• De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

Weer problemen vastlopen pc

Status
Niet open voor verdere reacties.

RWV

Bekend gezicht
Lid geworden
18 nov 2009
Berichten
166
Waarderingsscore
0
Enige weken terug heb ik op dit forum een threat geplaatst: PCwin 7 loopt na 5 min vast. Deze vraag werd door Abraham54 opgelost.
Helaas heb ik weer hetzelfde probleem. Ik heb zojuist weer minitoolbox gebruikt en de betreffende vinkjes gezet. De uitkomst staat hieronder. Kan iemand mij helpen?

MiniToolBox by Farbar Version: 17-06-2016
Ran by Rene (administrator) on 03-01-2018 at 10:46:37
Running from "C:\Users\Rene\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X64)
Model: All Series Manufacturer: ASUS
Boot Mode: Normal
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/11/2017 08:51:26 AM) (Source: HitmanPro.Alert) (User: )
Description: Malware found:

MalwareBlocked
Mitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/11/2017 08:27:03 AM) (Source: HitmanPro.Alert) (User: )
Description: Malware found:

MalwareBlocked
Mitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/10/2017 02:11:36 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 4716
Application C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp [4716]
"C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp" /SL5="$A03CA,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [4188]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:06:29 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 5356
Application C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe [5356]
2 C:\Windows\explorer.exe [4044]
3 C:\Windows\System32\userinit.exe [4896]

Thumbprint
2782f6ca5058252cb54f139e1a19a9aa13ce240374ef702f6999eef3fa515e7c

Error: (12/10/2017 02:05:49 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6776
Application C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp [6776]
"C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp" /SL5="$4063C,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6640]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:17 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6140
Application C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp [6140]
"C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp" /SL5="$404A0,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6416]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:01 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6852
Application C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp [6852]
"C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp" /SL5="$60530,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6468]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:04:03 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 7628
Application C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp [7628]
"C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp" /SL5="$4035E,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [7600]
3 C:\Program Files (x86)\Mozilla Firefox\firefox.exe [1712]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:02:24 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6768
Application C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp [6768]
"C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp" /SL5="$20304,27273886,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [3156]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [6436]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a

Error: (12/09/2017 01:26:58 PM) (Source: HitmanPro.Alert) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6004
Application C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp [6004]
"C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp" /SL5="$100174,26588596,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [4244]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [2944]
4 C:\Windows\explorer.exe [3824]
5 C:\Windows\System32\userinit.exe [4240]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a


System errors:
=============
Error: (01/03/2018 10:41:29 AM) (Source: EventLog) (User: )
Description: De vorige afsluiting van het systeem om 10:39:44 op ‎3-‎1-‎2018 is onverwacht gebeurd.

Error: (01/02/2018 05:39:13 PM) (Source: EventLog) (User: )
Description: De vorige afsluiting van het systeem om 17:38:00 op ‎2-‎1-‎2018 is onverwacht gebeurd.

Error: (01/02/2018 05:22:04 PM) (Source: EventLog) (User: )
Description: De vorige afsluiting van het systeem om 17:20:58 op ‎2-‎1-‎2018 is onverwacht gebeurd.

Error: (12/28/2017 09:41:23 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/22/2017 06:17:17 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/21/2017 10:01:46 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (12/21/2017 10:01:41 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/13/2017 10:01:38 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/13/2017 11:36:35 AM) (Source: volsnap) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.

Error: (12/10/2017 12:40:34 AM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}


Microsoft Office Sessions:
=========================
Error: (12/11/2017 08:51:26 AM) (Source: HitmanPro.Alert)(User: )
Description: MalwareBlockedMitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/11/2017 08:27:03 AM) (Source: HitmanPro.Alert)(User: )
Description: MalwareBlockedMitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/10/2017 02:11:36 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 4716
Application C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp [4716]
"C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp" /SL5="$A03CA,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [4188]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:06:29 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exeCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 5356
Application C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe [5356]
2 C:\Windows\explorer.exe [4044]
3 C:\Windows\System32\userinit.exe [4896]

Thumbprint
2782f6ca5058252cb54f139e1a19a9aa13ce240374ef702f6999eef3fa515e7c

Error: (12/10/2017 02:05:49 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6776
Application C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp [6776]
"C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp" /SL5="$4063C,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6640]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:17 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6140
Application C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp [6140]
"C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp" /SL5="$404A0,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6416]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:01 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6852
Application C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp [6852]
"C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp" /SL5="$60530,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6468]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:04:03 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 7628
Application C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp [7628]
"C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp" /SL5="$4035E,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [7600]
3 C:\Program Files (x86)\Mozilla Firefox\firefox.exe [1712]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:02:24 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6768
Application C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp [6768]
"C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp" /SL5="$20304,27273886,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [3156]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [6436]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a

Error: (12/09/2017 01:26:58 PM) (Source: HitmanPro.Alert)(User: )
Description: C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmpCodeCaveMitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6004
Application C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp [6004]
"C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp" /SL5="$100174,26588596,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [4244]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [2944]
4 C:\Windows\explorer.exe [3824]
5 C:\Windows\System32\userinit.exe [4240]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a


CodeIntegrity Errors:
===================================
Date: 2017-11-25 20:12:15.226
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:15.101
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:14.992
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:14.883
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2016-09-11 15:01:32.153
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:56:04.362
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.922
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.828
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.813
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.672
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


