Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 07.11.2018 Gestart door henk (08-11-2018 14:41:47) Gestart vanaf C:\Users\henk\Desktop Windows 7 Home Premium Service Pack 1 (X64) (2010-04-10 13:58:08) Boot Modus: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1209327029-604838399-101022576-500 - Administrator - Disabled) Gast (S-1-5-21-1209327029-604838399-101022576-501 - Limited - Disabled) henk (S-1-5-21-1209327029-604838399-101022576-1000 - Administrator - Enabled) => C:\Users\henk ==================== Security Center ======================== (Als een item is opgenomen in de fixlist, zal het worden verwijderd.) AV: BullGuard Antivirus (Enabled - Up to date) {0C5A09FB-657F-B94D-DF1B-BB843C6EE0E4} AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B} AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: BullGuard Antispyware (Enabled - Up to date) {B73BE81F-4345-B6C3-E5AB-80F647E9AA59} FW: BullGuard Firewall (Disabled) {346188DE-2F10-B815-F444-12B1C2BDA79F} ==================== Geïnstalleerde programma's ====================== (Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.) 4K Video Downloader 4.1 (HKLM-x32\...\4K Video Downloader_is1) (Version: 4.1.2.2075 - Open Media LLC) 4K Video Downloader 4.3 (HKLM-x32\...\{D0CA3944-0FD5-40FF-97A1-FEDFFB5EE31F}) (Version: 4.3.2.2215 - Open Media LLC) Aangifte inkomstenbelasting 2012 (HKLM-x32\...\Aangifte inkomstenbelasting 2012) (Version: - Belastingdienst) Aangifte inkomstenbelasting 2013 (HKLM-x32\...\Aangifte inkomstenbelasting 2013) (Version: - Belastingdienst) ACDSee Pro 3 (HKLM-x32\...\{1B280FAF-AE10-4E31-A41A-DB3917D651DC}) (Version: 3.0.386 - ACD Systems International Inc.) Ace Utilities (HKLM\...\Ace Utilities_is1) (Version: 6.2.1 - Acelogix Software) Acer Arcade Deluxe (HKLM-x32\...\{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.) Hidden Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.) Acer Crystal Eye Webcam (HKLM-x32\...\{7760D94E-B1B5-40A0-9AA0-ABF942108755}) (Version: 5.2.5.3 - Suyin Optronics Corp) Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3004 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3006 - Acer Incorporated) Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0901 - Acer Incorporated) Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated) Adblock Plus for IE (HKLM-x32\...\{fd97d1e2-368a-4cd9-af63-8eeff938044a}) (Version: 1.1 - ) Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH) Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.4 - Adobe Systems Incorporated) Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.1.0 - Adobe Systems Incorporated) Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.6.147 - Adobe Systems, Inc.) Apowersoft Gratis Audiorecorder V3.0.7 (HKLM-x32\...\{E35F91E4-C68C-43E8-BE90-35CDEE4E5730}_is1) (Version: 3.0.7 - APOWERSOFT LIMITED) Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.10 - Atheros Communications Inc.) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Avery DesignPro (HKLM-x32\...\{2CC982C0-7EAE-11D4-ACC3-0050568AD318}) (Version: - ) BullGuard Antivirus (HKLM\...\BullGuard) (Version: 19.0 - BullGuard Ltd.) Bullzip PDF Printer 9.7.0.1592 (HKLM\...\Bullzip PDF Printer_is1) (Version: 9.7.0.1592 - Bullzip) Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG5500 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5500_series) (Version: 1.01 - Canon Inc.) Canon MG5500 series On-screen Manual (HKLM-x32\...\Canon MG5500 series On-screen Manual) (Version: 7.6.1 - Canon Inc.) Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - ) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 2.0.1 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 2.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.2.1 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.14.20.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.8.6795 - CDBurnerXP) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.1 - Corel Corporation) Hidden CorelDRAW Graphics Suite X8 (HKLM\...\{AFBFA0AC-1173-4C13-B9DC-5CF211EB50DF}) (Version: 18.1 - Corel Corporation) Hidden CyberLink PowerDirector 12 (HKLM\...\{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5025.0 - Uw bedrijfsnaam) Hidden CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.5025.0 - CyberLink Corp.) Eraser 6.0.9.2343 (HKLM\...\{3D33F6F0-4D90-484D-A1D9-09AE791CCBD9}) (Version: 6.0.2343 - The Eraser Project) FastStone Image Viewer 5.5 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.5 - FastStone Soft) Gebruikersregistratie voor Canon MG5500 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5500 series) (Version: - ‭Canon Inc.) Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc) GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team) Google Analytics Opt-out Browser Add-on (HKLM\...\{1C7AF7AC-821B-456B-9698-EB0A11A02252}) (Version: 0.9.6.0 - Google Inc.) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden Hard Disk Scrubber 3.3 (Remove Only) (HKLM-x32\...\{DE47ADD1-B82B-4B52-AF29-76AE7EF4E19D}_is1) (Version: - Summit Computer Networks, Inc.) HP Support Solutions Framework (HKLM-x32\...\{4CBA8ECF-0519-4583-91ED-F098522245EB}) (Version: 12.9.18.3 - HP Inc.) HVSbackup (HKLM-x32\...\{2DDE7465-D8D8-6EF5-5471-8CE02D709C3B}) (Version: 1.2.1 - UNKNOWN) Hidden HVSbackup (HKLM-x32\...\com.adobe.example.hvsbackup) (Version: 1.2.1 - UNKNOWN) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated) Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation) Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) MAGIX Photo & Graphic Designer (HKLM\...\{886DDD12-C2FE-44D7-A28B-85D676366995}) (Version: 12.1.1.45475 - MAGIX Software GmbH) Hidden MAGIX Photo & Graphic Designer (HKLM-x32\...\MX.{886DDD12-C2FE-44D7-A28B-85D676366995}) (Version: 12.1.1.45475 - MAGIX Software GmbH) Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes) Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01590 - Microsoft Corporation) Microsoft Camera Codec Pack (HKLM\...\{E083C68A-D542-4593-B60D-97C2DE522663}) (Version: 6.3.9723.0 - Microsoft Corporation) Microsoft Digital Image Starter Edition 2006 (HKLM-x32\...\PictureItSuiteTrial_v11) (Version: 11.0.0422 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (Dutch) (HKLM-x32\...\{95120000-00AF-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation) MiDAS Lens Calculator v1.1.0 (HKLM-x32\...\MiDAS Lens Calculator_is1) (Version: - ) Mozilla Firefox 63.0.1 (x64 nl) (HKLM\...\Mozilla Firefox 63.0.1 (x64 nl)) (Version: 63.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0 - Mozilla) MSVC80_x64_v2 (HKLM\...\{4D668D4F-FAA2-4726-834C-31F4614F312E}) (Version: 1.0.3.0 - Nokia) Hidden MSVC80_x86_v2 (HKLM-x32\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden MSVC90_x64 (HKLM\...\{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}) (Version: 1.0.1.2 - Nokia) Hidden MSVC90_x86 (HKLM-x32\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero BurningROM 12 (HKLM-x32\...\{3D9167B2-87EB-4713-90B4-E46F2CAFE28D}) (Version: 12.0.00300 - Nero AG) Nero Prerequisite Installer 2.0 (HKLM-x32\...