Server => "C:\Program Files (x86)\Sharkoon\USB Server\Sharkoon USB Server.exe" /h
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\StartupApproved\Run: => "Skytel"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Skype"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{B40BBFC1-63C2-46BE-98A0-6AC3A4366F34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DBCF8095-1B9B-4DB8-B9AE-DFACDC7299D9}C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe] => (Allow) C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe
FirewallRules: [TCP Query User{39FF8B75-D6AA-4E96-91E8-F0532104CD18}C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe] => (Allow) C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe
FirewallRules: [{9F7E0AB1-C255-4100-BAE8-6A824A112455}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{6CF9DAD4-8041-4FF9-8EA1-6A12B680C6AF}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Block) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [TCP Query User{FD43E10B-445C-448B-90A7-24896F8A993D}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Block) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [UDP Query User{6E382882-7B9F-40F3-A859-DEF4D7C3D8E9}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Allow) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [TCP Query User{A7A9C2A2-7F5A-4AD0-AF00-53194FF16F60}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Allow) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [UDP Query User{45686D48-40FA-4684-95C1-7C9C05728E5B}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5B2D224E-02E7-42F5-8F01-6C9D92B147C0}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [{08535DFF-B3EB-43A6-A047-541BE9416318}] => (Allow) LPort=20642
FirewallRules: [{0FF7059E-8033-4166-8980-B88D75971D35}] => (Allow) LPort=20642
FirewallRules: [UDP Query User{0DE027E7-6879-4B5C-8BFC-0D870546CA9C}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [TCP Query User{1BAA371E-62E4-4658-AB0E-E0AF69F8BDED}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{F5ACF1F2-6072-43D5-AE12-0675C14F5311}C:\program files (x86)\qnap\qget\qget.exe] => (Allow) C:\program files (x86)\qnap\qget\qget.exe
FirewallRules: [TCP Query User{ACF74BAC-0ADA-4D72-8010-025708C3BB79}C:\program files (x86)\qnap\qget\qget.exe] => (Allow) C:\program files (x86)\qnap\qget\qget.exe
FirewallRules: [UDP Query User{CF1CB685-6AFA-44C5-BE8E-6B0EEE8278CF}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{8D97D992-85A7-4DE1-8E15-FEA7BE5AAF70}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{980C4F41-2C4C-4D8C-8C96-BAA1B26D0569}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EBDF911F-0098-4F02-BA35-9426B483B290}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0A850FFE-904C-4937-878F-8705950FD145}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [TCP Query User{CB203468-67AC-448C-B656-1D7CC6399461}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [UDP Query User{594FB825-63F9-4D8C-AE19-852BD2091807}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [TCP Query User{B018AD6C-49BA-4EE1-9E43-8CDDD106B70A}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [UDP Query User{F815AE97-08E8-458F-B72A-761166D7E4C1}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{D5966F55-699D-43B8-BD7F-10F98835E4BB}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [{FBBFC593-334D-4E6D-8E21-FE5A182624D3}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{6CE8FDE6-6EF0-4CE9-BE39-CE8B3F0CBFB2}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{F66639F9-7D8D-4FC3-9387-45C06174C189}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe
FirewallRules: [{155D12D1-89D1-4F13-A18E-7693EC79B3EB}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe
FirewallRules: [UDP Query User{F45177C4-7CB2-40BE-9A24-256CA6DD6088}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3599D2DF-D4A6-4F40-9DF0-5FEA3580B495}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{A3EF61C9-03CC-4388-8246-440375A4A85B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3567F475-C89C-4EF8-A742-8198C03CF879}] => (Allow) LPort=1900
FirewallRules: [{B1E1B0B0-EE0F-4D61-9CB4-30BD08056D39}] => (Allow) LPort=2869
FirewallRules: [{DBC56023-060E-4579-90C8-DE9DC6D950EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C6574BDE-E6E7-4F00-8C02-8BBC1AD9DE9D}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56232E76-30A7-4F12-A8BA-66C638F7A61B}] => (Allow) svchost.exe
FirewallRules: [{DDC3382E-180A-406D-B848-D5B1F35D894C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8FE9A44-A015-4900-80F8-1DD8B59CBEDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{725C5214-F569-4384-98EF-FA88B158204D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719A1323-3D8D-4951-A096-9261AB5E1308}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F5E1AED-B1CE-4780-A5FE-7C47708588A2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{25D83CC3-BDC1-4A7C-9024-03A22476FAC3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B6F979D6-E939-4BAD-B891-49568EC4FC00}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7980F31B-9914-4D5C-8681-687CF1EE41CD}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C2498CC-2D87-4B10-A538-BD53D9F3E8C2}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{A7F78BBF-7543-497A-97FB-8F6BBBBFA4D7}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8FD7431B-4D14-4E2A-81AF-94164027F97F}] => (Allow) LPort=5454
FirewallRules: [{50B4E57F-7062-4CC3-A348-A0C641B6EA07}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [TCP Query User{4EB4834A-2CEF-46DD-92A9-53E7AA6593BB}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92F98120-B14B-4768-9DC6-4372473F19DD}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{AB73FA9A-C6C3-4348-BCE7-94C93B344D4B}C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe] => (Allow) C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe
FirewallRules: [UDP Query User{9A0EFD49-EEEE-482B-BD28-D794B47A697C}C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe] => (Allow) C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe
FirewallRules: [{E3696EBA-15B2-4609-8404-39F401A7E563}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{627BA37B-CB3D-425D-9A3A-9C5D548BCA3E}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{21492FA2-A12F-4868-A97C-2E8485FB13D9}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{88A4697F-E00B-4F12-B2AA-06A9CCFC35D7}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{2B778A62-EFBE-4339-AF12-AD1F13A629E0}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{1CB8DDA7-396A-42AF-A9AE-681237B59B02}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{BA4965C7-04A0-426D-90E5-0A924AFC2B2B}] => (Block) %ProgramFiles% (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{2EFAC66C-6FFA-44E2-B1F9-D4F848F50488}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Herstelpunten =========================
26-01-2017 20:45:51 Windows Update
27-02-2017 07:23:01 Windows Update
==================== Defecte Apparaatbeheer Apparaten =============
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (03/04/2017 10:21:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Explorer.EXE, versie: 10.0.14393.479, tijdstempel: 0x58258a90
Naam van module met fout: ntdll.dll, versie: 10.0.14393.479, tijdstempel: 0x5825887f
Uitzonderingscode: 0xc0000005
Foutmarge: 0x000000000000766d
Id van proces met fout: 0x1510
Starttijd van toepassing met fout: 0x01d2952d30d85262
Pad naar toepassing met fout: C:\WINDOWS\Explorer.EXE
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: a9815d35-a87f-4477-8240-076f364d8cce
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (03/02/2017 11:13:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig.
.
Bewerking:
Asynchrone bewerking uitvoeren
Context:
Huidige status: DoSnapshotSet
Error: (03/02/2017 11:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Toegang geweigerd.
.
Error: (03/02/2017 10:32:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Amy-msi)
Description: Het pakket windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel is beindigd omdat het onderbreken te lang duurde.
Error: (03/02/2017 09:45:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Amy-msi)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147024891. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
Error: (03/02/2017 09:40:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: OneDriveStandaloneUpdater.exe, versie: 17.3.6743.1212, tijdstempel: 0x584f7687
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutmarge: 0x00f0d130
Id van proces met fout: 0xecc
Starttijd van toepassing met fout: 0x01d29394b20430db
Pad naar toepassing met fout: C:\Users\Amy\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Pad naar module met fout: unknown
Rapport-id: 88c16595-3420-4f21-8b3e-ac1f59bb0d52
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Systeemfouten:
=============
Error: (03/05/2017 02:15:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/04/2017 11:42:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {995C996E-D918-4A8C-A302-45719A6F4EA7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (03/04/2017 11:42:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {995C996E-D918-4A8C-A302-45719A6F4EA7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (03/04/2017 10:20:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/03/2017 12:53:51 PM) (Source: disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR2.