=========================== Installed Programs ============================

Aangifte inkomstenbelasting 2014 (HKLM-x32\...\Aangifte inkomstenbelasting 2014) (Version: - Belastingdienst)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.6 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Albelli Fotoboeken (HKCU\...\{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1) (Version: 13.0.1.2436 - albelli NL)
Any Video Converter 5.5.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Blender (HKLM\...\{3ABDE236-0A3F-4D0D-BECB-DB67EE21C593}) (Version: 2.77.0 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberView X - SF v1.30 (build 20110526) (HKLM-x32\...\{D8FF6E29-36B4-474F-A88F-973087650C00}) (Version: 1.30.000 - Pacific Image ELectronics Co., Ltd.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Electronic Arts Product Registration (HKLM-x32\...\{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Hidden
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Epson Stylus SX510W_TX550W Handboek (HKLM-x32\...\Epson Stylus SX510W_TX550W Gebruikershandleiding) (Version: - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 6.09 - NCH Software)
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.06 - NCH Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server NL) (Version: 2.0.0.1 - MAGIX AG)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hema Fotoalbum (HKCU\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: 9.1.1.1057 - Hema)
HEMA fotoservice (HKLM-x32\...\{5AA74D8E-4E02-401A-BCCE-C7565BEBE289}_is1) (Version: - Hema NL)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.7.1.723 - SurfRight B.V.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{C690D43D-4ECF-4904-A0AC-09AFD4BEA6BF}) (Version: 12.7.1.14 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Codec Pack 10.9.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
MAGIX Foto Manager 2007 4.1.1.89 (NL) (HKLM-x32\...\MAGIX Foto Manager 2007 NL) (Version: 4.1.1.89 - MAGIX AG)
MAGIX Music Manager 2007 8.1.1.98 (NL) (HKLM-x32\...\MAGIX Music Manager 2007 NL) (Version: 8.1.1.98 - MAGIX AG)
MAGIX Video deluxe 2008 PLUS 7.0.2.3 (NL) (HKLM-x32\...\MAGIX Video deluxe 2008 PLUS NL) (Version: 7.0.2.3 - MAGIX AG)
MAGIX Xtreme Photo Designer 6 6.0.20.0 (NL) (HKLM-x32\...\MAGIX Xtreme Photo Designer 6 NL) (Version: 6.0.20.0 - MAGIX AG)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movavi Video Converter 17 (HKLM-x32\...\Movavi Video Converter 17) (Version: 17.2.1 - Movavi)
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 nl) (HKLM\...\Mozilla Firefox 57.0.3 (x64 nl)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{ADD9E56D-2DD8-448A-8887-B3AF76AB1043}) (Version: 7.02.4413 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Nikon RAW Codec (HKLM-x32\...\{C8616041-2802-4DE2-B3BD-6285AAD65C2A}) (Version: 1.00.0000 - Nikon)
NVIDIA 3D Vision controllerstuurprogramma 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photomatix Pro version 3.2.9 (HKLM-x32\...\PhotomatixPro3x32_is1) (Version: 3.2.9 - HDRsoft Sarl)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 3.04 - NCH Software)
ProtectDisc Helper Driver (HKLM-x32\...\ProtectDisc Driver) (Version: 9.1.0.0 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Stamp ID3 Tag Editor (HKLM-x32\...\Stamp) (Version: 2.39 - NCH Software)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 5.04 - NCH Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.9.2 - Nikon)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 25%
Total physical RAM: 8130.06 MB
Available physical RAM: 6070.11 MB
Total Virtual: 16258.3 MB
Available Virtual: 14099.37 MB

========================= Partitions: =====================================

1 Drive c: (C schijf) (Fixed) (Total:119.14 GB) (Free:1.69 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:876.44 GB) NTFS
4 Drive f: (LaCie) (Fixed) (Total:698.64 GB) (Free:6.02 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\EIGENAAR-PC

Administrator Gast Rene
Tijn
De opdracht is voltooid.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
 
en vervolgens heb ik Farbar recovery scan gedraaid. Als eerste het frst bestand:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 24-11-2017 01
Gestart door Rene (Beheerder) op EIGENAAR-PC (03-01-2018 11:00:29)
Gestart vanaf C:\Users\Rene\Desktop
Geladen Profielen: Rene (Beschikbare Profielen: Tijn & Rene)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(DEVGURU Co., LTD.) C:\Users\Rene\Documents\Jacqueline\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(SurfRight B.V.) C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Samsung Electronics Co., Ltd.) C:\Users\Rene\Documents\Jacqueline\Kies\KiesTrayAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-11-21] (AVAST Software)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9068040 2016-11-09] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2461504 2014-09-17] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [VX1000] => C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [TrayServer] => C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe [90112 2007-07-04] (MAGIX AG)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Users\Rene\Documents\Jacqueline\Kies\KiesTrayAgent.exe [318128 2016-11-16] (Samsung Electronics Co., Ltd.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-18\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-18\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5A457327-406A-45B2-9D54-ECD766B9FAC6}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3012430077-1547949342-670151222-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-11-21] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Geen Naam -> {451C804F-C205-4F03-B48E-537EC94937BF} -> Geen bestand
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-11-21] (AVAST Software)
BHO-x32: Aanmeldhulp voor Microsoft-account -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-23] (Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - Geen bestand

