Ga naar inhoud

Laptop traag

Have0
 Delen

Aanbevolen berichten

Have0 Vergevorderde

Have0

Geplaatst:
Geplaatst:

Beste lezer/lezeres, mijn laptop met windows 7 reageert erg traag. Bleef bijna hangen. Nu gaat het iets beter. Toch graag jullie advies als ik iets moet opschonen.

Hieronder een logfile. Alvast bedankt voor jullie tijd !

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Have0 at 2016-08-02 16:56:09
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 2 GB (3%) free of 76 GB
Total RAM: 4095 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:26, on 2-8-2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Have0.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Amazon 1Button App Service - Amazon Inc. - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: VMware Netlink Supervisor Service (ftnlsv3hv) - Unknown owner - C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
O23 - Service: VMware Scanner Redirection Client Service (ftscanmgr) - Unknown owner - C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
O23 - Service: VMware Serial Com Redirection Client service (vmwsprrdpwks) - VMware - C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware Horizon Client (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 11236 bytes

======Listing Processes======

 

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-99d5-cd083f859666 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe"
"C:\Program Files (x86)\AVG\Av\avgidsagenta.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {3318E7F8-628D-4A5A-887B-59C906ACAF4E}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
Atouch64.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
ATKOSD.exe
KBFiltr.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
WDC.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe"
"C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe" -SCMStartup
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe" -SCMStartup
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Logitech\FlowScroll\KhalScroll.exe"
"C:\Program Files\WinZip\FAHWindow64.exe" register
KHALMNPR.EXE /API
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {AC06DE4F-ED44-45CD-A111-52ECE769A0E0}
"C:\Program Files\WinZip\WzBGTools.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\AUDIODG.EXE 0x96c
"C:\Users\Have0\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 435992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27 2248776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll [2012-02-08 367384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"VMware Netlink 3 HV Install Utility"=C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [2015-06-16 70080]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 166680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25 1110232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files (x86)\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2015-07-13 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk]
C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-melder.lnk]
C:\PROGRA~1\WinZip\WZUPDA~1.EXE [2016-05-01 1531616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk]
C:\PROGRA~1\WinZip\WZPREL~1.EXE [2016-05-01 133216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Have0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk]
C:\PROGRA~3\{D1AEA~1\INVOOR~1.EXE --startup=1 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-22 32528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-07-20 186640]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2016-07-27 2162760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=16
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-08-02 16:56:09 ----DC---- C:\rsit
2016-08-01 17:46:03 ----DC---- C:\Program Files (x86)\Amazon Browser Settings
2016-07-26 14:34:03 ----DC---- C:\Program Files\Common Files\AVG Secure Search
2016-07-26 14:32:57 ----DC---- C:\ProgramData\AVG Web TuneUp
2016-07-26 14:32:33 ----DC---- C:\Program Files (x86)\AVG Web TuneUp