Error: (03/03/2017 12:34:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/02/2017 10:51:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/02/2017 10:37:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Avira Web Protection-service is afhankelijk van de Avira Real-Time Protection-service, die vanwege de volgende fout niet kan worden gestart:
Na het starten is de service blijven hangen.
Error: (03/02/2017 10:37:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Avira Mail Protection-service is afhankelijk van de Avira Real-Time Protection-service, die vanwege de volgende fout niet kan worden gestart:
Na het starten is de service blijven hangen.
Error: (03/02/2017 10:37:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Avira Real-Time Protection-service is bij het starten vastgelopen.
==================== Geheugen info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage geheugen in gebruik: 71%
Totaal fysiek RAM-geheugen: 3886.03 MB
Beschikbaar fysiek RAM-geheugen: 1118.27 MB
Totaal Virtueel geheugen: 7854.03 MB
Beschikbaar Virtual geheugen: 3971.5 MB
==================== Schijven ================================
Drive c: (OS_Install) (Fixed) (Total:273.4 GB) (Free:35.1 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (Data) (Fixed) (Total:180.26 GB) (Free:143.83 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DA0E4DC7)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=273.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=180.3 GB) - (Type=07 NTFS)
==================== Eind van Addition.txt ============================
Afgelopen week is mijn internetverbinding geblokkeerd doordat er in korte tijd meer dan 650 mails zijn verstuurd. Ik heb een virusscan, hitman pro en spybot gedraaid op mijn pc en laptop. Op de laptop werd door AVIRA enkel opencandy.gen gevonden in de PowerIso map.
Ziggo heeft me na het opgeven van bovenstaand verhaal weer aangesloten met de waarschuwing dat ik bij herhaling een week afgesloten wordt. Ik begrijp heel goed waarom dit gedaan wordt en ben er niet zeker van dat opencandy de oorzaak is van de verstuurde mails. Ik heb momenteel poort 25 geblokkeerd zodat er geen mails uit kunnen vanuit mijn ziggo mail adres. Volgens mij blokkeert het niet mijn hotmail berichten.
Toen ik vandaag bitcomet opende klapte internet er uit. Op mijn modem bleek nog wel verbinding te zijn, maar mijn router werkte niet goed, alle apparaten verloren hun verbinding. Na het afsluiten van bitcomet ontstond weer verbinding met de router. Misschien heeft dit er niets mee te maken en is het puur toeval.
Om er zeker van te zijn dat mijn laptop en pc schoon zijn wil ik graag het logje laten controleren. Onderstaande log is van mijn laptop aangezien daar OpenCandy op gevonden is.
(In het logje is te zien dat WireShark draait. Ik vond op internet dat daarmee inzicht te krijgen is in het dataverkeer. Ik snap er echter helemaal niks van, maar als ik daar iets van moet posten hoor ik het graag)
Alvast bedankt!!
Groeten Sed
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 05-03-2017
Gestart door Amy (Beheerder) op AMY-MSI (05-03-2017 20:46:00)
Gestart vanaf C:\Users\Amy\Desktop
Geladen Profielen: Amy (Beschikbare Profielen: Amy & DefaultAppPool)
Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MSIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(The Wireshark developer community, hxxp://www.wireshark.org/) C:\Program Files\Wireshark\Wireshark.exe
(The Wireshark developer community) C:\Program Files\Wireshark\dumpcap.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
==================== Register (gefilterd) ====================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-07-02] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-02] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [MGSysCtrl] => C:\Program Files (x86)\System Control Manager\MGSysCtrl.exe [2072576 2009-08-05] (Micro-Star International Co., Ltd.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [526648 2016-09-04] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [231736 2016-09-04] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [61944 2017-02-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [909744 2017-02-17] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\PE_C_DEFAULTAPPPOOL\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2016-07-16] (Microsoft Corporation)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [WinFLTray] => C:\windows\SysWow64\WinFLTray.ex
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.ex
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Steam] => D:\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Spotify Web Helper] => C:\Users\Amy\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1431664 2017-02-05] (Spotify Ltd)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9363672 2017-02-08] (Piriform Ltd)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\RunOnce: [Uninstall 17.3.6743.1212\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\RunOnce: [Uninstall 17.3.6743.1212] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6743.1212"
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-11-30] (Google)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Geen bestand
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\i1Profiler Tray.lnk [2016-01-10]
ShortcutTarget: i1Profiler Tray.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\stle.exe [2010-09-28] (Leithauser Research)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk [2016-01-10]
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{41024f9e-4698-4feb-bf1f-ec229ca7365a}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{91a430ef-6dba-47da-bd39-76f949a72427}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9a08b586-9f67-4c3b-b704-66c94e7c3ca6}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/nl-nl/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM -> {6ED3F8CD-A3FC-4528-97FF-8D7AFA4140B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL =
SearchScopes: HKLM-x32 -> {3A4C54EC-0219-4DBC-B5B8-C988D5D3AFFB} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAMI&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> DefaultScope {A2610E39-F544-4072-A88C-8C5FF87198DF} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {1A75D00B-4764-4BD7-A207-E7E10ABE056A} URL = hxxp://nl.wikipedia.org/w/index.php?title=Speciaal:Zoeken&search={searchTerms}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {3A4C54EC-0219-4DBC-B5B8-C988D5D3AFFB} URL =
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {452CB57D-A3C3-6BAE-5D55-8CCC16A2C6DB} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=Z125&form=ZGAIDF&install_date=20110913&iesrc={referrer:source}
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {6ED3F8CD-A3FC-4528-97FF-8D7AFA4140B9} URL =
SearchScopes: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> {A2610E39-F544-4072-A88C-8C5FF87198DF} URL = hxxp://www.google.nl/search?hl=nl&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Geen Naam -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> Geen bestand
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files (x86)\Samsung AnyWeb Print\W2PBrowser.dll [2011-04-22] ()
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000 -> Geen Naam - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Geen bestand
DPF: HKLM-x32 {9191F686-7F0A-441D-8A98-2FE3AC1BD913} hxxp://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
DPF: HKLM-x32 {A2505C6C-6F17-456F-89D2-4301FBDC6EC7} hxxps://extranet.rvagroep.nl/nortel_cacheable/iewiper.cab
DPF: HKLM-x32 {D83C1BD1-DCBB-11D4-9425-0050BF33FA6E} hxxp://www.cyclomedia.nl/download/components/CycloScopeLite.cab
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-09-04] (Citrix Systems, Inc.)