FireFox:
========
FF DefaultProfile: yffea31w.default-1511440435520
FF ProfilePath: C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\yffea31w.default-1511440435520 [2018-01-03]
FF Extension: (Avast SafePrice) - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\yffea31w.default-1511440435520\Extensions\sp@avast.com.xpi [2017-12-06]
FF Extension: (Avast Online Security) - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\yffea31w.default-1511440435520\Extensions\wrc@avast.com.xpi [2017-11-21]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Rene\AppData\Roaming\Mozilla\Firefox\Profiles\yffea31w.default-1511440435520\features\{0d7cd4b3-4c90-4be2-bd7c-34c6a749453f}\disable-media-wmf-nv12@mozilla.org.xpi [2017-12-10] [Verouderd]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25] [Verouderd]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-29] [Verouderd] [ niet getekend]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_187.dll [2017-11-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1231201.dll [2017-11-02] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-23] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default [2017-12-07]
CHR Extension: (Presentaties) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-30]
CHR Extension: (Documenten) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-30]
CHR Extension: (Google Drive) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-19]
CHR Extension: (IBM Security Rapport) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-12-01]
CHR Extension: (YouTube) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-19]
CHR Extension: (Google Search) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-19]
CHR Extension: (Avast SafePrice) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-12-07]
CHR Extension: (Spreadsheets) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-30]
CHR Extension: (Offline Documenten) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (Avast Online Security) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-10-30]
CHR Extension: (Skype) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-07]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-14]
CHR Extension: (Gmail) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-07]
CHR Extension: (Chrome Media Router) - C:\Users\Rene\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-01]
CHR HKU\S-1-5-21-3012430077-1547949342-670151222-1003\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-11-21] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-11-21] (AVAST Software)
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®) [Bestand niet getekend]
R2 hmpalertsvc; C:\Program Files (x86)\HitmanPro.Alert\hmpalert.exe [4935304 2017-11-22] (SurfRight B.V.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Bestand niet getekend]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-05] (Nero AG) [Bestand niet getekend]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-09-17] (NVIDIA Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 ss_conn_service; C:\Users\Rene\Documents\Jacqueline\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 UPnPService; C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe [544768 2006-12-14] (Magix AG) [Bestand niet getekend]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 acedrv09; C:\Windows\system32\drivers\acedrv09.sys [294720 2014-03-26] (Protect Software GmbH)
S2 acehlp09; C:\Windows\system32\drivers\acehlp09.sys [195248 2014-03-26] (Protect Software GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) <==== AANDACHT (geen ServiceDLL)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [183584 2017-11-21] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321032 2017-11-21] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [198968 2017-11-21] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343288 2017-11-21] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57728 2017-11-21] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [172176 2018-01-02] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47008 2017-11-21] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [41832 2017-09-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148288 2017-11-21] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110376 2017-11-21] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84416 2017-11-21] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1026232 2017-11-21] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455376 2017-11-21] (AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203976 2017-11-21] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [364464 2017-11-21] (AVAST Software)
S3 CMUSBDAC; C:\Windows\System32\DRIVERS\CMUSBDAC.sys [594944 2014-09-19] (C-MEDIA)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 hmpalert; C:\Windows\system32\drivers\hmpalert.sys [290528 2017-11-22] (SurfRight B.V.)
R3 hmpnet; C:\Windows\system32\drivers\hmpnet.sys [92712 2017-11-22] (SurfRight B.V.)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-09-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 usbscan; C:\Windows\SysWOW64\DRIVERS\usbscan.sys [12400 1999-10-13] (Microsoft Corporation) [Bestand niet getekend]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2018-01-03 11:00 - 2018-01-03 11:00 - 000023059 _____ C:\Users\Rene\Desktop\FRST.txt
2018-01-03 10:46 - 2018-01-03 10:46 - 000038755 _____ C:\Users\Rene\Desktop\MTB.txt
2018-01-03 10:45 - 2017-11-26 11:38 - 008261584 _____ (Malwarebytes) C:\Users\Rene\Desktop\adwcleaner_7.0.4.0.exe
2018-01-03 10:45 - 2017-11-25 20:00 - 005659763 ____R (Swearware) C:\Users\Rene\Desktop\ComboFix.exe
2018-01-03 10:45 - 2017-11-25 17:20 - 002393088 _____ (Farbar) C:\Users\Rene\Desktop\FRST64.exe
2018-01-03 10:45 - 2017-11-25 16:54 - 000892416 _____ (Farbar) C:\Users\Rene\Desktop\MiniToolBox.exe
2018-01-03 09:48 - 2018-01-03 09:48 - 000000000 ____D C:\ProgramData\SWCUTemp
2018-01-02 17:13 - 2018-01-02 17:05 - 000172176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-12-22 19:12 - 2017-12-22 19:12 - 000590879 _____ C:\Users\Rene\Desktop\tickets_SW identities.pdf
2017-12-10 14:13 - 2017-12-10 14:14 - 000000000 ____D C:\Windows\System32\Tasks\Taken voor Logboeken
2017-12-10 14:03 - 2017-12-10 14:03 - 027677944 _____ (albelli NL ) C:\Users\Rene\Downloads\albelli_NL(2).exe
2017-12-09 13:18 - 2017-12-09 13:18 - 018610346 _____ C:\Users\Rene\Downloads\Re__Fw__Sinterklaas(5).zip
2017-12-09 13:17 - 2017-12-09 13:18 - 005765551 _____ C:\Users\Rene\Downloads\Re__Fw__Sinterklaas(4).zip
2017-12-09 13:17 - 2017-12-09 13:17 - 010055975 _____ C:\Users\Rene\Downloads\Re__Fw__Sinterklaas(3).zip
2017-12-09 13:11 - 2017-12-09 13:11 - 001861907 _____ C:\Users\Rene\Downloads\Fwd__41_afbeeldingen_voor_u.zip
2017-12-07 19:38 - 2017-12-07 19:38 - 000000000 ____D C:\Users\Rene\Desktop\Marktplaats gezeik
2017-12-07 18:51 - 2017-12-07 18:52 - 005842705 _____ C:\Users\Rene\Downloads\Untitled_Message (1).zip
2017-12-07 18:50 - 2017-12-07 18:50 - 000000031 _____ C:\Users\Rene\Downloads\ATT00001.txt
2017-12-06 15:25 - 2017-12-06 15:25 - 000000000 ____D C:\Program Files\Common Files\Avast Software