======List of files/folders modified in the last 1 month======

2016-08-03 00:40:51 ----SHDC---- C:\Windows\Installer
2016-08-03 00:40:51 ----SDC---- C:\Windows\system32\GWX
2016-08-03 00:40:51 ----DC---- C:\Windows\Tasks
2016-08-03 00:40:51 ----DC---- C:\Windows\SysWOW64
2016-08-03 00:40:51 ----DC---- C:\Windows\system32\wfp
2016-08-03 00:40:51 ----DC---- C:\Windows\system32\catroot2
2016-08-03 00:40:51 ----DC---- C:\Windows\System32
2016-08-03 00:40:51 ----DC---- C:\Windows
2016-08-03 00:40:51 ----DC---- C:\ProgramData\P4G
2016-08-03 00:40:51 ----DC---- C:\ProgramData\Oracle
2016-08-03 00:40:51 ----D---- C:\Windows\system32\DriverStore
2016-08-03 00:40:50 ----DC---- C:\Program Files (x86)\Java
2016-08-03 00:40:50 ----DC---- C:\Program Files (x86)\Common Files
2016-08-03 00:40:48 ----DC---- C:\Windows\system32\wbem
2016-08-03 00:40:48 ----DC---- C:\Windows\registration
2016-08-03 00:39:43 ----RDC---- C:\Program Files (x86)
2016-08-02 16:56:20 ----DC---- C:\Program Files\trend micro
2016-08-02 16:54:37 ----DC---- C:\Windows\Temp
2016-08-02 15:59:45 ----DC---- C:\Windows\system32\config
2016-08-02 15:18:23 ----SHD---- C:\System Volume Information
2016-08-02 15:09:07 ----DC---- C:\Windows\system32\Tasks
2016-08-02 14:51:06 ----DC---- C:\ProgramData\MFAData
2016-08-02 14:42:03 ----DC---- C:\Windows\system32\drivers
2016-08-01 13:16:00 ----DC---- C:\Windows\Prefetch
2016-07-30 14:28:32 ----DC---- C:\Windows\inf
2016-07-30 14:28:32 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2016-07-30 14:28:02 ----DC---- C:\Windows\system32\FxsTmp
2016-07-28 10:50:29 ----DC---- C:\ProgramData
2016-07-27 23:09:55 ----DC---- C:\Config.Msi
2016-07-26 14:34:03 ----DC---- C:\Program Files\Common Files
2016-07-25 16:49:07 ----DC---- C:\Windows\pss
2016-07-12 21:02:38 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-12 21:02:14 ----DC---- C:\Windows\system32\Macromed
2016-07-12 21:02:07 ----DC---- C:\Windows\SYSWOW64\Macromed
2016-07-12 21:02:02 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-07-11 22:55:23 ----DC---- C:\ProgramData\Microsoft Help
2016-07-04 17:50:39 ----DC---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-02 224896]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-06-01 261376]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-06-02 249088]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-06-01 76544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-22 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-02 93568]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-02 426848]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-06-09 310016]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2016-06-01 260352]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2016-06-01 280320]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-12-19 52000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-02 29208]
R2 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-11-02 92008]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-07-30 57536]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-02 1041168]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-02 79184]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-07-04 19456]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-07-04 56832]
S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 Amazon 1Button App Service;Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [2016-02-17 436032]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-07-22 5251808]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-07-20 1097488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-07-22 712792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
R2 ftnlsv3hv;VMware Netlink Supervisor Service; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [2015-06-16 226240]
R2 ftscanmgr;VMware Scanner Redirection Client Service; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [2015-07-31 6363792]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-07-30 910016]
R2 vmware-view-usbd;VMware View USB; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2015-07-31 1156824]
R2 vmwsprrdpwks;VMware Serial Com Redirection Client service; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [2015-05-08 261776]
R2 vToolbarUpdater40.3.2;vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [2016-07-26 1309768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-07-22 637944]
S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-27 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-28 146888]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

 

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Download de 51a5c8edc4692-icon1337952077.pngFarbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links


Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren

  • Dubbelklik op FRST.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
  • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

Link naar reactie
Delen op andere sites
Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst:

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 27-07-2016
Gestart door Have0 (Beheerder) op HAVE0-PC (02-08-2016 19:58:08)
Gestart vanaf C:\Users\Have0\Downloads
Geladen Profielen: Have0 (Beschikbare Profielen: Have0)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzBGTools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-06-16] ()
HKLM\...\Run: [LogiScrollApp] => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-07-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2162760 2016-07-27] ()
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2014-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2014-06-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-05-23]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{0EA11D21-C604-40D3-8842-A6221DBC8140}: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{5166A127-CB30-4E2A-B84B-F3181148EDF2}: [DhcpNameServer] 89.101.251.229 89.101.251.228

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816av&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816av&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0cb6e8ab_1201_1403_20160405_NL_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Windows Live Aanmelden - Help -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Handler: linkscanner - Geen CLSID Waarde
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-07-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2578091034-2730396283-2997144666-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Geen bestand]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-05-16] (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared => niet gevonden
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2016-06-17] [ niet getekend]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => niet gevonden

Chrome:
=======
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2016-06-17]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Bestand niet getekend]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-07-31] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware)
R2 vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [1309768 2016-07-26] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-28] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-08-19] (VMware, Inc.)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [976456 2016-07-27] ()
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-02] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-11-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-02] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-11-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-11-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-11-02] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-19] (AVG Technologies)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf; geen ImagePath
U3 tmwfp; geen ImagePath