FireFox:
========
FF DefaultProfile: f5xo4bih.default
FF ProfilePath: C:\Users\Amy\AppData\Roaming\Philips-Songbird\Profiles\2hwfiq8q.default [2013-12-08]
FF NetworkProxy: Philips-Songbird\Profiles\2hwfiq8q.default -> no_proxies_on", "127.0.0.1;localhost"
FF Extension: (7digital Music Store) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\7digital@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Artwork Extras) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\albumart@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (CD Rip Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\cd-rip@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Concerts) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\concerts@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (AAC Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewaacdec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (H.264 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewh264dec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MP3 Encoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmp3enc@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MPEG-4 Video Decoding Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\ewmpeg4dec@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (File association) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\fileassociation@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips GoGear Device Manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gogear@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (gonzo) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gonzo@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Gracenote Metadata Lookup Provider) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\gracenote@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Dutch (nl) Language Pack) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\langpack-nl@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (mashTape) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mashTape@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MSC Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\msc@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (MTP Device Support) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\mtp@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Philips addon manager) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-addon-manager@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Branding) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-branding@philips.com [2013-12-04] [ niet getekend]
FF Extension: (LikeMusic) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-likemusic@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips auto msc-mtp switch) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-msc-mtp-switch@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Promotions) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-promotions@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips Skin) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-skin@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Philips UI) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\philips-ui@philips.com [2013-12-04] [ niet getekend]
FF Extension: (Purple Rain) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\purplerain@songbirdnest.com [2013-12-04] [ niet getekend]
FF Extension: (Windows Media Playback) - C:\Program Files (x86)\Philips\Philips Songbird\extensions\windowsmedia@songbirdnest.com [2013-12-04] [ niet getekend]
FF SearchPlugin: C:\Users\Amy\AppData\Roaming\Philips-Songbird\Profiles\2hwfiq8q.default\searchplugins\7digital.xml [2013-12-04]
FF ProfilePath: C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default [2017-03-05]
FF Extension: (Avira Browser Safety) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\Extensions\abs@avira.com [2017-03-02]
FF Extension: (Adblock Plus) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-25]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\features\{13d3600d-82bf-4331-9e47-50e3f09ebc11}\disableSHA1rollout@mozilla.org.xpi [2017-03-02]
FF Extension: (TLS 1.3 Compatibility Testing 3) - C:\Users\Amy\AppData\Roaming\Mozilla\Firefox\Profiles\f5xo4bih.default\features\{13d3600d-82bf-4331-9e47-50e3f09ebc11}\tls13-compat-ff51@mozilla.org.xpi [2017-03-02]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-28] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [Geen bestand]
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-09-04] (Citrix Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pandasecurity.com/activescan -> C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll [2010-07-27] (Panda Security, S.L.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-20] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.nu.nl/"
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => Geen bestand
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => Geen bestand
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\gcswf32.dll => Geen bestand
CHR Plugin: (20-20 3D Viewer for IKEA) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\NP_2020Player_IKEA.dll (20-20 Technologies)
CHR Plugin: (Intel(R) Threading Building Blocks for Windows) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\tbb.dll (Intel Corporation)
CHR Plugin: (Intel(R) Threading Building Blocks for Windows) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm\5.0.93.0_0\tbbmalloc.dll (Intel Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.300.12) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U30) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll => Geen bestand
CHR Plugin: (DivX Web Player) - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll => Geen bestand
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll => Geen bestand
CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll => Geen bestand
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrl.dll => Geen bestand
CHR Plugin: (Panda ActiveScan 2.0) - C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\windows\system32\Adobe\Director\np32dsw.dll => Geen bestand
CHR Profile: C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default [2017-03-05]
CHR Extension: (Torrent Search) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\afbpdhiclgghnffhkinjikglgmolhpee [2016-10-04]
CHR Extension: (Media Hint) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\anepbdekljkmmimmhbniglnnanmmkoja [2014-04-12] [UpdateUrl: hxxps://mediahint.com/chromeupdates.xml] <==== AANDACHT
CHR Extension: (Google Drive) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (Biertijd.com Best fun & babes guaranteed
dotcom sinds 2005) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgdbblninljpemihdmcocedicapflch [2012-09-29]
CHR Extension: (Torrent Search Engine) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blojkkpcfjmhjbcdbdlifkflodghjeng [2012-09-29]
CHR Extension: (YouTube) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03]
CHR Extension: (Facebook) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\celnaknmndcdcjcagffhbhciignkeokb [2012-09-29]
CHR Extension: (Adblock Plus) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-03]
CHR Extension: (Avira Browser Safety) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-03-05]
CHR Extension: (Offline Documenten) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-02]
CHR Extension: (nu.nl
Het laatste nieuws het eerst op nu.nl) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlnijahmebncpnefmpepadcookpglblo [2012-09-29]
CHR Extension: (Dropbox) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2015-10-03]
CHR Extension: (Auto HD voor YouTube) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\koiaokdomkpjdgniimnkhgbilbjgpeak [2015-05-31]
CHR Extension: (Evernote Web) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-03-05]
CHR Extension: (Download Youtube as mp3) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepapnoaejebkkpkpacihjlfekoggahp [2013-10-06]
CHR Extension: (YouTube To MP3) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjjpcapcaijnbknmbklfjfajjopafpck [2013-10-06]
CHR Extension: (ScrewAds - Block, Skip, Remove YouTube Ads) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmbnjoljpgkhiaicaejkdcjbfjknipnc [2013-05-18]
CHR Extension: (Autonieuws van de straat : Autoblog.nl) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpjphepfojmppemckknemcnednajablo [2012-09-29]
CHR Extension: (Aanmelden) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nangjmijgboblcmlpeedobafiohnalci [2012-09-29]
CHR Extension: (EXIF Reader) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchnjcdahncnilbicljpnbfobpnljnki [2013-08-04]
CHR Extension: (Google Hangouts) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-01-28]
CHR Extension: (OneDrive) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2014-04-09]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbjlpbcjbhgeeloohnpbcfblhnkhffm [2012-01-21]
CHR Extension: (VPN in Touch) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofpdbhlplgmjciokcplneebmibpclalk [2013-09-12]
CHR Extension: (Netflix) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfiaopfckdkaalloknhljmkmjljakki [2013-09-27]
CHR Extension: (Chrome Media Router) - C:\Users\Amy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Amy\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-04-30]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1115552 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [487424 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [487424 2017-02-17] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1519144 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [349048 2017-02-22] (Avira Operations GmbH & Co. KG)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 FLService; C:\windows\SysWow64\WinFLService.exe [92360 2013-12-15] (New Softwares.net)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2017-03-01] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Bestand niet getekend]
R2 Micro Star SCM; C:\Program Files (x86)\System Control Manager\MSIService.exe [160768 2009-07-10] (Micro-Star International Co., Ltd.) [Bestand niet getekend]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Bestand niet getekend]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2015-08-11] (X-Rite Inc.)
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [161824 2017-02-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [163976 2017-02-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-02-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-02-17] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [48584 2017-02-17] (Avira Operations GmbH & Co. KG)
R3 EST_BusEnum; C:\WINDOWS\System32\drivers\GenBus.sys [29696 2009-10-06] ( )
S3 EUCR; C:\WINDOWS\System32\drivers\EUCR6SK.SYS [87888 2009-12-05] (ENE Technology Inc.)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NEWDRIVER; C:\windows\SysWow64\WinVDEdrv6.sys [197648 2013-12-15] ()
R3 NPF; C:\WINDOWS\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NUS_Bus; C:\WINDOWS\System32\drivers\NUS_Bus.sys [30208 2010-01-28] (Elite Silicon Technology Inc.)
R0 pavboot; C:\WINDOWS\System32\drivers\pavboot64.sys [33800 2009-06-30] (Panda Security, S.L.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 taphss6; C:\WINDOWS\System32\DRIVERS\taphss6.sys [42184 2013-04-24] (Anchorfree Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [34816 2013-12-15] ()
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2015-08-26] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\WINDOWS\SysWOW64\drivers\DDCDrv.sys [10240 2015-08-26] (Nicomsoft Ltd.) [Bestand niet getekend]
R2 WinVDEDrv; C:\windows\SysWow64\WinVDEdrv.sys [225680 2013-12-15] (NewSoftwares.net, Inc.)