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2018-01-03 11:00 - 2017-11-25 17:23 - 000000000 ____D C:\FRST
2018-01-03 10:59 - 2017-07-02 17:03 - 000000000 ____D C:\Windows\CryptoGuard
2018-01-03 10:58 - 2014-03-25 13:21 - 000000000 ____D C:\ProgramData\NVIDIA
2018-01-03 10:58 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-01-03 10:49 - 2009-07-14 05:45 - 000029120 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-01-03 10:49 - 2009-07-14 05:45 - 000029120 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-01-03 10:48 - 2011-04-12 14:00 - 000154996 _____ C:\Windows\system32\perfc013.dat
2018-01-03 10:48 - 2011-04-12 14:00 - 000038278 _____ C:\Windows\system32\perfh013.dat
2018-01-03 10:48 - 2009-07-14 06:13 - 000966202 _____ C:\Windows\system32\PerfStringBackup.INI
2018-01-03 10:48 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2018-01-03 10:47 - 2016-11-20 16:49 - 000000000 ____D C:\Users\Rene\AppData\LocalLow\Mozilla
2018-01-03 10:43 - 2014-07-22 08:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-01-03 09:48 - 2017-07-02 17:03 - 000000000 ____D C:\ProgramData\HitmanPro.Alert
2018-01-02 17:44 - 2017-07-02 17:03 - 000000000 ____D C:\ProgramData\HitmanPro
2018-01-02 17:39 - 2014-03-25 17:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-01-02 17:22 - 2016-10-21 10:44 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-12-24 14:15 - 2014-11-01 13:33 - 000000000 ____D C:\Users\Rene\AppData\Local\ElevatedDiagnostics
2017-12-24 13:45 - 2015-03-09 10:47 - 000000000 ____D C:\Users\Rene\Documents\Jacqueline
2017-12-14 12:40 - 2014-06-05 15:15 - 000002183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-14 12:40 - 2014-06-05 15:15 - 000002171 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-12-10 14:20 - 2016-03-28 13:21 - 000000000 ____D C:\Users\Rene\AppData\Local\Albelli Fotoboeken
2017-12-09 13:20 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-06 15:25 - 2015-12-03 14:26 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2017-12-04 18:44 - 2017-03-19 12:51 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update

==================== Bestanden in de root van sommige mappen =======

2015-09-13 15:43 - 2015-09-13 15:43 - 000000102 _____ () C:\Users\Tijn\ConnectDS4.bat
2015-08-12 22:22 - 2015-12-18 23:07 - 003214848 _____ () C:\Users\Tijn\DS4Windows.exe
2013-02-26 07:28 - 2013-02-26 07:28 - 000027762 _____ () C:\Program Files\changes.txt
2013-02-26 07:34 - 2013-02-26 07:34 - 002547384 _____ (Beepa P/L) C:\Program Files\fraps.exe
2013-02-26 07:34 - 2013-02-26 07:34 - 000234168 _____ (Beepa P/L) C:\Program Files\fraps32.dll
2013-02-26 07:34 - 2013-02-26 07:34 - 000068792 _____ (Beepa P/L) C:\Program Files\fraps64.dat
2013-02-26 07:34 - 2013-02-26 07:34 - 000186552 _____ (Beepa P/L) C:\Program Files\fraps64.dll
2013-02-26 07:30 - 2013-02-26 07:30 - 000140288 _____ (Beepa P/L) C:\Program Files\frapslcd.dll
2013-02-26 07:27 - 2013-02-26 07:27 - 000001894 _____ () C:\Program Files\README.HTM

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend

LastRegBack: 2017-12-19 08:02

==================== Eind van FRST.txt ============================

en hier het addition txt bestand

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 24-11-2017 01
Gestart door Rene (03-01-2018 11:00:49)
Gestart vanaf C:\Users\Rene\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-03-25 12:00:44)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3012430077-1547949342-670151222-500 - Administrator - Disabled)
Gast (S-1-5-21-3012430077-1547949342-670151222-501 - Limited - Disabled)
Rene (S-1-5-21-3012430077-1547949342-670151222-1003 - Administrator - Enabled) => C:\Users\Rene
Tijn (S-1-5-21-3012430077-1547949342-670151222-1002 - Administrator - Enabled) => C:\Users\Tijn