\{0DBC021C-95D9-435A-A4B0-E6515AFD1A71}) (Version: 12.0.01000 - Nero AG) No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) NTI Backup Now Standard (HKLM-x32\...\{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems) Panda ActiveScan 2.0 (HKLM-x32\...\ActiveScan 2.0) (Version: 01.04.01.0014 - Panda Security) PCKLang.nl (HKLM\...\{FC510C5E-3D08-4BEB-9470-EFDAEB1D3DB1}) (Version: 1.0.0 - Essentware) Hidden PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden Pinnacle Studio 14 (HKLM-x32\...\{AADD1C8F-D59F-4D55-A726-768C71A205A8}) (Version: 14.0.0.7255 - Pinnacle Systems) Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems) PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.) Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0003 - Nero AG) Hidden PxMergeModule (HKLM-x32\...\{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 - Your Company Name) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5904 - Realtek Semiconductor Corp.) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.) Recover Keys (HKLM\...\Recover Keys_is1) (Version: 8.0.3.113 - Recover Keys) Recovery Toolbox for CD Free 2.2 (HKLM-x32\...\Recovery Toolbox for CD Free_is1) (Version: - Recovery Toolbox, Inc.) Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform) Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.) Silver Efex Pro 2 (HKLM-x32\...\Silver Efex Pro 2) (Version: 2.0.0.0 - Nik Software, Inc.) SimpleOCR 3.1 (HKLM-x32\...\SimpleOCR 3.1) (Version: - ) Speccy (HKLM\...\Speccy) (Version: 1.31 - Piriform) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SpyHunter 5 (HKLM-x32\...\SpyHunter5) (Version: 5.0.30.51 - EnigmaSoft Limited) Stuurprogrammapakket voor Windows - Terratec (USB28xxBGA) Media (05/21/2015 5.2015.0521.0) (HKLM\...\0429A6CFC8B39AF5DD9C72F34A4EC9919B3227D9) (Version: 05/21/2015 5.2015.0521.0 - Terratec) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1222 - SUPERAntiSpyware.com) swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Terratec G3 Driver Setup (HKLM-x32\...\{F59F007E-4358-4E70-B5A0-99483314C219}) (Version: 1.00.0000 - ) Terratec G3_x64 (HKLM-x32\...\{E5D2EEE8-1AD8-4963-B096-D019B9A2C5CD}) (Version: 1.00.0000 - Terratec) Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - ) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{23BE4DF2-293D-4077-82F4-1FD8C269277C}) (Version: 10.0.2011.65 - TuneUp Software) Hidden TVUPlayer 2.5.3.1 (HKLM-x32\...\TVUPlayer) (Version: 2.5.3.1 - TVU networks) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft) Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft) Verzoek of wijziging voorlopige aanslag 2015 (HKLM-x32\...\Verzoek of wijziging voorlopige aanslag 2015) (Version: - Belastingdienst) Video Converter Studio V3.1.6 (HKLM-x32\...\{195E8D7F-292B-4B04-A6E7-E96CAF04C767}_is1) (Version: 3.1.6 - Apowersoft) Vinny27 - Adobe Photoshop CS 5.1 Extended NL 64-bit (HKLM\...\{B1D1042E-7139-4F05-8BD8-C803766CF42C}) (Version: 5.1 - Vinny27) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN) Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated) Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Phone app for desktop (HKLM-x32\...\{54EC61F0-6D02-450E-9F1B-9506EAE9F23C}) (Version: 1.1.2726.0 - Microsoft Corporation) Windows-stuurprogrammapakket - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.) Windows-stuurprogrammapakket - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S) Youtube Downloader HD v. 2.9.9.41 (HKLM-x32\...\Youtube Downloader HD_is1) (Version: - YoutubeDownloaderHD.com) ==================== Aangepaste CLSID (gefilterd): ========================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => -> Geen bestand ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => -> Geen bestand ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => -> Geen bestand ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Geen bestand ContextMenuHandlers1: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2011-11-05] (The Eraser Project) ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Geen bestand ContextMenuHandlers1: [PhoXo] -> {47F14307-F923-44F9-86CB-A1E193DA6070} => -> Geen bestand ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-03-14] (Safer-Networking Ltd.) ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-03-14] (Safer-Networking Ltd.) ContextMenuHandlers1: [WipeExt] -> {721A1B24-EC8B-4eda-9CCE-39720B9FA747} => C:\Program Files\Ace Utilities\wipext.dll [2016-08-09] (Acelogix Software) ContextMenuHandlers2: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2011-11-05] (The Eraser Project) ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Geen bestand ContextMenuHandlers2: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => -> Geen bestand ContextMenuHandlers2: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => -> Geen bestand ContextMenuHandlers2: [WipeExt] -> {721A1B24-EC8B-4eda-9CCE-39720B9FA747} => C:\Program Files\Ace Utilities\wipext.dll [2016-08-09] (Acelogix Software) ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers4: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2011-11-05] (The Eraser Project) ContextMenuHandlers4: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => -> Geen bestand ContextMenuHandlers4: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => -> Geen bestand ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-02] (Intel Corporation) ContextMenuHandlers5: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => -> Geen bestand ContextMenuHandlers5: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => -> Geen bestand ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => -> Geen bestand ContextMenuHandlers6: [bgshellext] -> {F4BF1657-195F-4A0F-ACA2-9AE99D65BC0E} => C:\Program Files\BullGuard Ltd\BullGuard\BgShellExt.dll [2018-11-05] (BullGuard Ltd.) ContextMenuHandlers6: [Eraser] -> {BC9B776A-90D7-4476-A791-79D835F30650} => C:\Program Files\Eraser\Eraser.Shell.dll [2011-11-05] (The Eraser Project) ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> Geen bestand ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes) ContextMenuHandlers6: [PCKAVShell32] -> {B52115B1-936F-4EEA-A363-A535FB1942B7} => -> Geen bestand ContextMenuHandlers6: [PCKAVShell64] -> {40B50C00-06BB-415F-8F4E-6DEF53957ABA} => -> Geen bestand ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-03-14] (Safer-Networking Ltd.) ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2015-03-14] (Safer-Networking Ltd.) ContextMenuHandlers6: [WipeExt] -> {721A1B24-EC8B-4eda-9CCE-39720B9FA747} => C:\Program Files\Ace Utilities\wipext.dll [2016-08-09] (Acelogix Software) ==================== Geplande Taken (gefilterd) ============= (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) Task: {17A33317-E0DE-48EF-851A-B9EBAB43D403} - System32\Tasks\{9DAE1395-F5A0-4091-87D7-D749CB31F454} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe" Task: {2CDD3D0B-A866-4348-A299-E1873BAE29AF} - System32\Tasks\{E1B3A84F-74A2-498A-A585-0A0F0C0A90D4} => C:\Windows\system32\pcalua.exe -a "C:\Users\henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WI0GUYY4\cisfree_installer_x86[1].exe" -d C:\Users\henk\Desktop Task: {3088AD4A-08DB-4D62-ADA2-62B3B0DD1732} - System32\Tasks\{5DDAD99F-EEFF-4458-8B64-FD79E3C57951} => C:\Windows\system32\pcalua.exe -a C:\Users\henk\Downloads\HijackThis.exe -d C:\Users\henk\Downloads Task: {41B74114-D791-4F24-89F7-2FF9125D0650} - System32\Tasks\AdobeGCInvoker-1.0-henk-PC-henk => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated) Task: {450C7C31-D431-4E2C-8BAC-EA341214C3EE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.) Task: {58683ADF-A57A-4504-AA65-CC9993DD447F} - System32\Tasks\BullGuard\BullGuardUpdate2 => C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate2.exe [2018-11-05] (BullGuard Ltd.) Task: {67BECAC5-784E-4EC1-83BF-F36C4CFE5180} - System32\Tasks\AdobeAAMUpdater-1.0-henk-PC-henk => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-12-08] (Adobe Systems Incorporated) Task: {84F18409-C2BD-4941-BA01-515D24BAC172} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-03-14] (Safer-Networking Ltd.) Task: {8651F953-8C6E-453C-AA79-5D885C8D6FDC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.) Task: {88A39D31-DD7A-47D4-A116-AF3C25755F3F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-04-12] (Piriform Ltd) Task: {AA889854-68AF-44CF-8879-625CD09EB749} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe Task: {B0FF38C9-4CE0-4CBD-99DB-2429D86DBB71} - System32\Tasks\Egis technology online update program => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe Task: {B167E536-3499-4E5C-B3EE-99F9DAC36388} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-15] (Adobe Systems Incorporated) Task: {B305159F-AC91-4B35-8797-96BE4E433A56} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-03-14] (Safer-Networking Ltd.) Task: {B3AC4BF0-25F2-4132-BA72-03EA2AE8CD33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-19] (Google Inc.) Task: {C7F92A10-7587-40A4-B106-729E6EF6480C} - System32\Tasks\AceUtilsSkipUAC => C:\Program Files\Ace Utilities\au.exe [2016-08-09] (Acelogix Software) Task: {E146B60D-0C5A-47EB-A1E3-ABA6D171288A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.) Task: {E332A366-1CC2-4290-B0C3-E52644686C01} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-04-12] (Piriform Ltd) Task: {F8BDE51B-1A31-4CF4-B974-3DC423C4DCFE} - System32\Tasks\{56DF67B3-3BD8-4537-9BF8-0BDD0729A0D6} => C:\Windows\system32\pcalua.exe -a C:\Users\henk\AppData\Local\Temp\jre-8u101-windows-au.exe -d C:\Windows\SysWOW64 -c /installmethod=jau FAMILYUPGRADE=1 <==== AANDACHT Task: {F93209D4-4426-4150-A75B-6CF2FAF8A704} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-03-14] (Safer-Networking Ltd.) (Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.) ==================== Snelkoppelingen & WMI ======================== (De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.) ShortcutWithArgument: C:\Users\henk\Desktop\Acer Accessoires.lnk -> C:\Program Files\Acer Accessory Store\StartURL.exe () -> hxxp://store.acer-euro.com/nl?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal ==================== Geladen Modules (gefilterd) ============== 2018-10-29 17:54 - 2018-10-29 17:54 - 000724840 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll 2018-10-29 17:54 - 2018-10-29 17:54 - 000088936 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll 2018-10-29 17:54 - 2018-10-29 17:54 - 000527208 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll 2018-10-29 17:54 - 2018-10-29 17:54 - 000073064 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll 2009-12-30 04:36 - 2008-07-30 04:29 - 000200704 _____ () C:\Windows\PLFSetI.exe 2016-10-01 11:28 - 2016-10-01 11:28 - 000389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe 2018-04-09 11:48 - 2018-04-09 11:48 - 000061408 _____ () C:\Program Files\CCleaner\branding.dll 2018-04-12 21:15 - 2018-04-12 21:15 - 000095168 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll 2015-03-14 14:34 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-03-14 14:34 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-03-14 14:34 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2018-10-29 17:54 - 2018-10-29 17:54 - 000587624 _____ () C:\Program Files\BullGuard Ltd\BullGuard\Files32\SQLite.dll ==================== Alternate Data Streams (gefilterd) ========= (Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.) AlternateDataStreams: C:\autoexec.bat:$CmdTcID [64] AlternateDataStreams: C:\Windows\notepad.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\adsmsext.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\aelupsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\audiodg.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\AudioEng.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\AUDIOKSE.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\AudioSes.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\audiosrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\basesrv.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\bcdedit.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\bcryptprimitives.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\blackbox.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cewmdm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\chajei.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\clfsw32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC280C.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC280I.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC280L.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC280O.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC_BUC.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC_BUI.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNC_BUL.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNHMCA6.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNMIUAA.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNMLMAA.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CNMLMBU.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\COLORCNV.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\comctl32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cryptsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\cryptui.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\d3d10warp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\davclnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\devenum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\diagtrack.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\diskperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\drmmgrtn.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\drmv2clt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\EncDump.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\evr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\IMJP10.IME:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\IMJP10K.