U3 idsvc; geen ImagePath
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-03-05 20:46 - 2017-03-05 20:47 - 00038714 _____ C:\Users\Amy\Desktop\FRST.txt
2017-03-05 20:45 - 2017-03-05 20:46 - 00000000 ____D C:\FRST
2017-03-05 20:44 - 2017-03-05 20:44 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Avira
2017-03-05 20:42 - 2017-03-05 20:45 - 02423808 _____ (Farbar) C:\Users\Amy\Desktop\FRST64.exe
2017-03-05 20:07 - 2017-03-05 20:07 - 00000000 ____D C:\Program Files\Common Files\AV
2017-03-05 20:07 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-03-02 23:18 - 2017-03-05 20:26 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Wireshark
2017-03-02 23:13 - 2017-03-02 23:13 - 00001837 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark.lnk
2017-03-02 23:13 - 2017-03-02 23:13 - 00001565 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wireshark Legacy.lnk
2017-03-02 23:13 - 2017-03-02 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPcap
2017-03-02 23:13 - 2017-03-02 23:13 - 00000000 ____D C:\Program Files (x86)\WinPcap
2017-03-02 23:11 - 2017-03-02 23:13 - 00000000 ____D C:\Program Files\Wireshark
2017-03-02 23:04 - 2017-03-02 23:04 - 00000790 _____ C:\Users\Amy\Desktop\Afbeeldingen - Snelkoppeling.lnk
2017-03-02 21:52 - 2017-03-02 21:52 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2017-03-02 21:50 - 2017-02-17 09:44 - 00163976 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00161824 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00048584 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-03-02 21:50 - 2017-02-17 09:44 - 00044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-03-02 21:45 - 2017-03-02 21:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-03-02 21:45 - 2017-03-02 21:50 - 00000000 ____D C:\ProgramData\Avira
2017-03-02 21:45 - 2017-03-02 21:50 - 00000000 ____D C:\Program Files (x86)\Avira
2017-03-02 21:45 - 2017-03-02 21:45 - 00001295 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00001474 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00001462 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-03-01 21:55 - 2017-03-01 21:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-03-01 21:55 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2017-03-01 21:50 - 2017-03-01 21:50 - 00002850 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-03-01 21:50 - 2017-03-01 21:50 - 00000873 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-03-01 21:50 - 2017-03-01 21:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-03-01 21:49 - 2017-03-01 21:50 - 00000000 ____D C:\Program Files\CCleaner
2017-03-01 21:35 - 2017-03-01 21:35 - 00870022 _____ C:\Users\Amy\AppData\Local\census.cache
2017-03-01 21:34 - 2017-03-01 21:34 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-03-01 21:33 - 2017-03-01 21:33 - 00249125 _____ C:\Users\Amy\AppData\Local\ars.cache
2017-03-01 21:32 - 2017-03-01 21:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-03-01 21:31 - 2017-03-05 20:28 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-03-01 21:26 - 2017-03-05 20:07 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-03-01 21:25 - 2017-03-01 21:25 - 00003636 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2017-03-01 21:23 - 2017-03-01 21:23 - 00017022 _____ C:\WINDOWS\system32\.crusader
2017-03-01 21:03 - 2017-03-01 21:03 - 00000010 _____ C:\Users\Amy\AppData\Local\sponge.last.runtime.cache
2017-03-01 20:56 - 2017-03-01 20:56 - 00000000 ____D C:\WINDOWS\Trend Micro
2017-03-01 20:56 - 2017-03-01 20:56 - 00000000 ____D C:\ProgramData\Trend Micro
2017-03-01 20:52 - 2017-03-01 20:52 - 00000036 _____ C:\Users\Amy\AppData\Local\housecall.guid.cache
2017-03-01 20:52 - 2015-05-29 08:43 - 00307352 _____ (Trend Micro Inc.) C:\WINDOWS\system32\Drivers\tmcomm.sys
2017-03-01 20:51 - 2017-03-01 21:25 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-01 20:51 - 2017-03-01 20:51 - 00001962 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2017-03-01 20:51 - 2017-03-01 20:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2017-03-01 20:51 - 2017-03-01 20:51 - 00000000 ____D C:\Program Files\HitmanPro
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-03-05 19:57 - 2011-11-19 16:26 - 00000000 ____D C:\Users\Amy\AppData\Roaming\BitComet
2017-03-05 19:50 - 2016-08-29 20:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-05 15:27 - 2017-01-31 00:07 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-03-05 15:27 - 2015-10-06 18:31 - 00002430 _____ C:\Users\Amy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-03-05 15:27 - 2015-10-06 18:31 - 00000000 ___RD C:\Users\Amy\OneDrive
2017-03-05 14:22 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-05 14:22 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-03 12:36 - 2016-11-20 08:46 - 00000000 ____D C:\Users\Amy\AppData\LocalLow\Mozilla
2017-03-02 23:12 - 2015-10-03 08:15 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-02 22:35 - 2016-08-29 21:07 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-02 22:35 - 2016-08-29 20:30 - 05079216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-02 22:34 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-02 21:37 - 2010-09-03 20:16 - 00000000 ____D C:\Users\Amy\AppData\Local\Adobe
2017-03-01 17:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-03-01 15:18 - 2016-09-16 06:40 - 00000000 ____D C:\Users\Amy\AppData\Local\Citrix
2017-02-27 07:30 - 2013-08-16 11:22 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-27 07:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-27 07:24 - 2010-12-23 15:28 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-14 15:23 - 2016-11-17 23:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-14 15:23 - 2015-11-22 17:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-08 19:22 - 2010-11-23 14:34 - 00002302 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-05 20:39 - 2013-12-15 15:57 - 00000000 ____D C:\Users\Amy\AppData\Local\Spotify
2017-02-05 20:30 - 2013-12-15 15:57 - 00000000 ____D C:\Users\Amy\AppData\Roaming\Spotify
2017-02-05 19:51 - 2011-09-13 23:35 - 00000000 ____D C:\Users\Amy\AppData\Roaming\vlc
==================== Bestanden in de root van sommige mappen =======
2013-04-10 16:53 - 2013-04-10 16:53 - 0000132 _____ () C:\Users\Amy\AppData\Roaming\Adobe GIF Format CS6 Prefs
2013-12-06 19:55 - 2013-12-06 19:55 - 0000132 _____ () C:\Users\Amy\AppData\Roaming\Adobe PNG Format CS6 Prefs
2012-02-07 20:18 - 2014-06-04 20:17 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Synth Textures
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Tables
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Techno Kit
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\Users\Amy\AppData\Roaming\Templates
2010-10-26 22:07 - 2010-12-23 12:02 - 0000328 _____ () C:\Users\Amy\AppData\Roaming\wklnhst.dat
2013-05-11 22:13 - 2013-05-11 22:15 - 0001456 _____ () C:\Users\Amy\AppData\Local\Adobe Save for Web 13.0 Prefs
2017-03-01 21:33 - 2017-03-01 21:33 - 0249125 _____ () C:\Users\Amy\AppData\Local\ars.cache
2017-03-01 21:35 - 2017-03-01 21:35 - 0870022 _____ () C:\Users\Amy\AppData\Local\census.cache
2013-10-06 07:41 - 2013-10-06 07:48 - 0003584 _____ () C:\Users\Amy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-03-01 20:52 - 2017-03-01 20:52 - 0000036 _____ () C:\Users\Amy\AppData\Local\housecall.guid.cache
2011-03-10 20:15 - 2012-09-11 19:18 - 0000453 _____ () C:\Users\Amy\AppData\Local\Images.fl
2013-09-13 20:20 - 2013-09-13 23:08 - 0000600 _____ () C:\Users\Amy\AppData\Local\PUTTY.RND
2013-08-16 11:01 - 2013-08-18 14:15 - 0136169 _____ () C:\Users\Amy\AppData\Local\RAContactHistory.xml
2012-02-10 17:38 - 2012-06-08 19:47 - 0007606 _____ () C:\Users\Amy\AppData\Local\Resmon.ResmonCfg
2017-03-01 21:03 - 2017-03-01 21:03 - 0000010 _____ () C:\Users\Amy\AppData\Local\sponge.last.runtime.cache
2013-12-15 20:37 - 2013-12-15 21:38 - 0000700 ___SH () C:\Users\Amy\AppData\Local\systemFL7.dat
2013-12-15 20:34 - 2013-12-15 20:37 - 0000693 ___SH () C:\Users\Amy\AppData\Local\win_lockerdb_sys.dat
2013-12-15 20:31 - 2013-12-15 21:38 - 0003465 ___SH () C:\Users\Amy\AppData\Local\win_stlthdb_sys.dat
2016-07-03 22:33 - 2016-07-03 22:33 - 0000016 _____ () C:\ProgramData\mntemp
2012-02-07 20:03 - 2016-01-17 17:39 - 0000020 ____H () C:\ProgramData\PKP_DLdy.DAT
2011-06-15 22:08 - 2011-06-15 22:08 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2011-06-15 22:08 - 2016-01-17 18:28 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2011-06-15 22:08 - 2013-04-28 16:11 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-06-04 20:17 - 2014-06-04 20:17 - 0000000 _____ () C:\ProgramData\Stingers