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

Aangifte inkomstenbelasting 2014 (HKLM-x32\...\Aangifte inkomstenbelasting 2014) (Version: - Belastingdienst)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 27.0.0.124 - Adobe Systems Incorporated)
Adobe Anchor Service x64 CS4 (HKLM\...\{887797BF-37A5-4199-B0C9-0D38D6196E9A}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps x64 CS4 (HKLM\...\{90BA8112-80B3-4617-A3C1-BD2771B60F74}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe CSI CS4 x64 (HKLM\...\{8DAA31EB-6830-4006-A99F-4DF8AB24714F}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.6 - Adobe Systems Incorporated)
Adobe Drive CS4 x64 (HKLM\...\{A3454894-144A-4D80-B605-C128FE0D7329}) (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.187 - Adobe Systems Incorporated)
Adobe Fonts All x64 (HKLM\...\{6631325A-9B1B-4EE7-8E64-8CC4A6F10643}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Linguistics CS4 x64 (HKLM\...\{8875A1C0-6308-4790-8CF6-D34E89880052}) (Version: 4.0.0 - Adobe Systems Incorporated) Hidden
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
Adobe PDF Library Files x64 CS4 (HKLM\...\{DFFABE78-8173-4E97-9C5C-22FB26192FC5}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (64 Bit) (HKLM\...\{D40172D6-CE2D-4B72-BF5F-26A04A900B7B}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS4 (HKLM-x32\...\Adobe_faf656ef605427ee2f42989c3ad31b8) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.1.201 - Adobe Systems, Inc.)
Adobe Type Support x64 CS4 (HKLM\...\{8C8D673B-20FB-43E6-BCB7-9B3F78F2E762}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe WinSoft Linguistics Plugin x64 (HKLM\...\{295CFB7C-A57E-4313-93E7-68E7CE1D0332}) (Version: 1.1 - Adobe Systems Incorporated) Hidden
Albelli Fotoboeken (HKU\S-1-5-21-3012430077-1547949342-670151222-1003\...\{B7961CCE-CF36-4858-BC1A-D06D3D25ECE5}_is1) (Version: 13.0.1.2436 - albelli NL)
Any Video Converter 5.5.9 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (32-bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Blender (HKLM\...\{3ABDE236-0A3F-4D0D-BECB-DB67EE21C593}) (Version: 2.77.0 - Blender Foundation)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Connect (HKLM-x32\...\{B29AD377-CC12-490A-A480-1452337C618D}) (Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden
CyberView X - SF v1.30 (build 20110526) (HKLM-x32\...\{D8FF6E29-36B4-474F-A88F-973087650C00}) (Version: 1.30.000 - Pacific Image ELectronics Co., Ltd.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Electronic Arts Product Registration (HKLM-x32\...\{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts) Hidden
Electronic Arts Product Registration (HKLM-x32\...\InstallShield_{D7D50E0C-27DD-4999-BC05-E026B580F93A}) (Version: 1.01.0000 - Electronic Arts)
Epson Easy Photo Print 2 (HKLM-x32\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
Epson Stylus SX510W_TX550W Handboek (HKLM-x32\...\Epson Stylus SX510W_TX550W Gebruikershandleiding) (Version: - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 6.09 - NCH Software)
Express Scribe Transcription Software (HKLM-x32\...\Scribe) (Version: 6.06 - NCH Software)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\Firebird SQL Server NL) (Version: 2.0.0.1 - MAGIX AG)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.84 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hema Fotoalbum (HKU\S-1-5-21-3012430077-1547949342-670151222-1003\...\{83EF9202-135C-4AFC-A083-DE9D09C6BC46}_is1) (Version: 9.1.1.1057 - Hema)
HEMA fotoservice (HKLM-x32\...\{5AA74D8E-4E02-401A-BCCE-C7565BEBE289}_is1) (Version: - Hema NL)
HitmanPro.Alert 3 (HKLM\...\HitmanPro.Alert) (Version: 3.7.1.723 - SurfRight B.V.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
iTunes (HKLM\...\{C690D43D-4ECF-4904-A0AC-09AFD4BEA6BF}) (Version: 12.7.1.14 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
K-Lite Codec Pack 10.9.0 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
kuler (HKLM-x32\...\{098727E1-775A-4450-B573-3F441F1CA243}) (Version: 2.0 - Adobe Systems Incorporated) Hidden
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
MAGIX Foto Manager 2007 4.1.1.89 (NL) (HKLM-x32\...\MAGIX Foto Manager 2007 NL) (Version: 4.1.1.89 - MAGIX AG)
MAGIX Music Manager 2007 8.1.1.98 (NL) (HKLM-x32\...\MAGIX Music Manager 2007 NL) (Version: 8.1.1.98 - MAGIX AG)
MAGIX Video deluxe 2008 PLUS 7.0.2.3 (NL) (HKLM-x32\...\MAGIX Video deluxe 2008 PLUS NL) (Version: 7.0.2.3 - MAGIX AG)
MAGIX Xtreme Photo Designer 6 6.0.20.0 (NL) (HKLM-x32\...\MAGIX Xtreme Photo Designer 6 NL) (Version: 6.0.20.0 - MAGIX AG)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft .NET Framework 4.7 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Movavi Video Converter 17 (HKLM-x32\...\Movavi Video Converter 17) (Version: 17.2.1 - Movavi)
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 57.0.3 (x64 nl) (HKLM\...\Mozilla Firefox 57.0.3 (x64 nl)) (Version: 57.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 57.0.3.6569 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM-x32\...\{ADD9E56D-2DD8-448A-8887-B3AF76AB1043}) (Version: 7.02.4413 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
Nikon Message Center (HKLM-x32\...\{D2FCC1AE-6311-47C5-8130-C6C66D77DD71}) (Version: 0.92.000 - Nikon)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.9.2 - Nikon)
Nikon RAW Codec (HKLM-x32\...\{C8616041-2802-4DE2-B3BD-6285AAD65C2A}) (Version: 1.00.0000 - Nikon)