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\imkr80.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\input.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ksuser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\logman.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mcmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfplat.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\MSMPEG2ENC.DLL:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\msmpeg2vdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msnetobj.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\msscp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\nlsbres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\notepad.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pcadm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pcaevts.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pcalua.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pcasvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pcawrk.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\perftrack.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\phon.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\pintlgnt.ime:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\poqexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\powertracker.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\profsvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qdvd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qedit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\qintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\quick.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\rdvidcrl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\relog.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\scavengeui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sdnclean64.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\sechost.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\services.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\SysFxUI.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tdh.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tracerpt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\tsgqec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\TSWbPrxy.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\typeperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\ubpm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\UIAnimation.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\user32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\UtcResources.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wdi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WebClnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\winresume.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wksprt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMALFXGFXDSP.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmdrmsdk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMPhoto.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wmpmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMSPDMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVENCOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wpdshext.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WSManHTTPConfig.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WSManMigrationPlugin.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wsmplpxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\wsmprovhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WsmRes.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\adsmsext.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\apphelp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\AudioEng.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\AUDIOKSE.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\AudioSes.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\bcryptprimitives.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\blackbox.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cewmdm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\chajei.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\clfsw32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CNC280L.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CNC280U.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CNC_BUL.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CNHMCA.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\COLORCNV.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\comctl32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\CPFilters.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\crowdinspect64.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cryptsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\cryptui.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\d3d10warp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\davclnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\devenum.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\diskperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\drmmgrtn.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\drmv2clt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\EncDec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\evr.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\IMJP10.IME:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\IMJP10K.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\imkr80.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\InkEd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\input.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksproxy.ax:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ksuser.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\logman.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfplat.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mfvdsp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MFWMAAEC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP3DMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP43DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MP4SDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MPG4DECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2adec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\MSMPEG2ENC.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msmpeg2vdec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msnetobj.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msorcl32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\msscp.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mstscax.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\mtxoci.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\nlsbres.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\notepad.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\phon.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\pintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\poqexec.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qasf.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qdvd.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qedit.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\qintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\quick.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\rdvidcrl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\relog.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\RESAMPLEDMO.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ROBOEX32.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sdbinst.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\sechost.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\shimeng.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tdh.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tintlgnt.ime:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tracerpt.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\tsgqec.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\typeperf.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\ubpm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\UIAnimation.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\user32.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\VIDRESZR.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wdi.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WebClnt.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WindowsCodecs.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMADMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmdrmsdk.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMPhoto.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wmpmde.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMSPDMOE.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVDECOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVENCOD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVSDECD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVSENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WMVXENCD.DLL:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wpdshext.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wshrm.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WSManHTTPConfig.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WSManMigrationPlugin.dll:$CmdTcID [130] AlternateDataStreams: C:\Windows\SysWOW64\WsmAuto.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wsmplpxy.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\wsmprovhost.exe:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WsmRes.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WsmSvc.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\SysWOW64\WsmWmiPl.dll:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\BdSpy.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\bowser.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmk.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\drmkaud.sys:$CmdTcID [130] AlternateDataStreams: C:\Windows\system32\Drivers\mrxdav.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\PEAuth.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\portcls.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\rmcast.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\stream.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\usbscan.sys:$CmdTcID [64] AlternateDataStreams: C:\Windows\system32\Drivers\USBSTOR.SYS:$CmdTcID [64] AlternateDataStreams: C:\ProgramData\Temp:0C52AA8E [127] AlternateDataStreams: C:\ProgramData\Temp:444C53BA [246] AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F [290] AlternateDataStreams: C:\ProgramData\Temp:E965A533 [122] AlternateDataStreams: C:\ProgramData\Temp:F0D7EE30 [134] AlternateDataStreams: C:\Users\henk\Cookies:LkQNexABvnJiqsBPSLANkog [2282] AlternateDataStreams: C:\Users\henk\Desktop\JRT_NEW.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Desktop\MPEG_Streamclip.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Desktop\MPEG_Streamclip.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Desktop\tdsskiller.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Desktop\tdsskiller.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\0426191773_001000CRC_RASF0_20121218_20120012.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\20160402_153355.jpg.nq96yiy.partial:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\20160402_153419.jpg.udmvwtg.partial:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\4kvideodownloader_4.1.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\4kvideodownloader_4.1.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\ADE_4.5_Installer.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\ADE_4.5_Installer.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\averydesignproV4-Installation.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\averydesignproV4-Installation.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Bericht_106762311.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Bericht_106762311.pdf.qr4lfra.partial:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Bericht_244400629.pdf:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\BullGuardDownloaderAV_uksem15av.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\BullGuardDownloaderAV_uksem15av.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Catwalk.jpg:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Catwalk.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\ClassicShellSetup_4_1_0.exe:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\ClassicShellSetup_4_1_0.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\CreativeCloudSet-Up (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\CreativeCloudSet-Up (1).exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\CrowdInspect.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\CrowdInspect.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\DesignPrintNL-3.0.0 (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Dodcap_136_Full.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Dodcap_136_Full.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\dpclat.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\dpclat.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\EmsisoftEmergencyKit.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\EmsisoftEmergencyKit.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Eraser 6.0.9.2343.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Eraser 6.0.9.2343.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\eso1625a.tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\eso1625a.tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\FloralGeometryRanganDas.themepack:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\FloralGeometryRanganDas.themepack:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\HitmanPro35.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\HitmanPro35.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\HPSupportSolutionsFramework-12.5.26.37.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\IMG-20161009-WA0003.jpg:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\img_001002880.kml:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\Jellyfish.themepack:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\JMGPhotoPrinter_1_37_1_0.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\JMGPhotoPrinter_1_37_1_0.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\ksd291a_installer.zip:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\ksd291a_installer.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\LensCalcSetup (1).exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\lenscalcsetup.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\lenscalcsetup.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\MediaCreationTool.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\MediaCreationTool.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Ontvangstbevestiging_Aangifte_inkomstenbelasting_2015_28-07-2016_14.31u.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Orion_composite1.jpg:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Orion_composite1.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\OutdoorBlackwhite.jpg:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\paint.net.4.0.13.install.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\paint.net.4.0.13.install.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\phoxo.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\phoxo.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\pspx9.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\pspx9.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\rcsetup153.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\RDS_PreAlpha.zip:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\RDS_PreAlpha.zip:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\RecoverKeysDemo-x64.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\RecoveryToolboxForCDInstall.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-02.tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-02.tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-03.tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-03.tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-05.tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-05.tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-07 (1).tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-07 (1).tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-07.tiff:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Rosetta-Descent-2k-07.tiff:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\setup_telecine_capture_de.exe:$CmdTcID [130] AlternateDataStreams: C:\Users\henk\Downloads\SUPERAntiSpyware.exe:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\SUPERAntiSpyware.exe:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\ticket.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\ticket.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEa04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEb04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEc04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEd04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEe04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEf04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\VEg04656:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Downloads\Waarom_mensen_oorlog_voeren.pdf:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Downloads\Waarom_mensen_oorlog_voeren.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\AppData\Local\TarvKcFHN032JSQ:oS504sFiUkLbghY6kkjlwv [2136] AlternateDataStreams: C:\Users\henk\AppData\Local\Temporary Internet Files:D3M3wagQ7LJ3Vfqv [2052] AlternateDataStreams: C:\Users\henk\Documents\30_000 ADHD-patiënten gedupeerd door marktwerking zorg.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\350 jaar Veendam en Wildervank - Profiel uitgeverij.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Afbeelding toont nooit verschenen Lumia 650 XL en Lumia 2020 met 8,3-scherm - Tablets en telefoons - Nieuws - Tweakers.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Antacida Gezondheidsnet.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\AudioQuest mini-jack naar RCA kabels - recensie.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\De komst van planeet X – Nibiru Stichting Skepsis.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\DVHN-20150929-GO01022006.jpg:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Enerverend.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Engels-Geschiedenis - Wikibooks.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Fotozaak Groot-Obbink nu compleet in Martenshoek.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Frisere-print.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Geen risico bij behandeling bovenste nekwervels_ Scholten.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Grote klinkerverschuiving (Engels) - Wikipedia.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\HAARLEMSE KUNSTENAAR ROBBERT DE BAKKER - Fredvanderwal's Weblog.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Het cruciale verschil tussen Jezus en Mohammed – Vrome praatjes.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Informatie - Brandpuntafstanden ten opzichte van elkaar.htm:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Informatie - Brandpuntafstanden ten opzichte van elkaar.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\ING gaat klanten gratis antimalwarepakket leveren - IT Pro - Nieuws - Tweakers.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Internationaal Fonetisch Alfabet - Wikipedia.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Jezus of Mohammed Mens en Samenleving Religie.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\jezusofmohammedeenvergelijking.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\JVC_JL-A20-owners_manual.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Last van brandend maagzuur Gezondheidsnet.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Mantelzorgers Veendam ontvangen blijk van waardering tijdens Dag van de Mantelzorg parkstadveendam_nl.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Masculiniteit versus feminiteit.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Minigids_Belastingaangifte.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Moeten we terug naar het ziekenfonds - Joop.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\nationaal-zorgfonds--flyer-juni-2016.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Nationalisme, liberalisme, socialisme, confessionalisme en feminisme.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Nibud hoge zorgkosten en vaste lasten vaker oorzaak betalingsproblemen - Nibud - Nationaal Instituut voor Budgetvoorlichting.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Pejoratief - Wikipedia.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Peret - Wikipedia.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Peter_Frankopan-De_zijderoutes.epub:$CmdTcID [64] AlternateDataStreams: C:\Users\henk\Documents\Peter_Frankopan-De_zijderoutes.epub:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Rare lui, die Engelsen met hun verschil tussen klank en spelling - Archief - TROUW_dhtml.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Recensie Snikhait - Mous.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Rijk Nederland ziet ellende van arme onderklasse niet - Joop.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Ruk naar rechts blijft uit na komst PowNed en WNL Archief de Volkskrant.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\SC Veendam zit nog diep in het hart van spelers en supporters – De Veendammer.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\SJ7000-Manual.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Slavinnen als seksueel bezit in de koran.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Videotransfer Gerrit van Doornen.pdf:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Voedselbank Veendam Menterwolde winnaar lokale helden 2012 [bijgewerkt] _ parkstadveendam.nl.htm:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Waarom - Daniël Lohues.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Wat kun je doen als je last hebt van brandend maagzuur Gezondheidsnet.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Wat te doen bij brandend maagzuur – Natuur Werkt!.mht:$CmdZnID [26] AlternateDataStreams: C:\Users\henk\Documents\Watersysteemperspectieven.pdf:$CmdZnID [26] ==================== Veilige Modus (gefilterd) =================== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\14448968.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\14448968.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsMain => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsUpdate => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" ==================== Bestandskoppeling (gefilterd) =============== (Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.) HKLM\...\.reg: => <==== AANDACHT ==================== Internet Explorer vertrouwde/beperkte toegang =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.) IE trusted site: HKU\S-1-5-21-1209327029-604838399-101022576-1000\...\marktplaats.nl -> hxxp://www.marktplaats.nl ==================== Hosts inhoud: =============================== (Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.) 2009-07-14 03:34 - 2017-12-19 15:09 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Andere gebieden ============================ (Momenteel is er geen automatische fix voor dit onderdeel.) HKU\S-1-5-21-1209327029-604838399-101022576-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\henk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.16.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is ingeschakeld. ==================== MSCONFIG/TASK MANAGER Uitgeschakelde items == Als een item is opgenomen in de fixlist, zal het worden verwijderd. MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: cmdvirth => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IAANTMON => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: McComponentHostService => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: NAUpdate => 2 MSCONFIG\Services: nlsX86cc => 2 MSCONFIG\Services: NTIBackupSvc => 3 MSCONFIG\Services: NTISchedulerSvc => 2 MSCONFIG\Services: SDScannerService => 3 MSCONFIG\Services: SDUpdateService => 2 MSCONFIG\Services: SDWSCService => 2 MSCONFIG\Services: ServiceLayer => 3 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: ArcadeDeluxeAgent => "C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: Eraser => "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart MSCONFIG\startupreg: LManager => C:\Program Files (x86)\Launch Manager\LManager.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Firewall regels (gefilterd) =============== (Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.) FirewallRules: [{0E6E2C7E-8C65-4694-80F8-3FC2DCBC8D0A}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{16661C74-B792-425A-99D1-F2FE8CD74AF4}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{2770B99E-DDC8-4EFF-9993-92E7F22DEE31}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{4C02ADD2-A605-409C-B001-8E95700F553C}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{750DDCCF-9412-43E5-88A5-0E2A5302BA0B}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe FirewallRules: [{00248876-B2E0-4C52-A0A4-BD32B90D234D}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe FirewallRules: [{0D0427A7-8B8A-407E-8468-4D4D549AF538}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe FirewallRules: [{CCA5BACB-1BB7-4944-87B3-A066515ACBC5}] => (Allow) C:\Program Files (x86)\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe FirewallRules: [{55A785EE-EA7A-479E-965F-4F9899858270}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [{8CEF427B-7EFD-4D2C-9A54-CD7018852C20}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{E361349E-BE94-472B-B644-71D80698B875}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe FirewallRules: [{BD7DFF99-CAE9-460A-9D31-57A9EFA059B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D559F859-D7BC-4462-B1B7-2AC236BF459A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7344AE3C-756F-44B6-A416-024930743DF5}] => (Allow) C:\Program Files (x86)\Studio\Programs\RM.exe FirewallRules: [{434FDCA9-781D-425D-BAD8-FD9A8A5F6A3C}] => (Allow) C:\Program Files (x86)\Studio\Programs\RM.exe FirewallRules: [{ABBA78A5-5408-49BF-80FE-70C62D3DC3E5}] => (Allow) C:\Program Files (x86)\Studio\Programs\Studio.exe FirewallRules: [{F80C9191-D0FD-4FF3-A379-A1E6CD1441D3}] => (Allow) C:\Program Files (x86)\Studio\Programs\Studio.exe FirewallRules: [{4469BEBE-8928-487A-B813-9D5511BB6727}] => (Allow) C:\Program Files (x86)\Studio\Programs\umi.exe FirewallRules: [{1B047083-9FA6-4340-8D4B-90CDADFA1141}] => (Allow) C:\Program Files (x86)\Studio\Programs\umi.exe FirewallRules: [{816BF403-4D41-4AA0-92C0-E37B584918F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{3933143F-B685-4F2B-AC1A-56870474BCE7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{03F39B07-8726-413D-A288-22EF47342572}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe FirewallRules: [{DB75BD15-E817-4E02-A28E-69D1BBB15F6D}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe FirewallRules: [TCP Query User{DF0A1522-5CE8-4EAA-8B69-9878FEA1841E}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe FirewallRules: [UDP Query User{67E088A5-27BD-47EF-93DA-576ED788FBE8}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe FirewallRules: [TCP Query User{9E2DB4E5-8641-4301-A426-085996D94371}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{3BB4B662-2DB3-478E-AD36-08FFEF5CDA06}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{6C1DC3D0-DC79-4380-88DB-36F7FC853163}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{1B795E8E-D892-4B4E-8649-2223F03CD9BC}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Herstelpunten ========================= ==================== Defecte Apparaatbeheer Apparaten ============= Name: ZAM Helper Driver Description: ZAM Helper Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: ZAM Guard Driver Description: ZAM Guard Driver Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: ZAM_Guard Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Eventlog fouten: ========================= Applicatiefouten: ================== Error: (11/08/2018 10:08:09 AM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSI59108.LOG. Error: (11/07/2018 08:44:04 AM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSI2e907.LOG. Error: (11/06/2018 07:41:26 PM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSI453a.LOG. Error: (11/06/2018 01:16:46 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: AGSService.exe, versie: 6.0.0.87, tijdstempel: 0x5b964166 Naam van module met fout: AGSService.exe, versie: 6.0.0.87, tijdstempel: 0x5b964166 Uitzonderingscode: 0xc0000005 Foutoffset: 0x00064216 Id van proces met fout: 0x71c Starttijd van toepassing met fout: 0x01d474cedcfdbdc8 Pad naar toepassing met fout: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Pad naar module met fout: C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe Rapport-id: d4169fe9-e1bd-11e8-9ec0-705ab614897d Error: (11/05/2018 07:38:46 AM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSI6583d.LOG. Error: (11/04/2018 11:21:37 AM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSIa4e4e.LOG. Error: (11/04/2018 10:45:11 AM) (Source: ThreadLib) (EventID: 0) (User: ) Description: Event-ID 0 Error: (11/04/2018 12:44:30 AM) (Source: MsiInstaller) (EventID: 1023) (User: henk-PC) Description: Product: Adobe Reader XI - Nederlands - Update '{AC76BA86-7AD7-0000-2550-7A8C40011020}' kan niet worden geïnstalleerd. Foutcode: 1625. Meer informatie is beschikbaar in logboekbestand C:\Users\henk\AppData\Local\Temp\MSI58e69.LOG. Systeemfouten: ============= Error: (11/08/2018 02:44:59 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume C:. Error: (11/08/2018 02:38:09 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume C:. Error: (11/08/2018 02:22:46 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume C:. Error: (11/08/2018 02:18:49 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume Acer. Error: (11/08/2018 02:17:41 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume Acer. Error: (11/08/2018 02:17:33 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume Acer. Error: (11/08/2018 02:16:48 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume Acer. Error: (11/08/2018 02:15:46 PM) (Source: Ntfs) (EventID: 55) (User: ) Description: De structuur van het bestandssysteem op de schijf is beschadigd en onbruikbaar. Voer het hulpprogramma Chkdsk uit op volume C:. Windows Defender: =================================== Date: 2017-09-23 09:15:38.899 Description: Windows Defender heeft een fout aangetroffen bij het laden van handtekeningen en probeert terug te keren naar een juiste set handtekeningen. Geprobeerde handtekeningen:Huidig Foutcode:0x80070002 Foutbeschrijving:Het systeem kan het opgegeven bestand niet vinden. Handtekeningversie:0.0.0.0 Engineversie:0.0.0.0 Date: 2017-09-23 09:15:38.883 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: Bron update:Map voor bijwerken handtekening Type handtekening:AntiSpyware Type update:Delta Gebruiker:NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: Foutcode:0x80070002 Foutbeschrijving:Het systeem kan het opgegeven bestand niet vinden. Date: 2017-06-16 13:34:55.893 Description: Windows Defender heeft een fout aangetroffen bij het laden van handtekeningen en probeert terug te keren naar een juiste set handtekeningen. Geprobeerde handtekeningen:Huidig Foutcode:0x80070002 Foutbeschrijving:Het systeem kan het opgegeven bestand niet vinden. Handtekeningversie:0.0.0.0 Engineversie:0.0.0.0 Date: 2017-06-16 13:34:46.455 Description: Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: Bron update:Map voor bijwerken handtekening Type handtekening:AntiSpyware Type update:Delta Gebruiker:NT AUTHORITY\SYSTEM Huidige engineversie: Vorige engineversie: Foutcode:0x80070002 Foutbeschrijving:Het systeem kan het opgegeven bestand niet vinden. Date: 2016-01-03 11:01:28.793 Description: Windows Defender heeft een fout aangetroffen bij het laden van handtekeningen en probeert terug te keren naar een juiste set handtekeningen. Geprobeerde handtekeningen:Huidig Foutcode:0x80070002 Foutbeschrijving:Het systeem kan het opgegeven bestand niet vinden. Handtekeningversie:0.0.0.0 Engineversie:0.0.0.0 CodeIntegrity: =================================== Date: 2018-01-08 20:25:42.377 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Users\henk\AppData\Local\Temp\{5365D354-8181-4C45-A86D-B5FAED349A63}\fsgk.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2018-01-08 20:25:42.283 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\Users\henk\AppData\Local\Temp\{5365D354-8181-4C45-A86D-B5FAED349A63}\fsgk.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-12-19 15:06:58.422 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\COMBOFIX\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-12-19 15:06:58.344 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\COMBOFIX\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-12-19 15:06:58.203 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\COMBOFIX\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2017-12-19 15:06:58.110 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\COMBOFIX\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2016-11-18 15:34:43.851 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2016-11-18 15:34:43.586 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ComboFix\catchme.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Geheugen info =========================== Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz Percentage geheugen in gebruik: 63% Totaal fysiek RAM-geheugen: 3001.98 MB Beschikbaar fysiek RAM-geheugen: 1107.29 MB Totaal Virtueel geheugen: 6002.1 MB Beschikbaar Virtueel geheugen: 2781.15 MB ==================== Schijven ================================ Drive c: (Acer) (Fixed) (Total:285.99 GB) (Free:5.06 GB) NTFS Drive e: (TOSHIBA EXT) (Fixed) (Total:1863.01 GB) (Free:1528.17 GB) NTFS \\?\Volume{7e9b809c-f4f3-11de-bf2c-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS \\?\Volume{7e9b809b-f4f3-11de-bf2c-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:12 GB) (Free:1.85 GB) NTFS ==================== MBR & Partitietabel ================== ======================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: E3CA33CE) Partition 1: (Not Active) - (Size=12 GB) - (Type=27) Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 1863 GB) (Disk ID: CD1BDFAB) Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Eind van Addition.txt ============================