2012-02-07 20:18 - 2014-06-04 20:17 - 0000268 ___RH () C:\ProgramData\Techno Kit
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Themes
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Track Settings
2011-06-15 22:08 - 2011-06-15 22:08 - 0000268 ___RH () C:\ProgramData\Trance Pad
2012-02-07 20:18 - 2014-06-04 20:17 - 0000012 ___RH () C:\ProgramData\Trumpet Section
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\WebServer
2013-12-15 20:31 - 2013-12-15 21:38 - 0002568 ___SH () C:\ProgramData\win_mpwd_sys.dat
2011-06-15 22:08 - 2011-06-15 22:08 - 0000012 ___RH () C:\ProgramData\Woodwind
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\win_mpwd_sys.dat
C:\Windows\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}.job
Sommige bestanden in TEMP:
====================
2016-08-29 22:36 - 2016-08-29 22:36 - 0515584 _____ () C:\Users\Amy\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-03-01 21:42
==================== Eind van FRST.txt ============================
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 05-03-2017
Gestart door Amy (05-03-2017 20:48:16)
Gestart vanaf C:\Users\Amy\Desktop
Windows 10 Home Versie 1607 (X64) (2016-08-29 20:17:32)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1097378128-3316138746-2142345461-500 - Administrator - Disabled)
Amy (S-1-5-21-1097378128-3316138746-2142345461-1000 - Administrator - Enabled) => C:\Users\Amy
DefaultAccount (S-1-5-21-1097378128-3316138746-2142345461-503 - Limited - Disabled)
Gast (S-1-5-21-1097378128-3316138746-2142345461-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1097378128-3316138746-2142345461-1002 - Limited - Enabled)
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Genstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
Aangifte inkomstenbelasting 2011 (HKLM-x32\...\Aangifte inkomstenbelasting 2011) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2012 (HKLM-x32\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst)
Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 3.4.1 64-bit (HKLM\...\{8BBA6F77-4A79-4E90-BD82-E24669ACF221}) (Version: 3.4.2 - Adobe)
Adobe Photoshop Lightroom 5.2 64-bit (HKLM\...\{54E6C675-3AD4-42E4-957F-31666ABF1603}) (Version: 5.2.1 - Adobe)
Adobe Reader 9.1 - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.4.634 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Albelli Fotoboeken (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1) (Version: - Albelli)
Any Video Converter 5.9.6 (HKLM-x32\...\Any Video Converter) (Version: 5.9.6 - Anvsoft)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{8E90189A-A5D4-4C0E-A908-06C4236F98EE}) (Version: 2.0.10.102 - ArcSoft)
ArcSoft Print Creations - Brochures & Flyers (HKLM-x32\...\{01A1A019-E1D8-482A-BE17-5E118D17C0A0}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse (HKLM-x32\...\{9591C049-5CAE-4E89-A8D9-191F1899628B}) (Version: - ArcSoft)
ArcSoft Print Creations - Funhouse II (HKLM-x32\...\{3CE47E6B-AE27-4E40-AC54-329EED96B933}) (Version: - ArcSoft)
ArcSoft Print Creations - Greeting Card (HKLM-x32\...\{F04F9557-81A9-4293-BC49-2C216FA325A7}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Book (HKLM-x32\...\{56589DFE-0C29-4DFE-8E42-887B771ECD23}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Calendar (HKLM-x32\...\{CA9ED5E4-1548-485B-A293-417840060158}) (Version: - ArcSoft)
ArcSoft Print Creations - Photo Prints (HKLM-x32\...\{95F875CC-1B85-43E6-B3E0-13EA04F3D995}) (Version: - ArcSoft)
ArcSoft Print Creations - Poster Creator (HKLM-x32\...\{5D1C82E7-7EC0-4404-A8AD-36C3B444BC34}) (Version: - ArcSoft)
ArcSoft Print Creations - Scrapbook (HKLM-x32\...\{B0D83FCD-9D42-43ED-8315-250326AADA02}) (Version: - ArcSoft)
ArcSoft Print Creations - Slimline Card (HKLM-x32\...\{007B37D9-0C45-4202-834B-DD5FAAE99D63}) (Version: - ArcSoft)
ArcSoft Print Creations (HKLM-x32\...\{C5D7039E-0803-4FE8-976D-156DE1147E4F}) (Version: 3.0.255.407 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{25478065-4CB1-448C-80E4-8C4529017EE3}) (Version: 3.0.32.262 - ArcSoft)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.25.154 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{7b509672-8eb5-466b-b85a-482e26ccc500}) (Version: 1.2.81.30631 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.81.30631 - Avira Operations GmbH & Co. KG) Hidden
BitComet 1.35 (HKLM-x32\...\BitComet) (Version: 1.35 - CometNetwork)
BorderMaker (HKLM-x32\...\BorderMaker) (Version: 4.1 - SEMANTICA)
Bridge! (HKLM-x32\...\{22EDD164-65D5-41DD-961E-08C7CDA4D471}) (Version: 1.00 - aerosoft)
BulletProof FTP Client 2010 (remove only) (HKLM-x32\...\BulletProof FTP Client 2010_is1) (Version: - BulletProof Software LLC)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.912.401 - Micro-Star International Co., Ltd.)
Camera Control Pro 2 (HKLM-x32\...\{FE96C49B-DB90-405E-A00E-09E38372F880}) (Version: 2.8.0 - Nikon)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Citrix Receiver 4.5 (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.5.0.10018 - Citrix Systems, Inc.)
Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DIYPhotoBits.com Camera Control 5.2 (HKLM-x32\...\{6A5B1D32-CC86-4689-B43C-AD52A9B8773B}) (Version: 5.2 - Raymond Lowe)
Dropbox (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ePub to PDF Converter 2.0.4 (HKLM-x32\...\ePub to PDF Converter_is1) (Version: - DONGSOFT Company, Inc.)
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
ffdshow v1.1.3562 [2010-09-07] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3562.0 - )
File Renamer - Basic (HKLM-x32\...\File Renamer - Basic) (Version: 6.3 - Sherrod Computers)
Folder Lock (HKLM-x32\...\Folder Lock) (Version: - New Softwares.net)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Fundy Designer version 1.9.34 (HKLM-x32\...\{2EB6CDD7-506F-4D1A-989A-27DC85A11739}_is1) (Version: 1.9.34 - Fundy Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Drive (HKLM-x32\...\{07A12123-B717-496B-B471-48AF6407B433}) (Version: 1.32.4066.7445 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.15.281 - SurfRight B.V.)
Huur- en zorgtoeslag 2010 (HKLM-x32\...\Huur- en zorgtoeslag 2010) (Version: - Belastingdienst)
Huur- en zorgtoeslag 2011 (HKLM-x32\...\Huur- en zorgtoeslag 2011) (Version: - Belastingdienst)
i1Profiler (HKLM-x32\...\i1Profiler_is1) (Version: 1.6.3 - X-Rite)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2008 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.32 - Irfan Skiljan)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KooBits 4.0 (HKLM-x32\...\koobits.koobits4.com) (Version: 4.0.1.9 - UNKNOWN)
KooBits 4.0 (x32 Version: 4.0.1 - UNKNOWN) Hidden
Light Image Resizer 4.0.4.1 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.1 - ObviousIdea)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magic Duels (HKLM-x32\...\Steam App 316010) (Version: - Stainless Games Ltd.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Malwarebytes Anti-Malware versie 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Camera Codec Pack (HKLM-x32\...\{F55AF1BB-B493-4D78-80DA-828958B9098C}) (Version: 16.4.1734.1104 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0413-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40649 (HKLM-x32\...\{5d0723d3-cff7-4e07-8d0b-ada737deb5e6}) (Version: 12.0.40649.5 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation)
Movavi Video Converter 16 (HKLM-x32\...\Movavi Video Converter 16) (Version: 16.2.0 - Movavi)
Mozilla Firefox 51.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 nl)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
msi Software Install (HKLM-x32\...\{07690F1C-04B1-4060-9691-6748ED1826B9}) (Version: 3.0.911.2701 - msi)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
my Picturetown Uploader (HKLM-x32\...\com.mypicturetown.myptuploader.F9C4985A082C78528AFA4529A49FFE7D3454A64B.1) (Version: 1.4 - NIKON CORPORATION)
my Picturetown Uploader (x32 Version: 1.4 - NIKON CORPORATION) Hidden
MyFreeCodec (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\MyFreeCodec) (Version: - )
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Online Plug-in (x32 Version: 14.5.0.10018 - Citrix Systems, Inc.) Hidden
Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0014 - Panda Security)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Philips Songbird (HKLM-x32\...\Philips Songbird) (Version: 5.4.1980 (1980) - Koninklijke Philips Electronics N.V.)