NVIDIA 3D Vision controllerstuurprogramma 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX systeemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CS4 (HKLM-x32\...\{35D94F92-1D3A-43C5-8605-EA268B1A7BD9}) (Version: 9.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Photomatix Pro version 3.2.9 (HKLM-x32\...\PhotomatixPro3x32_is1) (Version: 3.2.9 - HDRsoft Sarl)
Photoshop Camera Raw (HKLM-x32\...\{CC75AB5C-2110-4A7F-AF52-708680D22FE8}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Photoshop Camera Raw_x64 (HKLM\...\{2D74E972-5A85-44DC-9193-8A302BA8C181}) (Version: 5.0 - Adobe Systems Incorporated) Hidden
Picture Control Utility (HKLM-x32\...\{87441A59-5E64-4096-A170-14EFE67200C3}) (Version: 1.1.2 - Nikon)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.5.1 - Nikon)
Prism Video File Converter (HKLM-x32\...\Prism) (Version: 3.04 - NCH Software)
ProtectDisc Helper Driver (HKLM-x32\...\ProtectDisc Driver) (Version: 9.1.0.0 - )
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.75.827.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7982 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16113.3 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17054.16 - Samsung Electronics Co., Ltd.)
Stamp ID3 Tag Editor (HKLM-x32\...\Stamp) (Version: 2.39 - NCH Software)
Suite Shared Configuration CS4 (HKLM-x32\...\{842B4B72-9E8F-4962-B3C1-1C422A5C4434}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom MyDrive Connect 4.1.5.3181 (HKLM-x32\...\MyDriveConnect) (Version: 4.1.5.3181 - TomTom)
Uplay (HKLM-x32\...\Uplay) (Version: 15.0 - Ubisoft)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 5.04 - NCH Software)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.9.2 - Nikon)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-21] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-21] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-21] (AVAST Software)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers2: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-21] (AVAST Software)
ContextMenuHandlers3: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation)
ContextMenuHandlers5: [{C95FFEAE-A32E-4122-A5C4-49B5BFB69795}] -> {C95FFEAE-A32E-4122-A5C4-49B5BFB69795} => C:\Program Files\Common Files\Adobe\Adobe Drive CS4\ADFSMenu.dll [2008-08-14] (Adobe Systems Incorporated)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-11-21] (AVAST Software)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {06C96920-EE91-4931-AF4B-45C796BE0DC6} - System32\Tasks\{577D84A5-79DF-43E9-8642-6C4FA4CA59F2} => C:\Windows\TWAIN_32\CyberViewX_SF\PfsLoader.exe [2009-09-21] ()
Task: {0ADE57E4-A01C-4928-B3C3-61E722C5F8AC} - System32\Tasks\{6100127D-B1EF-4404-89EB-17D54E4788E5} => C:\Program Files (x86)\Nikon\Nikon Transfer\NktTransfer.exe
Task: {0C077CB2-B4E9-4552-A2C9-0BA979648BF6} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {0C78B06C-AC1E-4236-8A07-175C57E7CED3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {1B564BE4-6A3A-4C61-9D22-C3ECE4707DDF} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-06] (AVAST Software)
Task: {26CA9F09-4129-4DD0-93C2-613A557947B8} - System32\Tasks\{A4BD855F-148A-4BCB-80FC-FC2AEE26F950} => C:\Windows\system32\pcalua.exe -a E:\BIN\DEMO32.EXE -d E:\BIN
Task: {2F73430D-A23A-4510-B272-9737581A7E60} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {3B68EB55-A9ED-43D7-99F5-2FB94DC419DF} - System32\Tasks\{B359BD26-B23A-473F-8B11-E6D609F3A59C} => C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Videodeluxe.exe [2007-07-27] (MAGIX AG)
Task: {403FB5D5-28CF-4A67-9378-5C640280383F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6154B866-1D6D-49F0-897C-8D07275EE5CB} - System32\Tasks\{3BB76BE2-6A65-49EF-BDCC-484B5BDFAEA2} => C:\Users\Rene\Downloads\SWTOR_setup.exe [2015-10-24] ()
Task: {736AB823-E467-4FE7-99FE-50D3A0DD2FA3} - System32\Tasks\XboxStatTask => C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe [2009-09-30] (Microsoft Corporation)
Task: {7BF0A7D1-3C4C-461E-8F35-956E0F878909} - System32\Tasks\SafeZone scheduled Autoupdate 1468600429 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {9B8D5345-9D48-4E82-AD4B-1B26D12CAEAD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-21] (AVAST Software)
Task: {A1BF1661-6C1A-4A11-BC40-B9586B62C9CE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-16] (Adobe Systems Incorporated)
Task: {A54BD9BB-BEFA-4843-9E41-2D8AF457C8C3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {B015F00C-D380-462D-A494-AB3C483F156C} - System32\Tasks\{FB9B41FD-0F75-4AD5-A4EB-ACF560719D72} => C:\Windows\TWAIN_32\CyberViewX_SF\PfsLoader.exe [2009-09-21] ()
Task: {B697AF17-EB1A-4297-9C80-B38C0542E314} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {C4546099-7B4E-4BF6-BD84-34D565B750E6} - System32\Tasks\{F5A91040-4121-4D07-BB53-3173A505A6CF} => "C:\Program Files\Internet Explorer\iexplore.exe" hxxp://ui.skype.com/ui/0/7.14.0.106/nl/abandoninstall?page=tsProgressBar
Task: {D54E3E77-AC86-4D10-A3F6-9917519DD00B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {D69C16DA-012B-402E-967A-25ED132B828D} - System32\Tasks\{CA3964ED-0B7D-4457-82A5-AF41F7B9B04D} => C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\Videodeluxe.exe [2007-07-27] (MAGIX AG)
Task: {E3469C1C-0F49-42A5-AE3F-3B77366747EA} - System32\Tasks\{9060EA4F-6676-44FE-AEC3-F6CB631A3B34} => E:\LAUNCH.EXE