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-02 19:58 - 2016-08-02 20:00 - 00021845 ____C C:\Users\Have0\Downloads\FRST.txt
2016-08-02 19:57 - 2016-08-02 19:58 - 00000000 ___DC C:\FRST
2016-08-02 19:54 - 2016-08-02 19:56 - 02394112 ____C (Farbar) C:\Users\Have0\Downloads\FRST64.exe
2016-08-02 16:56 - 2016-08-02 16:56 - 00000000 ___DC C:\rsit
2016-08-02 16:54 - 2016-08-02 16:54 - 01222144 ____C C:\Users\Have0\Downloads\RSITx64.exe
2016-08-02 15:19 - 2016-08-02 15:19 - 00000000 ___DC C:\Users\Have0\Desktop\Oude Firefox-gegevens
2016-08-02 14:43 - 2016-08-02 15:09 - 00003170 ____C C:\Windows\System32\Tasks\P4GIntlCtrl
2016-08-01 17:46 - 2016-08-03 00:40 - 00000000 ___DC C:\Program Files (x86)\Amazon Browser Settings
2016-07-27 23:11 - 2016-07-27 23:11 - 00626176 ____C C:\new.avi
2016-07-26 14:34 - 2016-07-26 18:48 - 00000000 ___DC C:\Users\Have0\AppData\Local\AVG Web TuneUp
2016-07-26 14:34 - 2016-07-26 14:34 - 00000000 ___DC C:\Program Files\Common Files\AVG Secure Search
2016-07-26 14:32 - 2016-07-27 16:45 - 00000000 ___DC C:\ProgramData\AVG Web TuneUp
2016-07-26 14:32 - 2016-07-27 16:44 - 00000000 ___DC C:\Program Files (x86)\AVG Web TuneUp
2016-07-21 18:14 - 2016-07-21 18:14 - 02530304 ____C (BitTorrent Inc.) C:\Users\Have0\Downloads\uTorrent.exe
2016-07-21 18:13 - 2016-07-21 18:14 - 00012239 ____C C:\Users\Have0\Downloads\08FFDAF1C7FB4A5B9D9AFBE88E3FF9D8B9723C00.torrent
2016-07-20 20:19 - 2016-07-20 20:19 - 17133900 ____C C:\Users\Have0\Downloads\PlayStore_v6.8.22.F-all.apk
2016-07-11 13:34 - 2016-07-11 13:34 - 00064680 ____C C:\Users\Have0\Downloads\BM9910-3792378.pdf