Photomatix Pro version 4.0.2 (HKLM\...\PhotomatixPro4.0x64_is1) (Version: 4.0.2 - HDRsoft Sarl)
PHOTOWEBSERVICE (HKLM-x32\...\PHOTOWEBSERVICE.09E811A49857C99F38513E5AB8806E09FBF6F7FA.1) (Version: v7.4050 - AREAL - MEDIA, DESENVOLVIMENTO DE SOFTWARE, LDA)
PHOTOWEBSERVICE (x32 Version: 7.255 - AREAL - MEDIA, DESENVOLVIMENTO DE SOFTWARE, LDA) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.2.2 - Nikon)
Pinnacle videodriver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PlayItAll media player 1.0.5 (HKLM-x32\...\PlayItAll media player) (Version: 1.0.5 - PlayItAll)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PolderbitS Sound Recorder and Editor (32-bit Edition) (HKLM-x32\...\PolderbitSRecorder) (Version: 9.0.0.129 - PolderbitS Software)
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.5 - Power Software Ltd)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QNAP Finder (HKLM-x32\...\QNAP_FINDER) (Version: 3.4.3.0523 - QNAP Systems, Inc.)
QNAP QGet (HKLM-x32\...\QGet) (Version: 3.0.8.1030 - QNAP Systems, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.75.0 - Samsung Electronics Co., Ltd.)
Samsung Easy Color Manager (HKLM-x32\...\{778EACF8-06C1-47AA-9284-91550E9BAD39}) (Version: - Samsung Electronics Co., Ltd.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.1.13105_6 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.29.0 - SAMSUNG Electronics Co., Ltd.)
Self-service Plug-in (x32 Version: 4.5.0.14155 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
Software Informer 1.1 (HKLM-x32\...\Software Informer_is1) (Version: - Informer Technologies, Inc.)
Software Time Lock (HKLM-x32\...\Software Time Lock) (Version: - )
Spotify (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\Spotify) (Version: 1.0.42.151.g19de0aa6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
StorageCrypt 4.1.0 (HKLM-x32\...\{C1F113F5-7EA6-43E4-9F01-4AF0EF86EAF7}_is1) (Version: - Magiclab software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Control Manager (HKLM-x32\...\{ED9C5D25-55DF-48D8-9328-2AC0D75DE5D8}) (Version: 2.209.0805.005.02 - Micro-Star International Co., Ltd.)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
The TVDB XML Fetcher for the WDTV Live Hub (HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\124d7bfeeda3fda0) (Version: 1.7.1.3 - TVDB XML Fetcher)
Transmission Remote GUI 3.2 (HKLM-x32\...\transgui_is1) (Version: - Yury Sidorov)
USB Server (HKLM-x32\...\InstallShield_{1BD0D662-EDF3-412A-8893-F9B405A73662}) (Version: 0.10.0917.0048 - Sharkoon)
USB Server (Version: 0.10.0917.0048 - Sharkoon) Hidden
ViewNX 2 (HKLM-x32\...\{DDD62492-32A7-412B-8AF1-2CF032AD42E3}) (Version: 2.1.2 - Nikon)
VLC media player 1.0.1 (HKLM-x32\...\VLC media player) (Version: 1.0.1 - VideoLAN Team)
Windows Driver Package - ENE (EUCR) USB (12/04/2009 5.89.0.64) (HKLM\...\7F973C87231D745EBF31E772CC38BB9B185D3819) (Version: 12/04/2009 5.89.0.64 - ENE)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Wireshark 2.2.4 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.2.4 - The Wireshark developer community, hxxps://www.wireshark.org)
X-Rite Device Services Manager (HKLM-x32\...\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}) (Version: 2.3.212 - X-Rite)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Amy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {0810588A-1E9E-4533-BA91-38D3AE636334} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {0E340339-66E4-4AFD-92C5-4FDC7C24B984} - System32\Tasks\{D6EE75C7-0F68-4BB6-A05B-CA7B3AB7420C} => pcalua.exe -a I:\Setup.exe -d I:\
Task: {1FBED381-1734-4E39-BBA6-5AA4AA4975AB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {22BAE83D-9B7D-48F8-8D1E-C7591951761B} - System32\Tasks\{5D4F23E5-7AC5-4BED-A3E0-562E2463F051} => pcalua.exe -a E:\SA52XX_installer_WMP.exe -d E:\
Task: {23DC1A07-61BA-4D00-8C3F-93FA95E4675B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.)
Task: {241733F0-D895-43EF-909E-CC38B4E47676} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {3C7246CE-988C-402F-9A6F-75624DD27808} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Amy\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4EBC2F2D-50CF-4BF9-81F1-CD399DBF783D} - System32\Tasks\{9AE48527-8FA3-453E-997E-C039A39B744B} => pcalua.exe -a "C:\Users\Amy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D49GHKG1\hz2010_win_setup[1].exe" -d C:\Users\Amy\Desktop
Task: {4F11D597-3405-4E00-898B-7FD6645AA659} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-28] (Google Inc.)
Task: {55F1541C-050C-4596-B457-796FEA35048D} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {5EBF2BFB-D3D4-4FF2-80D0-7374934C75A5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {61DE75D0-AAD9-4338-A97E-CC2D551AC4B3} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {65BE8F7E-B08A-485F-BD25-AE28BAFABD22} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {667F31A4-A4D8-4442-8D9E-4374B7B1CBB9} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {713C36F1-F75B-463E-A4B5-CDEA02632D12} - System32\Tasks\X-Rite Device Services Software Updater => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe [2015-08-11] (X-Rite Inc.)