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


Shortcut: C:\Users\Rene\Favorites\NCH Software Download Site.lnk -> hxxp://www.nchsoftware.com/index.htm

==================== Geladen Modules (gefilterd) ==============

2014-03-25 13:21 - 2015-08-07 01:44 - 000116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-03-25 13:02 - 2013-05-07 08:45 - 000936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2013-09-04 23:17 - 2013-09-04 23:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2017-11-21 17:17 - 2017-11-21 17:17 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2018-01-03 09:49 - 2018-01-03 09:49 - 005767312 _____ () C:\Program Files\AVAST Software\Avast\defs\18010300\algo.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2014-03-25 13:02 - 2018-01-03 10:58 - 000027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-03-25 13:02 - 2013-05-07 08:45 - 000104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2017-07-10 17:46 - 2017-07-10 17:46 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-21 17:17 - 2017-11-21 17:17 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2014-03-25 19:50 - 2009-03-12 15:45 - 000135168 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2014-03-25 19:50 - 2008-11-21 13:58 - 000057344 ____N () C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-03-25 13:06 - 2013-09-16 05:19 - 001242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 03:34 - 2017-11-25 20:16 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-3012430077-1547949342-670151222-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Rene\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: aswbIDSAgent => 3
MSCONFIG\Services: avast! Antivirus => 2
MSCONFIG\Services: BFE => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [TCP Query User{C072182C-C82B-49D0-B8B0-1923D23D4E5D}C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe] => (Allow) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
FirewallRules: [UDP Query User{99B8A286-2C76-4CFB-9F0D-8B472AC09D29}C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe] => (Allow) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
FirewallRules: [{9CB96EF9-B882-4F13-93FE-2F11685567B0}] => (Block) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
FirewallRules: [{A60EBD36-1136-4BDA-8B94-6F0667B2B12A}] => (Block) C:\program files (x86)\Epson Software\Event Manager\eeventmanager.exe
FirewallRules: [TCP Query User{6E83D100-E4FB-40F9-BD19-3D8F7F5514F3}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [UDP Query User{D363791F-4B97-43B2-874B-86422966D6C1}C:\program files (x86)\nero\nero 7\nero home\nerohome.exe] => (Block) C:\program files (x86)\nero\nero 7\nero home\nerohome.exe
FirewallRules: [{A7AB5030-8638-4DCC-9EE2-BAABE387B51D}] => (Allow) LPort=0
FirewallRules: [{D6B598CB-0316-4FC2-B216-85578C3092A5}] => (Allow) LPort=2869
FirewallRules: [{7218D4ED-7100-4F10-8398-3C06840B5515}] => (Allow) LPort=1900
FirewallRules: [{A52D56A9-1B4F-4D77-A971-5507CE8BCE4F}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [{5EDAF032-E2E5-4A9E-840F-B28BE9666CE8}] => (Allow) C:\Program Files (x86)\Common Files\MAGIX Shared\UPnPService\UPnPService.exe
FirewallRules: [TCP Query User{BE469ECC-2970-48A1-936A-7203849D02C4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{C52EACCD-A337-4D9D-8578-0B68F8791B69}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{97FC5F65-FBB4-4CB8-9A88-AE53A9FF337B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{83304D6A-BC0C-4CFC-83D0-21FC1E0B4F19}] => (Allow) LPort=2869
FirewallRules: [{BDD18DE2-894B-4D7E-B472-2A415C44D59E}] => (Allow) LPort=1900
FirewallRules: [{1778CE7B-4853-4962-8523-11BC4B79ED39}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{2F0A41C7-C601-40D2-8497-A5F0D35EC95C}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [UDP Query User{47995C3F-7DBF-4BF7-AE62-69E4B2EAD62E}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe
FirewallRules: [{791AAD39-B502-429A-A167-75AA8C1715B0}] => (Allow) LPort=5353
FirewallRules: [{308A5D8A-D0D2-4479-99BF-A665FD6A989A}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{905BED7A-5A95-41C1-B469-645796C5DD90}] => (Allow) C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe
FirewallRules: [{55871F55-CDF4-4A16-B9C9-6556EFB73911}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B01D1240-D483-49D4-A461-B66D0BF96994}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0C2CEC85-1602-458B-9C1A-970ED4BCE24E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{24CF6FD6-C408-4472-805C-AB7962132E8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{140D3376-D8E1-4051-9C99-B1F86CE805BD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AF914004-FE6C-46B4-A8EA-CBD02709410A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F4604D09-1881-4FC7-B926-9923C4E3D1C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1E0F8FD2-EA78-403E-BACC-D4C817EE1CC5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76F761FE-B01F-4CF3-92DB-27DCBECDD9E1}] => (Allow) I:\Battle.net\Battle.net.exe
FirewallRules: [{7E912197-5EF6-487D-AED2-9B089D32FD3F}] => (Allow) I:\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{C0AA208D-F6BD-421E-ACD8-FB9FB758D0E7}I:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) I:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1B92C396-0420-451A-A094-873DD8B5A6C7}I:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Block) I:\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [{E4B5A136-0386-4D9C-B838-CB31845C643C}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{17321754-062A-4FDA-B596-4AA87A243ADA}] => (Allow) I:\Steam\Steam.exe
FirewallRules: [{84ED63A5-3578-4D9B-A8EA-40AF880E82AD}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B0F25A3C-374A-406F-AF31-7FBD23BBA703}] => (Allow) I:\Steam\bin\steamwebhelper.exe
FirewallRules: [{95E39129-82D4-4845-B2ED-0519FB002B05}] => (Allow) I:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{CB700887-5889-45ED-BBD8-B61E4AE84C53}] => (Allow) I:\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [TCP Query User{952942FA-9152-43B9-B3C3-2286AD2FFBDC}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Allow) C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe
FirewallRules: [UDP Query User{316D3BAE-B981-4E4F-A9A0-F1E7568A5C29}C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe] => (Allow) C:\program files (x86)\common files\adobe\cs4servicemanager\cs4servicemanager.exe
FirewallRules: [{21E5550F-55D5-49EA-927A-8FFA212976B7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0001C997-D932-4A7E-B786-0BBEC335DF4D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{52B792E4-69FD-42AE-8E4E-E0AB069A46E2}] => (Allow) G:\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{88BA13C1-5046-496B-B8B3-8D0E58B75F00}] => (Allow) G:\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{F6995302-175A-42C4-9737-973969EFFC2A}] => (Allow) G:\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{2AB6D93D-6C14-4FEC-B847-FA4F2ED85238}] => (Allow) G:\SteamLibrary\steamapps\common\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{1D49D0E2-458D-40AB-BA57-274CEF6B9B11}] => (Allow) G:\SteamLibrary22\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{8268252C-4902-46D3-BDBB-5B5A27BA31A8}] => (Allow) G:\SteamLibrary22\steamapps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{47814C94-7962-43FA-ABDC-E84116536040}] => (Allow) LPort=2869
FirewallRules: [{43927AC6-E4C1-449B-B9F7-7DC2C15D3B79}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{B784C9B5-3D0D-45BC-A551-0493DB45BF87}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{37923F1D-47DC-4ACB-8DF6-505D0E554204}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{29D8AC31-E881-47DB-BB2A-901C50B14D9D}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{51B845EA-14BD-48CA-AEBC-CA924E0BC7C3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{8D49B0FE-3E2B-4128-B6E4-6AF4B4484476}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{72831FBB-7B38-44A6-8578-1777BEE96DF9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{6D45BA80-A393-4C1B-AB95-09C0823FEFF9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{391CF041-1D87-422F-8D4C-62FC7D81D29E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{D7F75AAF-3A2D-45A3-AE9C-394B8A074992}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{1838D386-57A9-48C1-A0F2-5B52B8D408A1}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{ED7049B4-6B92-47FB-82D5-129565E0F192}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{E0F7D8A5-6F6B-49B3-9621-1A4AD7E4E3A3}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{6891930E-E03E-4758-BBD0-5420E0E623AF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B7B2404E-7B34-42BC-AFCD-4CAA4AE81AAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

21-12-2017 11:44:53 Gepland controlepunt

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (12/11/2017 08:51:26 AM) (Source: HitmanPro.Alert) (EventID: 800) (User: )
Description: Malware found:

MalwareBlocked
Mitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/11/2017 08:27:03 AM) (Source: HitmanPro.Alert) (EventID: 800) (User: )
Description: Malware found:

MalwareBlocked
Mitigation MalwareBlocked

Platform 6.1.7601/x64 v723 06_3c
PID 1224
Application C:\Users\Rene\Downloads\COMBOFIX(1).EXE
Description App/NirCmd-Gen