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-03 00:40 - 2015-12-15 20:42 - 00000000 __SDC C:\Windows\system32\GWX
2016-08-03 00:40 - 2015-12-15 20:17 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 00:40 - 2015-12-15 20:14 - 00000000 ___DC C:\ProgramData\Oracle
2016-08-03 00:40 - 2010-08-31 15:49 - 00000000 ___DC C:\Program Files (x86)\Java
2016-08-03 00:40 - 2009-12-19 04:43 - 00000000 ___DC C:\ProgramData\P4G
2016-08-03 00:40 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\registration
2016-08-02 19:53 - 2013-05-31 19:52 - 00000940 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-02 18:24 - 2014-05-16 11:38 - 00000000 ___DC C:\Users\Have0\Documents\Outlook-bestanden
2016-08-02 16:58 - 2009-07-14 06:45 - 00019056 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 16:58 - 2009-07-14 06:45 - 00019056 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 16:56 - 2013-10-21 21:35 - 00000000 ___DC C:\Program Files\trend micro
2016-08-02 15:13 - 2014-06-19 19:18 - 00003486 ____C C:\Windows\System32\Tasks\AutoKMS
2016-08-02 15:08 - 2009-07-14 07:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2016-08-02 14:51 - 2010-11-17 23:21 - 00000000 ___DC C:\ProgramData\MFAData
2016-08-02 14:43 - 2010-02-24 21:13 - 00000000 ___DC C:\Users\Have0
2016-08-01 17:33 - 2015-12-15 20:18 - 00000000 ___DC C:\Users\Have0\.oracle_jre_usage
2016-07-31 14:26 - 2014-06-29 13:39 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-30 14:28 - 2009-08-04 12:15 - 00748952 ____C C:\Windows\system32\perfh013.dat
2016-07-30 14:28 - 2009-08-04 12:15 - 00154962 ____C C:\Windows\system32\perfc013.dat
2016-07-30 14:28 - 2009-07-14 07:32 - 00000000 ___DC C:\Windows\system32\FxsTmp
2016-07-30 14:28 - 2009-07-14 07:13 - 01679026 ____C C:\Windows\system32\PerfStringBackup.INI
2016-07-30 14:28 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\inf
2016-07-28 10:52 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-07-25 20:54 - 2016-05-14 15:00 - 00000938 ____C C:\Users\Public\Desktop\AVG Protection.lnk
2016-07-25 20:54 - 2016-05-14 15:00 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-25 16:49 - 2011-09-19 23:32 - 00000000 ___DC C:\Windows\pss
2016-07-14 20:53 - 2015-10-14 19:41 - 00004476 ____C C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 20:52 - 2015-11-23 20:23 - 00002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-12 21:02 - 2016-04-07 20:08 - 06079168 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-12 21:02 - 2013-05-31 19:52 - 00003878 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 21:02 - 2012-07-29 16:10 - 00796352 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-12 21:02 - 2012-07-29 16:10 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 21:02 - 2012-07-29 16:10 - 00000000 ___DC C:\Windows\system32\Macromed
2016-07-12 21:02 - 2009-12-19 04:24 - 00000000 ___DC C:\Windows\SysWOW64\Macromed

==================== Bestanden in de root van sommige mappen =======

2012-12-28 20:37 - 2012-12-28 20:37 - 0099384 ____C () C:\Users\Have0\AppData\Roaming\inst.exe
2012-12-28 20:37 - 2012-12-28 20:37 - 0007859 ____C () C:\Users\Have0\AppData\Roaming\pcouffin.cat
2012-12-28 20:37 - 2012-12-28 20:37 - 0001167 ____C () C:\Users\Have0\AppData\Roaming\pcouffin.inf
2012-12-28 20:37 - 2012-12-28 20:37 - 0082816 ____C (VSO Software) C:\Users\Have0\AppData\Roaming\pcouffin.sys
2012-01-16 19:58 - 2015-10-03 20:59 - 0017408 ____C () C:\Users\Have0\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-16 21:17 - 2015-11-01 18:36 - 24211322 ____C () C:\Users\Have0\AppData\Local\package.nw.new
2015-01-21 19:31 - 2015-01-21 19:31 - 0007609 ____C () C:\Users\Have0\AppData\Local\Resmon.ResmonCfg
2014-04-11 15:58 - 2014-04-11 16:00 - 0002199 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.155801.txt
2014-04-11 16:07 - 2014-04-11 16:07 - 0002217 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.160720.txt
2014-04-11 16:22 - 2014-04-11 16:23 - 0002220 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.162228.txt
2014-12-02 17:43 - 2014-12-02 17:44 - 0002201 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20141202.164319.txt
2014-12-02 17:45 - 2014-12-02 17:46 - 0002218 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20141202.164555.txt
2015-09-13 17:06 - 2015-09-13 17:06 - 0004105 ____C () C:\ProgramData\wmzddnmb.cix
2009-12-19 04:10 - 2009-12-19 04:11 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-12-19 04:10 - 2009-12-19 04:10 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Sommige bestanden in TEMP:
====================
C:\Users\Have0\AppData\Local\Temp\avguirn_08493044749.exe
C:\Users\Have0\AppData\Local\Temp\avguirn_08714411002.exe
C:\Users\Have0\AppData\Local\Temp\avguirn_08749983667.exe
C:\Users\Have0\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Have0\AppData\Local\Temp\LMkRstPt.exe


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-06-12 20:29

==================== Eind van FRST.txt ============================

Link naar reactie
Delen op andere sites
Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst:

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 27-07-2016
Gestart door Have0 (2016-08-02 20:01:35)
Gestart vanaf C:\Users\Have0\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-02-24 19:12:57)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2578091034-2730396283-2997144666-500 - Administrator - Disabled)
Gast (S-1-5-21-2578091034-2730396283-2997144666-501 - Limited - Disabled)
Have0 (S-1-5-21-2578091034-2730396283-2997144666-1001 - Administrator - Enabled) => C:\Users\Have0
HomeGroupUser$ (S-1-5-21-2578091034-2730396283-2997144666-1002 - Limited - Enabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden <==== AANDACHT
AMD USB Filter Driver (HKLM-x32\...\{82809116-D1EE-443C-AE31-F19E709DDF7A}) (Version: 1.0.11.86 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus)
Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{138CD2BA-D40F-B371-83A2-6412684CEFDD}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
AVG (Version: 16.91.7690 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.3681 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.2.18 - AVG Technologies)
Basishandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Bog) (Version:  - )
Belle en het Beest - De Ster van het Bal (HKLM-x32\...\La Belle et la Bete - La Belle du bal) (Version:  - )
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
EasyVideoMaker (HKLM-x32\...\{03EC818F-96E5-497F-AF28-EC6BC4CF32D3}) (Version: 5.15 - Easy Video Maker)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Free Audio Converter version 5.0.59.525 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.59.525 - DVDVideoSoft Ltd.)
Gebruikershandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Useg) (Version:  - )
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
Intel WiDi Media Share (x32 Version: 1.1.0.0 - Intel Corporation) Hidden
Intel® WiDi Media Share (HKLM-x32\...\{32d14b1d-18fa-48e7-867d-93b7a72c816a}) (Version: 1.1.0.0 - Intel Corporation)
Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version:  - Oberon Media)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0120-0413-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.4 (HKLM-x32\...\Minecraft1.7.4) (Version:  - )
Movavi Video Editor 10 (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.3.0 - Movavi)
Mozilla Firefox 47.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 nl)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Netwerkhandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Netg) (Version:  - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version:  - Oberon Media)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
USB Audio/Vide Driver (HKLM-x32\...\InstallShield_{03CD367D-3959-4529-81B6-B7C80F146781}) (Version: 1.00.0000 - )
USB Audio/Vide Driver (x32 Version: 1.00.0000 - ) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VMware Horizon Client (HKLM\...\{783A7221-AF59-4F7D-8D88-FBE4266BC8F6}) (Version: 3.5.0.29526 - VMware, Inc.)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter 10.5_is1) (Version:  - ZJ Computing,Inc.)
Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live aanmeldhulp (HKLM-x32\...\{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.11 - ASUS)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.1 - Xvid Team)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {3BF87D6F-3241-4CCB-A284-20706C34C1DA} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-05-01] (WinZip Computing, S.L.)
Task: {4928B02E-BF35-4DBF-A521-74E0EB8443BF} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {4D03DA6C-90B6-4BC3-9610-17B2F0714065} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {55271D53-419F-468D-ACB2-7D4A76F1A975} - System32\Tasks\{A43D4B78-0311-4C53-983B-3317133FAC60} => C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe
Task: {5FB2FC62-791A-46E9-95B1-1F36EB423DDE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-19] ()
Task: {637072CC-07CF-4B3A-8CB4-4E0048E95B63} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-12] (TODO: <Company name>)
Task: {6A21E193-7A92-4E68-979C-676F0F4365D0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {7CC95640-FBCF-47B6-B317-0FB0710FDD3D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {AFCE63F4-53EC-4858-928F-734010A3F4C3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK)
Task: {B4B1F1F8-243C-4900-893F-5B72948B53D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {B8C3EC42-7818-4D91-A1B7-AACA6C0302AE} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {C496B371-F6F2-4025-B3E3-5E183E8A200E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {CC2C9781-5EB7-4EB5-9494-C84ED6F3C4CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {CEE2FC1F-A3E3-4EA7-B8F0-9A1F1D909BAA} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-09-05] ()
Task: {DB339C1A-15AF-41D6-B38B-26B0915B5EC3} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {F9175C10-4AB6-43E2-AC34-3492F0EAF781} - System32\Tasks\{6F034AA8-8BDD-4443-BDC7-9F8C6D7A8AB4} => pcalua.exe -a C:\Users\Have0\Downloads\Setup.exe -d C:\Users\Have0\Downloads
Task: {FBA7058E-908E-455F-9ACD-1DE4C4606DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {FEDC8796-AADC-452C-BE07-7E81320D10BF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mijn websites bij MSN\target.lnk -> hxxp://www.msnusers.com

==================== Geladen Modules (gefilterd) ==============

2016-07-26 14:32 - 2016-07-27 16:42 - 00976456 ____C () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2009-12-19 04:43 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-12-19 04:45 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2008-08-14 06:59 - 2008-08-14 06:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2009-09-11 02:42 - 2009-09-11 02:42 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2009-12-19 04:43 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-09-05 01:24 - 2009-09-05 01:24 - 01600128 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2015-06-16 11:10 - 2015-06-16 11:10 - 00226240 ____C () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
2015-07-31 15:42 - 2015-07-31 15:42 - 06363792 ____C () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-08-25 09:47 - 2009-08-25 09:47 - 00140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-12-19 04:17 - 2009-12-19 04:17 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-12-19 04:17 - 2009-12-19 04:17 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2016-07-26 14:32 - 2016-07-27 16:42 - 02162760 ____C () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2009-12-19 04:29 - 2009-12-19 04:29 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-06-16 11:04 - 2015-06-16 11:04 - 00239552 ____C () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
2016-05-14 14:48 - 2016-05-14 14:46 - 40500224 ____C () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 ____C () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\100sexlinks.com -> 100sexlinks.com

Er zijn 4788 Meer websites.


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2012-07-28 19:30 - 00000027 ___AC C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.101.251.229 - 89.101.251.228
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk => C:\Windows\pss\NewShortcut1.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-melder.lnk => C:\Windows\pss\Update-melder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Have0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk => C:\Windows\pss\In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: uTorrent => "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [{95D3EED8-4DC9-4A2E-9D0A-DDFFC0084AD5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{EB0DF1F4-6803-4B8D-8F69-3F584C548809}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0FDB93C9-DBC2-4694-B822-A3B4D20418B9}] => (Allow) svchost.exe
FirewallRules: [{5D5D7C8A-77DB-46D0-B242-0DC2E5F4DAF6}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{CAB61662-1C97-4DA8-9125-D2F907F0CF0C}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8C253058-D4CE-4A67-BA19-84F24AA52E8D}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{B2EEAFF8-FBDE-4C80-A4D4-338FD9646D51}] => (Allow) C:\Users\Have0\Downloads\AudioConverter_Setup.exe
FirewallRules: [{4CB999F9-80AE-499C-A5A1-E781B9FAE433}] => (Allow) C:\Users\Have0\Downloads\AudioConverter_Setup.exe
FirewallRules: [TCP Query User{CD581EB8-53F3-4935-A6D0-2E7812A51893}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{06023446-5686-40F8-828E-6E8A3F50F91A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{320B1F01-A4DC-457B-87F1-898A70D7D81B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{AB2EF3B4-8C4B-432F-A81C-68162CCCD655}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{49ADCAE4-CE4F-4A58-A864-7AC547B54D91}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{909F0EE1-2AC6-4B9F-86C8-3E8DC69345A2}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{EBCACC12-2791-41EE-A9FC-B4A3D9EE6B36}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{80FC0B9F-6444-4F5E-8690-2A514566314E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{2289EAA5-DEDC-4AAD-87C9-323E7A37D335}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1452AFC6-3680-4E76-AB89-8A7955B99276}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{D2D4A55A-A79B-4C9E-999E-6183FFDFAB03}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{551BEABD-E88F-4CA2-9465-30FD33E89D38}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{2166D924-B493-4379-B6F2-EA3C2A57C91B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B6681F01-BE31-466E-AF57-CF9EEC0853E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE741EF4-02F8-48AC-A2BA-08ABDED61057}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{903BD016-6DDD-45FF-9F7B-1A39CC76C07D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{0074333C-0E00-4D2E-B39D-F257D0C3B2AC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3CA60519-1587-41F1-88CD-35691EFE6CE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C725B6D0-AC6B-4AF2-A4E8-9FF451447B16}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8D536DA5-1234-4B16-91DB-8A64B76913B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B717A87A-64E6-4DFE-BA52-1285BCF1B504}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{90F2134E-1D74-4C4F-9784-29D93541B99A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{334DB732-9388-4F3D-8AE1-88EB86FC236E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{1FB866DB-F5AF-4CE6-AE7E-1C38404BDAFE}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{96336EBA-62D1-43E7-959B-A95E7B842E0A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{659700F9-63AE-4E22-B342-9446F4D479C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{CFA73E55-1BE6-4F67-9F43-961F6AE24B9E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{66E7EEBD-56D2-472D-900B-7F0BD5A04B47}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{11A0109E-7776-4943-A7F3-DB15B0E42FB4}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{75AF02A1-99DB-4825-BD44-AC55132643DF}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{96EC06D6-D4B9-40D9-9624-A17AC6123E27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5882AD78-7C88-485D-8A51-595D8F330B69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E0201C4-3CD2-43D4-9B50-F780CDF70292}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{EAB6603C-910B-4506-A1C4-BEE4EEC52E76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3A97F26C-3009-444B-B2E7-FC37CF282553}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{7DCB9F12-8AF2-4621-B755-9E85D70DC372}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [TCP Query User{E73B1009-4F98-48E0-B843-34E40E826806}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [UDP Query User{237D45EE-BD43-469E-95E5-8881A490AE6D}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [{29D4DBFC-0323-452F-A3B1-02480C01DABD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D0D0BCC2-5EC8-4A30-AE27-340A026A0F39}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DF29DF52-68BC-4FA9-AAB8-0CE55AC6951A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{394A9DC7-CB50-4BCE-BEB1-CF9949A1AA8A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{FB759A83-2B0F-4046-A43E-89EA4830FCE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DB7268EF-A24D-4CA0-844A-C5E5B5B3F138}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

==================== Herstelpunten =========================

31-07-2016 20:35:14 Windows Back-up
02-08-2016 15:15:32 WinZip 20.5 is verwijderd

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (07/03/2016 09:44:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0xdc8
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (07/03/2016 09:44:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (07/01/2016 04:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x1780
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (07/01/2016 04:38:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/30/2016 03:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x10d4
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/30/2016 03:50:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/29/2016 08:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x19c0
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/29/2016 08:32:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/28/2016 07:51:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x1b74
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/28/2016 07:51:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()


Systeemfouten:
=============
Error: (08/02/2016 07:52:44 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 06:24:28 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 05:20:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 04:38:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/02/2016 04:38:49 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 04:38:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/02/2016 04:38:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: vmwsprrdpwks.

Error: (08/02/2016 03:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Installer-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/02/2016 03:10:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
aswSnx

Error: (08/02/2016 03:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De avast! Antivirus-service is afhankelijk van de aswMonFlt-service, die vanwege de volgende fout niet kan worden gestart:
%%2 = Het systeem kan het opgegeven bestand niet vinden.

 

CodeIntegrity:
===================================
  Date: 2015-09-09 16:14:26.255
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:25.693
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:25.147
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:24.601
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:24.055
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:23.556
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:23.041
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:22.542
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-08 20:00:27.124
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-08 20:00:26.656
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Geheugen info ===========================

Processor: AMD Athlon(tm) II Dual-Core M300
Percentage geheugen in gebruik: 46%
Totaal fysiek RAM-geheugen: 4095.21 MB
Beschikbaar fysiek RAM-geheugen: 2205.61 MB
Totaal Virtueel geheugen: 13106.03 MB
Beschikbaar Virtual geheugen: 10665.14 MB

==================== Schijven ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:2.1 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:186.41 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208.9 GB) - (Type=OF Extended)

==================== Eind van Addition.txt ============================

Link naar reactie
Delen op andere sites
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Goede avond,

 

U heeft de tool niet op het bureaublad gestart, ( Downloads )  Verplaats het eerst even naar het bureaublad aub.

 

U gebruikt AVG antivirus maar ik zie ook Avast (in error) in het logje.

 

1. Ga naar start>configuratiescherm>software of programma's en onderdelen en verwijder daar Avast.
2. Volg hierna de onderstaande instructies.


Download aswClear5.exe naar het bureaublad.

  • Start de computer op in de veilige modus (klik)
  • Dubbelklik op "aswClear5.exe" om de uninstall tool te starten.
  • staat Avast niet in de standaard directory geïnstalleerd navigeer dan naar de juiste installatie directory.
    • Let op!!! de complete inhoud van deze directory zal verwijderd worden.
     
  • Klik nu op "Remove" en herstart de computer.

Link naar reactie
Delen op andere sites
Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Beste Juisterr, bedoelt u dat ik beiden loges op mijn bureaublad moet zetten ? Zijn dit wel de goede logfiles zo ? Of bedoelt u Farbar Recovery Scan Tool uitvoeren, dat ik dit programmaatje op mijn bureaublad moet plaatsen ? Sorry ik ben echt een leek met p.c.

En moet ik ervoor zorgen dat Avast verplaatst wordt naar software of programma's en onderdelen zetten en daarna verwijderen ?
Ik heb windows 7. Bedankt voor uw tijd !

aangepast door Have0
Link naar reactie
Delen op andere sites
  • 2 weken later...
juisterr Veteraan

juisterr

Geplaatst:
Geplaatst:

Goede middag,

 

Sorry voor het late antwoord.

 

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden. 
(hier en hier) kan je lezen hoe je dat doet.

en download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad.
klik hier voor meer informatie over hoe zoek.exe te gebruiken)

  • Wanneer Internet Explorer of een andere browser of virusscanner  melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.


  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
    emptyfolderscheck;delete
torpigcheck; 
firefoxlook; 
Chromelook;
services-list;  
autoclean; 
iedefaults; 

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht  als bijlage.


  

Link naar reactie
Delen op andere sites
Have0 Vergevorderde

Have0

Geplaatst:
  • Auteur
Geplaatst:
Spoiler 

Beste Juisterr,

het lijkt of de run blijft hangen ? Zie hieronder ? Doe ik iets fout of kan ik het beter opnieuw doen ?


Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Have0 on ma 22-08-2016 at 13:32:45,88.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Have0\Desktop\zoek.exe [Scan all users] [Script inserted] 

===== Runcheck 13:51:46,37 =====

--- Create Environment Variables 13:51:53,11 
--- Create System Restore Point 13:52:18,83 
--- Checking Input 13:53:21,37 
--- Torpig Check 13:55:14,64 
--- AU AppData Check 13:55:36,47 
--- Remove From Windows Installer 13:55:51,52 
--- Registry HKLM Software Check 14:05:24,57 
--- Quick Launch Shortcut Check 14:07:46,38 
--- IE Startpage Check 14:08:49,34 
--- Program Files DB Check 14:13:54,96 
--- C:\Users\Default\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Default User\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Have0\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Have0 DB Check 14:27:15,88 
--- C:\PROGRA~3 DB Check 14:28:38,44 
--- C:\Users\Default\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Default User\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Have0\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Public\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 14:29:41,34 
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 14:36:40,04 
--- C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 14:37:19,06 
--- Tasks DB Check 14:37:44,69 
--- Downloads DB Check 14:38:01,99 
--- C:\Users\Have0\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 14:38:24,40 
--- Tasks2 DB Check 14:41:22,01 
--- Documents DB Check 14:43:30,49 
--- C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058 DB Check 14:44:00,88 
--- C:\Users\Have0\AppData\Roaming\TomTom\HOME\Profiles\7gfw6mr0.default DB Check 14:44:00,88 
--- C:\Users\Public\Desktop DB Check 14:44:20,65 
--- C:\Users\Have0\Desktop DB Check 14:44:46,09 
--- Services DB Check 14:45:27,10 
--- FF prefs.js DB Check 14:48:51,68 
--- Del by CLSID 14:54:56,93 
--- Delete Services 14:57:43,03 
--- Delete files\folders 14:57:53,83 
--- Create Backups 14:57:54,38 
--- Folders in C:\PROGRA~3 0-6 Months 14:58:22,13 
--- Firefox Extensions 14:58:26,01

 

 

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.