Task: {714437DD-ABB5-456C-9CA1-836A43E57B1A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {8967C0FE-DE6C-4FCF-B2F7-AE8A6B909C47} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {89F85E76-B926-4B43-B734-A08F874BD2BF} - System32\Tasks\{3882478D-C70E-4891-B8D1-6A8E91E95925} => pcalua.exe -a C:\Users\Amy\Downloads\ADE_2.0_Installer.exe -d C:\Users\Amy\Downloads
Task: {8AEFDF57-43F8-4429-A288-9527BA6AB395} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {8D4DECB9-A982-4714-98CC-8A3A821B855A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {9A492B1F-385D-4274-93A7-296BA67403D0} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Geen bestand <==== AANDACHT
Task: {A3274A8B-5C15-419A-9322-4E639A7AEE7F} - System32\Tasks\AdobeAAMUpdater-1.0-Amy-msi-Amy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A42FBCE1-8118-44F1-BBCE-831335B3A272} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {A48015C2-6172-414C-8965-2E90227B2F7F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A522359E-9371-4C45-B3D4-45174B1439F6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {A578B8DA-C018-4E93-BF7C-5D91A2E62C33} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-08] (Piriform Ltd)
Task: {B627DD65-0274-4EDB-BBBD-793AD918A71D} - System32\Tasks\{E53DB491-B9F1-49C1-8380-932E9BC2922C} => pcalua.exe -a I:\setup.exe -d I:\
Task: {B73DC593-65EA-404C-BCE3-F3591AB08A34} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {B7FDB0F4-9EF0-4EA4-824A-20C386D40F1B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {B879879F-0A91-42CC-8300-C62958131C26} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {B89AFF7C-5CA4-4465-96AF-C41EE20776B2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {B8B942E9-7A32-4B64-A0F1-AB54455705A3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BE29E9B8-DABE-4B67-9926-FD011C4E1027} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {C2C10530-E3FB-4953-B09A-C9D8CF9DC6B6} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {C55353CC-AFB1-4924-A6F5-3F01966EF3BF} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {C5B2320B-5635-428C-9B84-7C9DC2FF8A3B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C83337C8-C0F5-4696-A896-C2266F5FDDFA} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {CC932A44-AE40-473E-A9C0-93A3A62CB371} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {D61DD979-6C6E-4384-8BA5-20A0FA55EC13} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-12-28] (Adobe Systems Incorporated)
Task: {DBA47769-BEC3-480F-8103-D75CAF947D77} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {DBDF5CAC-6BDC-4966-8177-765DAE31DE8B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {DC267B4B-2332-4973-8492-6E3707061395} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {DF5568A3-F65E-4C33-87F1-660C02621998} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {E0958FB6-2E69-4A6D-827F-174A6F8A5848} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {E474E3CD-9EE9-4C7B-89BD-E424FB7D1613} - System32\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22} => C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe <==== AANDACHT
Task: {E569DEA9-81ED-488F-9A4D-DE397057B107} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EC136B3D-06AF-439E-9286-066AB3FA5E55} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {ECCE4A05-808E-453D-9363-71D5ADFBCACD} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe
Task: {EFFB74B8-4A9B-4E09-B0B8-6CF60C6133A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {F781F170-915F-46EF-A217-BFB24C341288} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {F7BF3F9B-8994-4368-8D9A-81E5FEFC2646} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
Task: C:\WINDOWS\Tasks\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}.job => C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe ?/exenoupdates /exelang 1043 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE D:\ TRANSFORMS=:1043 AI_PREREQFILES=C:\Users\Amy\AppData\Local\Temp\{F29C1970-8FA7-40FC-ABCB-56E147C44F22}\drivers64.msi AI_PREREQDIRS=C:\Users\Amy\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\Amy\AppData\Local\Temp\is-OUDHU.tmp <==== AANDACHT
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2008-09-08 10:19 - 2008-09-08 10:19 - 00022016 _____ () C:\WINDOWS\System32\cl31cl6.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-20 12:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2005-06-07 20:26 - 2005-06-07 20:26 - 00043008 _____ () C:\Program Files (x86)\WinRAR 3.61 Multi\rarext64.dll
2016-09-15 19:44 - 2016-09-07 05:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 21:34 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 21:33 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 21:33 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 21:33 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2012-11-26 22:54 - 2012-11-26 22:54 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-02-23 21:15 - 2017-02-23 21:17 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:15 - 2017-02-23 21:17 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:15 - 2017-02-23 21:17 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-08 19:27 - 2017-02-08 19:31 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-05 14:20 - 2017-03-05 14:21 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-04 07:19 - 2016-06-04 07:20 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-05 14:20 - 2017-03-05 14:21 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-05 09:19 - 2016-03-05 09:19 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00585296 _____ () C:\Program Files\Wireshark\libgcrypt-20.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00122960 _____ () C:\Program Files\Wireshark\zlib1.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00108112 _____ () C:\Program Files\Wireshark\libgpg-error6-0.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00215456 _____ () C:\Program Files\Wireshark\libcares-2.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00493832 _____ () C:\Program Files\Wireshark\libGeoIP-1.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 01032312 _____ () C:\Program Files\Wireshark\libgnutls-28.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00744560 _____ () C:\Program Files\Wireshark\libsmi-2.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00269392 _____ () C:\Program Files\Wireshark\lua52.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00460864 _____ () C:\Program Files\Wireshark\libgmp-10.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00197792 _____ () C:\Program Files\Wireshark\libhogweed-2-4.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00195248 _____ () C:\Program Files\Wireshark\libnettle-4-6.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00260296 _____ () C:\Program Files\Wireshark\libp11-kit-0.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00093536 _____ () C:\Program Files\Wireshark\libtasn1-6.dll
2017-01-23 22:55 - 2017-01-23 22:55 - 00045472 _____ () C:\Program Files\Wireshark\libffi-6.dll
2017-03-01 21:55 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-03-01 21:55 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-03-01 21:55 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-03-01 21:55 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-03-01 21:55 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-07-13 10:33 - 2015-07-13 10:33 - 01592832 _____ () C:\Program Files (x86)\X-Rite\Devices\rm200\GoldenEye.dll
2013-06-21 14:03 - 2013-06-21 14:03 - 02633728 _____ () C:\Program Files (x86)\X-Rite\Devices\colormunki\colormunki.dll
2017-02-08 19:22 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 19:22 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\123simsen.com -> www.123simsen.com
Er zijn 7718 Meer websites.
==================== Hosts inhoud: ==========================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2009-07-14 03:34 - 2014-06-04 20:15 - 00000060 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 sams.nikonimaging.com
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\PE_C_DEFAULTAPPPOOL\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Amy\AppData\Roaming\Microsoft\Windows Photo Viewer\Achtergrond van Windows Photo Viewer.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QNAP QGet.lnk => C:\windows\pss\QNAP QGet.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^KooBits 4.lnk => C:\windows\pss\KooBits 4.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Amy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Schermopname en Snel starten.lnk => C:\windows\pss\OneNote 2010 Schermopname en Snel starten.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Amy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6C099CC1D08F8E3594D1CD726B240377 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QGet => "C:\Program Files (x86)\QNAP\QGet\QGet.exe" /min
MSCONFIG\startupreg: Sharkoon USB Server => "C:\Program Files (x86)\Sharkoon\USB Server\Sharkoon USB Server.exe" /h
MSCONFIG\startupreg: Skytel => C:\Program Files\Realtek\Audio\HDA\Skytel.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
HKLM\...\StartupApproved\Run: => "Skytel"
HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1097378128-3316138746-2142345461-1000\...\StartupApproved\Run: => "Skype"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{B40BBFC1-63C2-46BE-98A0-6AC3A4366F34}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [UDP Query User{DBCF8095-1B9B-4DB8-B9AE-DFACDC7299D9}C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe] => (Allow) C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe
FirewallRules: [TCP Query User{39FF8B75-D6AA-4E96-91E8-F0532104CD18}C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe] => (Allow) C:\users\amy\appdata\local\microsoft\windows\inetcookies\downloads\java\jre1.7.0_75\bin\java.exe
FirewallRules: [{9F7E0AB1-C255-4100-BAE8-6A824A112455}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [UDP Query User{6CF9DAD4-8041-4FF9-8EA1-6A12B680C6AF}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Block) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [TCP Query User{FD43E10B-445C-448B-90A7-24896F8A993D}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Block) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [UDP Query User{6E382882-7B9F-40F3-A859-DEF4D7C3D8E9}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Allow) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [TCP Query User{A7A9C2A2-7F5A-4AD0-AF00-53194FF16F60}C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe] => (Allow) C:\program files (x86)\sharkoon\usb server\sharkoon usb server.exe
FirewallRules: [UDP Query User{45686D48-40FA-4684-95C1-7C9C05728E5B}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{5B2D224E-02E7-42F5-8F01-6C9D92B147C0}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [{08535DFF-B3EB-43A6-A047-541BE9416318}] => (Allow) LPort=20642
FirewallRules: [{0FF7059E-8033-4166-8980-B88D75971D35}] => (Allow) LPort=20642
FirewallRules: [UDP Query User{0DE027E7-6879-4B5C-8BFC-0D870546CA9C}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [TCP Query User{1BAA371E-62E4-4658-AB0E-E0AF69F8BDED}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{F5ACF1F2-6072-43D5-AE12-0675C14F5311}C:\program files (x86)\qnap\qget\qget.exe] => (Allow) C:\program files (x86)\qnap\qget\qget.exe
FirewallRules: [TCP Query User{ACF74BAC-0ADA-4D72-8010-025708C3BB79}C:\program files (x86)\qnap\qget\qget.exe] => (Allow) C:\program files (x86)\qnap\qget\qget.exe
FirewallRules: [UDP Query User{CF1CB685-6AFA-44C5-BE8E-6B0EEE8278CF}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{8D97D992-85A7-4DE1-8E15-FEA7BE5AAF70}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{980C4F41-2C4C-4D8C-8C96-BAA1B26D0569}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{EBDF911F-0098-4F02-BA35-9426B483B290}C:\users\amy\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\amy\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{0A850FFE-904C-4937-878F-8705950FD145}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [TCP Query User{CB203468-67AC-448C-B656-1D7CC6399461}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [UDP Query User{594FB825-63F9-4D8C-AE19-852BD2091807}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [TCP Query User{B018AD6C-49BA-4EE1-9E43-8CDDD106B70A}C:\program files (x86)\qnap\finder\finder.exe] => (Allow) C:\program files (x86)\qnap\finder\finder.exe
FirewallRules: [UDP Query User{F815AE97-08E8-458F-B72A-761166D7E4C1}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{D5966F55-699D-43B8-BD7F-10F98835E4BB}C:\program files (x86)\bitcomet\bitcomet.exe] => (Allow) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [{FBBFC593-334D-4E6D-8E21-FE5A182624D3}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{6CE8FDE6-6EF0-4CE9-BE39-CE8B3F0CBFB2}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{F66639F9-7D8D-4FC3-9387-45C06174C189}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe
FirewallRules: [{155D12D1-89D1-4F13-A18E-7693EC79B3EB}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe
FirewallRules: [UDP Query User{F45177C4-7CB2-40BE-9A24-256CA6DD6088}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3599D2DF-D4A6-4F40-9DF0-5FEA3580B495}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{A3EF61C9-03CC-4388-8246-440375A4A85B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{3567F475-C89C-4EF8-A742-8198C03CF879}] => (Allow) LPort=1900
FirewallRules: [{B1E1B0B0-EE0F-4D61-9CB4-30BD08056D39}] => (Allow) LPort=2869
FirewallRules: [{DBC56023-060E-4579-90C8-DE9DC6D950EA}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C6574BDE-E6E7-4F00-8C02-8BBC1AD9DE9D}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{56232E76-30A7-4F12-A8BA-66C638F7A61B}] => (Allow) svchost.exe
FirewallRules: [{DDC3382E-180A-406D-B848-D5B1F35D894C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8FE9A44-A015-4900-80F8-1DD8B59CBEDB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{725C5214-F569-4384-98EF-FA88B158204D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{719A1323-3D8D-4951-A096-9261AB5E1308}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F5E1AED-B1CE-4780-A5FE-7C47708588A2}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{25D83CC3-BDC1-4A7C-9024-03A22476FAC3}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{B6F979D6-E939-4BAD-B891-49568EC4FC00}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{7980F31B-9914-4D5C-8681-687CF1EE41CD}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C2498CC-2D87-4B10-A538-BD53D9F3E8C2}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{A7F78BBF-7543-497A-97FB-8F6BBBBFA4D7}] => (Allow) D:\Steam\steamapps\common\Magic Duels\MagicDuels.exe
FirewallRules: [{8FD7431B-4D14-4E2A-81AF-94164027F97F}] => (Allow) LPort=5454
FirewallRules: [{50B4E57F-7062-4CC3-A348-A0C641B6EA07}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [TCP Query User{4EB4834A-2CEF-46DD-92A9-53E7AA6593BB}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{92F98120-B14B-4768-9DC6-4372473F19DD}C:\users\amy\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\amy\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{AB73FA9A-C6C3-4348-BCE7-94C93B344D4B}C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe] => (Allow) C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe
FirewallRules: [UDP Query User{9A0EFD49-EEEE-482B-BD28-D794B47A697C}C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe] => (Allow) C:\users\amy\desktop\xmage all\java\jre1.8.0_102\bin\java.exe
FirewallRules: [{E3696EBA-15B2-4609-8404-39F401A7E563}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{627BA37B-CB3D-425D-9A3A-9C5D548BCA3E}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{21492FA2-A12F-4868-A97C-2E8485FB13D9}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{88A4697F-E00B-4F12-B2AA-06A9CCFC35D7}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{2B778A62-EFBE-4339-AF12-AD1F13A629E0}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{1CB8DDA7-396A-42AF-A9AE-681237B59B02}] => (Allow) C:\Program Files (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{BA4965C7-04A0-426D-90E5-0A924AFC2B2B}] => (Block) %ProgramFiles% (x86)\Fundy Designer\Fundy Designer.exe
FirewallRules: [{2EFAC66C-6FFA-44E2-B1F9-D4F848F50488}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Herstelpunten =========================
26-01-2017 20:45:51 Windows Update
27-02-2017 07:23:01 Windows Update
==================== Defecte Apparaatbeheer Apparaten =============
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (03/04/2017 10:21:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Explorer.EXE, versie: 10.0.14393.479, tijdstempel: 0x58258a90
Naam van module met fout: ntdll.dll, versie: 10.0.14393.479, tijdstempel: 0x5825887f
Uitzonderingscode: 0xc0000005
Foutmarge: 0x000000000000766d
Id van proces met fout: 0x1510
Starttijd van toepassing met fout: 0x01d2952d30d85262
Pad naar toepassing met fout: C:\WINDOWS\Explorer.EXE
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: a9815d35-a87f-4477-8240-076f364d8cce
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (03/02/2017 11:13:03 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine QueryFullProcessImageNameW. hr = 0x80070006, De ingang is ongeldig.
.
Bewerking:
Asynchrone bewerking uitvoeren
Context:
Huidige status: DoSnapshotSet
Error: (03/02/2017 11:12:30 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: De service Cryptografische services is mislukt tijdens het verwerken van aanroep OnIdentity() op het object System Writer.
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.
System Error:
Toegang geweigerd.
.
Error: (03/02/2017 10:32:42 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: Amy-msi)
Description: Het pakket windows.immersivecontrolpanel_6.2.0.0_neutral_neutral_cw5n1h2txyewy+microsoft.windows.immersivecontrolpanel is beindigd omdat het onderbreken te lang duurde.
Error: (03/02/2017 09:45:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Amy-msi)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147024891. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
Error: (03/02/2017 09:40:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: OneDriveStandaloneUpdater.exe, versie: 17.3.6743.1212, tijdstempel: 0x584f7687
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutmarge: 0x00f0d130
Id van proces met fout: 0xecc
Starttijd van toepassing met fout: 0x01d29394b20430db
Pad naar toepassing met fout: C:\Users\Amy\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Pad naar module met fout: unknown
Rapport-id: 88c16595-3420-4f21-8b3e-ac1f59bb0d52
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Error: (03/02/2017 09:38:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Het uitpakken van een basislijst uit het CAB-bestand voor automatische updates is mislukt op <http://ctldl.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> met de fout: De gegevens zijn ongeldig.
.
Systeemfouten:
=============
Error: (03/05/2017 02:15:23 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/04/2017 11:42:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {995C996E-D918-4A8C-A302-45719A6F4EA7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (03/04/2017 11:42:04 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {995C996E-D918-4A8C-A302-45719A6F4EA7} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
Error: (03/04/2017 10:20:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/03/2017 12:53:51 PM) (Source: disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR2.
Error: (03/03/2017 12:34:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/02/2017 10:51:58 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
en APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.
Error: (03/02/2017 10:37:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Avira Web Protection-service is afhankelijk van de Avira Real-Time Protection-service, die vanwege de volgende fout niet kan worden gestart:
Na het starten is de service blijven hangen.
Error: (03/02/2017 10:37:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De Avira Mail Protection-service is afhankelijk van de Avira Real-Time Protection-service, die vanwege de volgende fout niet kan worden gestart:
Na het starten is de service blijven hangen.
Error: (03/02/2017 10:37:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Avira Real-Time Protection-service is bij het starten vastgelopen.
==================== Geheugen info ===========================
Processor: Intel(R) Core(TM) i3 CPU M 330 @ 2.13GHz
Percentage geheugen in gebruik: 71%
Totaal fysiek RAM-geheugen: 3886.03 MB
Beschikbaar fysiek RAM-geheugen: 1118.27 MB
Totaal Virtueel geheugen: 7854.03 MB
Beschikbaar Virtual geheugen: 3971.5 MB
==================== Schijven ================================
Drive c: (OS_Install) (Fixed) (Total:273.4 GB) (Free:35.1 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (Data) (Fixed) (Total:180.26 GB) (Free:143.83 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: DA0E4DC7)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=273.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=180.3 GB) - (Type=07 NTFS)
==================== Eind van Addition.txt ============================