SHA256: 66454adbfcaa39efda09bd37326293efeee0a1c1d622c163c99e5a5e67b08047

Error: (12/10/2017 02:11:36 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 4716
Application C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp [4716]
"C:\Users\Rene\AppData\Local\Temp\is-86GJE.tmp\albelli_NL(2).tmp" /SL5="$A03CA,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [4188]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:06:29 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 5356
Application C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\unins000.exe [5356]
2 C:\Windows\explorer.exe [4044]
3 C:\Windows\System32\userinit.exe [4896]

Thumbprint
2782f6ca5058252cb54f139e1a19a9aa13ce240374ef702f6999eef3fa515e7c

Error: (12/10/2017 02:05:49 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6776
Application C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp [6776]
"C:\Users\Rene\AppData\Local\Temp\is-I2EJH.tmp\albelli_NL(2).tmp" /SL5="$4063C,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6640]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:17 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6140
Application C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp [6140]
"C:\Users\Rene\AppData\Local\Temp\is-SSCJ6.tmp\albelli_NL(2).tmp" /SL5="$404A0,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6416]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:05:01 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6852
Application C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp [6852]
"C:\Users\Rene\AppData\Local\Temp\is-G35NT.tmp\albelli_NL(2).tmp" /SL5="$60530,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [6468]
3 C:\Windows\explorer.exe [4044]
4 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:04:03 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 7628
Application C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp [7628]
"C:\Users\Rene\AppData\Local\Temp\is-2M8S6.tmp\albelli_NL(2).tmp" /SL5="$4035E,27273886,141824,C:\Users\Rene\Downloads\albelli_NL(2).exe"
2 C:\Users\Rene\Downloads\albelli_NL(2).exe [7600]
3 C:\Program Files (x86)\Mozilla Firefox\firefox.exe [1712]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
1359bff7acf6c96a610773ebca1c216d87af3c82e84bccf02462c81520864bbe

Error: (12/10/2017 02:02:24 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6768
Application C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp [6768]
"C:\Users\Rene\AppData\Local\Temp\is-8PCRL.tmp\WindowsEditorSetup_installed.tmp" /SL5="$20304,27273886,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [3156]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [6436]
4 C:\Windows\explorer.exe [4044]
5 C:\Windows\System32\userinit.exe [4896]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a

Error: (12/09/2017 01:26:58 PM) (Source: HitmanPro.Alert) (EventID: 911) (User: )
Description: Mitigation CodeCave

Platform 6.1.7601/x64 v723 06_3c
PID 6004
Application C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp
Description Setup/Uninstall

Intersectional control flow detected!



Process Trace
1 C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp [6004]
"C:\Users\Rene\AppData\Local\Temp\is-NGUK9.tmp\WindowsEditorSetup_installed.tmp" /SL5="$100174,26588596,141824,C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
2 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe [4244]
"C:\Users\Rene\AppData\Local\Albelli Fotoboeken\Update\WindowsEditorSetup_installed.exe" /SP- /SILENT
3 C:\Users\Rene\AppData\Local\Albelli Fotoboeken\apc.exe [2944]
4 C:\Windows\explorer.exe [3824]
5 C:\Windows\System32\userinit.exe [4240]

Thumbprint
a6b1091b0752fc7a19bd75b916d284a0f15bdc2fca46aac09154f1f59e4c5b1a


Systeemfouten:
=============
Error: (01/03/2018 10:58:13 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 10:56:40 op ‎3-‎1-‎2018 is onverwacht gebeurd.

Error: (01/03/2018 10:41:29 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 10:39:44 op ‎3-‎1-‎2018 is onverwacht gebeurd.

Error: (01/02/2018 05:39:13 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 17:38:00 op ‎2-‎1-‎2018 is onverwacht gebeurd.

Error: (01/02/2018 05:22:04 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: De vorige afsluiting van het systeem om 17:20:58 op ‎2-‎1-‎2018 is onverwacht gebeurd.

Error: (12/28/2017 09:41:23 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/22/2017 06:17:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/21/2017 10:01:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {F9717507-6651-4EDB-BFF7-AE615179BCCF} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.

Error: (12/21/2017 10:01:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/13/2017 10:01:38 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.

Error: (12/13/2017 11:36:35 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Bij de schaduwkopieën van volume C: zijn afgebroken omdat de schaduwkopieopslag niet kan worden uitgebreid vanwege een door de gebruiker opgelegde limiet.


CodeIntegrity:
===================================
Date: 2017-11-25 20:12:15.226
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:15.101
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:14.992
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2017-11-25 20:12:14.883
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

Date: 2016-09-11 15:01:32.153
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportIaso64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:56:04.362
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.922
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.828
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.813
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

Date: 2016-09-11 14:55:43.672
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609042.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage geheugen in gebruik: 24%
Totaal fysiek RAM-geheugen: 8130.06 MB
Beschikbaar fysiek RAM-geheugen: 6107.4 MB
Totaal Virtueel geheugen: 16258.3 MB
Beschikbaar Virtual geheugen: 14226.24 MB

==================== Schijven ================================

Drive c: (C schijf) (Fixed) (Total:119.14 GB) (Free:1.7 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:876.44 GB) NTFS
Drive f: (LaCie) (Fixed) (Total:698.64 GB) (Free:6.02 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: A588750C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A5887519)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 454C620C)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== Eind van Addition.txt ============================
 
Doe het volgende eens:

Stap 1

Download de Windows repair tool via Techspot KLIK

Stap 2

1 Start de tool op

vervolgens krijg je het volgende venster te zien:

574734aeaa325-2016-05-26_19_30_30-Foto_s.png


2 Klik eerst op repairs (Groene vakje)

3 klik daarna op Open repairs (rode vakje)

5 klik vervolgens op Start repairs (rode vakje onderstaande foto.)

5747354ce2680-2016-05-26_19_30_46-Foto_s.png


Wacht daarna tot deze klaar is (kan lang duren) en herstart de pc.
 
Ik heb het programma gedownload en laten draaien. De logfiles zijn erg lang. Vervolgens de pc opnieuw opgestart. Zijn er nu vervolgacties nodig?
 
In principe niet. Kijken hoe de pc nu werkt en of je de problemen nog hebt.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan