Ga naar inhoud

Laptop traag


 Delen

Aanbevolen berichten

Beste lezer/lezeres, mijn laptop met windows 7 reageert erg traag. Bleef bijna hangen. Nu gaat het iets beter. Toch graag jullie advies als ik iets moet opschonen.

Hieronder een logfile. Alvast bedankt voor jullie tijd !

 

Logfile of random's system information tool 1.10 (written by random/random)
Run by Have0 at 2016-08-02 16:56:09
Microsoft Windows 7 Home Premium  Service Pack 1
System drive C: has 2 GB (3%) free of 76 GB
Total RAM: 4095 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:56:26, on 2-8-2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18347)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Have0.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll
O2 - BHO: Logitech Flow Scroll - {E11DB59D-5008-42ff-9069-535843BC0BE1} - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - Global Startup: FAH.lnk = C:\Program Files\WinZip\FAHConsole.exe
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 9.0 Sprint Licensing Service (ABBYY.Licensing.FineReader.Sprint.9.0) - ABBYY - C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Amazon 1Button App Service - Amazon Inc. - C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (file missing)
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: VMware Netlink Supervisor Service (ftnlsv3hv) - Unknown owner - C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
O23 - Service: VMware Scanner Redirection Client Service (ftscanmgr) - Unknown owner - C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VMware USB Arbitration Service (VMUSBArbService) - VMware, Inc. - C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe
O23 - Service: VMware View USB (vmware-view-usbd) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
O23 - Service: VMware Serial Com Redirection Client service (vmwsprrdpwks) - VMware - C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.2 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: VMware Horizon Client (wsnm) - VMware, Inc. - C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 11236 bytes

======Listing Processes======

 

\SystemRoot\System32\smss.exe
c:\PROGRA~2\AVG\Av\avgrsa.exe /boot
C:\Program Files (x86)\AVG\Av\avgcsrva.exe /pipeName=44800c66-0200-0000-99d5-cd083f859666 /binaryPath="C:\Program Files (x86)\AVG\Av\\" /logPath=C:\Windows\system32\config\systemprofile\AppData\Local\Avg\log\av16 /logCfgPath=C:\ProgramData\Avg\log\av16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
winlogon.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
"C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe"
"C:\Program Files\ATKGFNEX\GFNEXSrv.exe"
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe" -service
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe"
"C:\Program Files (x86)\AVG\Av\avgidsagenta.exe"
"C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe"
"taskhost.exe"
"C:\Program Files (x86)\AVG\Av\avgwdsvca.exe"
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe"
taskeng.exe {3318E7F8-628D-4A5A-887B-59C906ACAF4E}
"C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe"
"C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
Atouch64.exe
"C:\Program Files\P4G\BatteryLife.exe"
"C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe"
"C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe"
ATKOSD.exe
KBFiltr.exe
"C:\Windows\SysWOW64\ACEngSvr.exe" -Embedding
WDC.exe
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe"
"C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe"
"C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe"
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe"
"C:\Program Files (x86)\AVG\Av\avgnsa.exe"
"C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe" -SCMStartup
"C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe"
"C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe" -SCMStartup
"C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE"
C:\Windows\Explorer.EXE
"C:\Program Files\Elantech\ETDCtrl.exe"
"C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"C:\Program Files\Logitech\FlowScroll\KhalScroll.exe"
"C:\Program Files\WinZip\FAHWindow64.exe" register
KHALMNPR.EXE /API
"C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe"
"C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe"
"C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
 /fmw.trayonly
 /TRAYONLY
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
ctfmon.exe
C:\Windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe" -auto -critical
"C:\Program Files (x86)\Mozilla Firefox\firefox.exe"
taskeng.exe {AC06DE4F-ED44-45CD-A111-52ECE769A0E0}
"C:\Program Files\WinZip\WzBGTools.exe"
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\AUDIODG.EXE 0x96c
"C:\Users\Have0\Downloads\RSITx64.exe"
C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe  

=========Mozilla firefox=========

ProfilePath - C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]
"Description"=
"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/OfficeLive,version=1.3]
"Description"=Office Live Update v1.3
"Path"=C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 22.0.0.209 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.5.0]
"Description"=
"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL


C:\Program Files (x86)\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files (x86)\Mozilla Firefox\plugins\
np-mswmp.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08 68960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08 435992]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Aanmelden - Help - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
AVG Web TuneUp - C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27 2248776]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08 173120]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E11DB59D-5008-42ff-9069-535843BC0BE1}]
Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll [2012-02-08 367384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26 431104]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2009-07-30 617856]
"AmIcoSinglun64"=C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [2009-04-09 320000]
"VMware Netlink 3 HV Install Utility"=C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [2015-06-16 70080]
"LogiScrollApp"=C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [2012-02-08 166680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25 1110232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS Screen Saver Protector]
C:\Windows\AsScrPro.exe [2009-12-19 3058304]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [2012-11-05 89184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files (x86)\CCleaner\CCleaner64.exe [2016-02-12 8641240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [2008-07-19 104936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EeeStorageBackup]
C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe [2009-08-25 947472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EEventManager]
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [2010-10-12 979328]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2009-09-11 2244608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [2008-12-02 3882312]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files (x86)\QuickTime\QTTask.exe [2014-01-17 421888]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files (x86)\Skype\Phone\Skype.exe [2015-01-23 31087200]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TomTomHOME.exe]
C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [2015-07-13 248176]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateLBPShortCut]
C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [2009-05-20 222504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateP2GoShortCut]
C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\uTorrent]
C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
C:\Program Files (x86)\Xvid\CheckUpdate.exe [2011-01-17 8192]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk]
C:\PROGRA~2\USB_VI~1\Utility\REMOTE~1\BDAREM~1.EXE [2005-08-19 77908]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-melder.lnk]
C:\PROGRA~1\WinZip\WZUPDA~1.EXE [2016-05-01 1531616]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk]
C:\PROGRA~1\WinZip\WZPREL~1.EXE [2016-05-01 133216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Have0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk]
C:\PROGRA~3\{D1AEA~1\INVOOR~1.EXE --startup=1 []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HControlUser"=C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [2009-06-19 105016]
"ATKOSD2"=C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [2009-08-17 6859392]
"ATKMEDIA"=C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [2009-08-20 170624]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-07-30 98304]
"AVG_UI"=C:\Program Files (x86)\AVG\Av\avuirunnerx.exe [2016-07-22 32528]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01 596504]
"AvgUi"=C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [2016-07-20 186640]
"vProt"=C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2016-07-27 2162760]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
FAH.lnk - C:\Program Files\WinZip\FAHConsole.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=16
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"vidc.XVID"=xvidvfw.dll
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2016-08-02 16:56:09 ----DC---- C:\rsit
2016-08-01 17:46:03 ----DC---- C:\Program Files (x86)\Amazon Browser Settings
2016-07-26 14:34:03 ----DC---- C:\Program Files\Common Files\AVG Secure Search
2016-07-26 14:32:57 ----DC---- C:\ProgramData\AVG Web TuneUp
2016-07-26 14:32:33 ----DC---- C:\Program Files (x86)\AVG Web TuneUp

======List of files/folders modified in the last 1 month======

2016-08-03 00:40:51 ----SHDC---- C:\Windows\Installer
2016-08-03 00:40:51 ----SDC---- C:\Windows\system32\GWX
2016-08-03 00:40:51 ----DC---- C:\Windows\Tasks
2016-08-03 00:40:51 ----DC---- C:\Windows\SysWOW64
2016-08-03 00:40:51 ----DC---- C:\Windows\system32\wfp
2016-08-03 00:40:51 ----DC---- C:\Windows\system32\catroot2
2016-08-03 00:40:51 ----DC---- C:\Windows\System32
2016-08-03 00:40:51 ----DC---- C:\Windows
2016-08-03 00:40:51 ----DC---- C:\ProgramData\P4G
2016-08-03 00:40:51 ----DC---- C:\ProgramData\Oracle
2016-08-03 00:40:51 ----D---- C:\Windows\system32\DriverStore
2016-08-03 00:40:50 ----DC---- C:\Program Files (x86)\Java
2016-08-03 00:40:50 ----DC---- C:\Program Files (x86)\Common Files
2016-08-03 00:40:48 ----DC---- C:\Windows\system32\wbem
2016-08-03 00:40:48 ----DC---- C:\Windows\registration
2016-08-03 00:39:43 ----RDC---- C:\Program Files (x86)
2016-08-02 16:56:20 ----DC---- C:\Program Files\trend micro
2016-08-02 16:54:37 ----DC---- C:\Windows\Temp
2016-08-02 15:59:45 ----DC---- C:\Windows\system32\config
2016-08-02 15:18:23 ----SHD---- C:\System Volume Information
2016-08-02 15:09:07 ----DC---- C:\Windows\system32\Tasks
2016-08-02 14:51:06 ----DC---- C:\ProgramData\MFAData
2016-08-02 14:42:03 ----DC---- C:\Windows\system32\drivers
2016-08-01 13:16:00 ----DC---- C:\Windows\Prefetch
2016-07-30 14:28:32 ----DC---- C:\Windows\inf
2016-07-30 14:28:32 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2016-07-30 14:28:02 ----DC---- C:\Windows\system32\FxsTmp
2016-07-28 10:50:29 ----DC---- C:\ProgramData
2016-07-27 23:09:55 ----DC---- C:\Config.Msi
2016-07-26 14:34:03 ----DC---- C:\Program Files\Common Files
2016-07-25 16:49:07 ----DC---- C:\Windows\pss
2016-07-12 21:02:38 ----AC---- C:\Windows\SYSWOW64\FlashPlayerApp.exe
2016-07-12 21:02:14 ----DC---- C:\Windows\system32\Macromed
2016-07-12 21:02:07 ----DC---- C:\Windows\SYSWOW64\Macromed
2016-07-12 21:02:02 ----AC---- C:\Windows\SYSWOW64\FlashPlayerInstaller.exe
2016-07-11 22:55:23 ----DC---- C:\ProgramData\Microsoft Help
2016-07-04 17:50:39 ----DC---- C:\Windows\debug

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-11-02 65776]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-11-02 224896]
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\Windows\system32\DRIVERS\AtiPcie.sys [2009-05-05 16440]
R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2016-06-01 261376]
R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2016-02-16 360736]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2016-06-02 249088]
R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2016-06-01 52992]
R0 avguniva;AVG Universal Driver; C:\Windows\system32\DRIVERS\avguniva.sys [2016-06-01 76544]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2014-06-22 213888]
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [2014-11-02 93568]
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys [2014-11-02 426848]
R1 Avgdiska;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiska.sys [2016-05-13 163072]
R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2016-06-09 310016]
R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2016-06-01 260352]
R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2016-06-01 280320]
R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2014-12-19 52000]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ASMMAP64;ASMMAP64; \??\C:\Program Files\ATKGFNEX\ASMMAP64.sys [2007-07-24 14904]
R2 aswHwid;avast! HardwareID; C:\Windows\system32\drivers\aswHwid.sys [2014-11-02 29208]
R2 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-11-02 92008]
R2 hcmon;VMware hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [2015-07-30 57536]
R3 Afc;PPdus ASPI Shell; C:\Windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-27 2753536]
R3 AtiHdmiService;ATI Service for HD Audio Codec; C:\Windows\system32\drivers\AtiHdmi.sys [2009-07-23 119312]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-07-30 6038016]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2009-07-09 140800]
R3 kbfiltr;Keyboard Filter; C:\Windows\system32\DRIVERS\kbfiltr.sys [2009-07-20 15416]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1E62x64.sys [2009-08-23 56320]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2011-09-02 66840]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2011-09-02 60696]
R3 MTsensor;ATK0100 ACPI UTILITY; C:\Windows\system32\DRIVERS\ATK64AMD.sys [2009-05-13 15928]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2012-12-28 82816]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-05 1806400]
R3 usbfilter;AMD USB Filter Driver; C:\Windows\system32\DRIVERS\usbfilter.sys [2009-04-03 34872]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2009-07-09 1222144]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys [2014-11-02 1041168]
S2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [2014-11-02 79184]
S3 AmUStor;AM USB Stroage Driver; C:\Windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 95232]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 41984]
S3 BthPan;Bluetooth-apparaat (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\Windows\System32\Drivers\BTHport.sys [2013-01-23 552960]
S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2008-12-08 61792]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-07-04 19456]
S3 RFCOMM;Bluetooth-apparaat (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver; C:\Windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-07-04 56832]
S3 USB28xxBGA;DVBT Hybrid TV Device; C:\Windows\system32\DRIVERS\emBDA64.sys [2007-08-31 581120]
S3 USB28xxOEM;USB 28xx OEM Filter; C:\Windows\system32\DRIVERS\emOEM64.sys [2007-08-31 54400]
S3 usbscan;Stuurprogramma voor USB-scanner; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2008-05-24 154168]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-05-14 759048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-06-25 82128]
R2 Amazon 1Button App Service;Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [2016-02-17 436032]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-07-29 203264]
R2 ASLDRService;ASLDR Service; C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe [2009-06-16 84536]
R2 ATKGFNEXSrv;ATKGFNEX Service; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [2007-08-08 94208]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [2016-07-22 5251808]
R2 avgsvc;AVG Service; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [2016-07-20 1097488]
R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [2016-07-22 712792]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04); C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-02-21 151648]
R2 ftnlsv3hv;VMware Netlink Supervisor Service; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [2015-06-16 226240]
R2 ftscanmgr;VMware Scanner Redirection Client Service; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [2015-07-31 6363792]
R2 TomTomHOMEService;TomTomHOMEService; C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe [2015-07-13 93040]
R2 VMUSBArbService;VMware USB Arbitration Service; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [2015-07-30 910016]
R2 vmware-view-usbd;VMware View USB; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [2015-07-31 1156824]
R2 vmwsprrdpwks;VMware Serial Com Redirection Client service; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [2015-05-08 261776]
R2 vToolbarUpdater40.3.2;vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [2016-07-26 1309768]
R3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe []
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-01-02 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12 270016]
S3 AvgAMPS;AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [2016-07-22 637944]
S3 fsssvc;Windows Live Family Safety; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2008-12-08 533344]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2016-06-27 114688]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 30814400]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-06-28 146888]
S3 ose;Office  Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-19 1255736]
S4 aspnet_state;ASP.NET-statusservice; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]

-----------------EOF-----------------

 

Link naar reactie
Delen op andere sites


Download de 51a5c8edc4692-icon1337952077.pngFarbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links


Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren

  • Dubbelklik op FRST.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
  • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

Link naar reactie
Delen op andere sites

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 27-07-2016
Gestart door Have0 (Beheerder) op HAVE0-PC (02-08-2016 19:58:08)
Gestart vanaf C:\Users\Have0\Downloads
Geladen Profielen: Have0 (Beschikbare Profielen: Have0)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\AsLdrSrv.exe
() C:\Program Files\ATKGFNEX\GFNEXSrv.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Amazon Inc.) C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ATK) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
() C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
() C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\KBFiltr.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
() C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
() C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(VMware) C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Logitech, Inc.) C:\Program Files\Logitech\FlowScroll\KhalScroll.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow64.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzBGTools.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\smartlogon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [617856 2009-07-30] (ELAN Microelectronic Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [320000 2009-04-09] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [VMware Netlink 3 HV Install Utility] => C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnliu.exe [70080 2015-06-16] ()
HKLM\...\Run: [LogiScrollApp] => C:\Program Files\Logitech\FlowScroll\KhalScroll.exe [166680 2012-02-08] (Logitech, Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe [6859392 2009-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe [170624 2009-08-20] (ASUS)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6723856 2016-07-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596504 2016-04-01] (Oracle Corporation)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2162760 2016-07-27] ()
ShellIconOverlayIdentifiers: [OverlayIconExtension1] -> {fe25455d-b4c2-4e32-97d2-92632ec1c224} => C:\Windows\system32\mscoree.dll [2014-06-22] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [OverlayIconExtension2] -> {1fae2d88-a78e-4f03-909f-be818a3c1ce6} => C:\Windows\system32\mscoree.dll [2014-06-22] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-05-23]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{0EA11D21-C604-40D3-8842-A6221DBC8140}: [DhcpNameServer] 89.101.251.229 89.101.251.228
Tcpip\..\Interfaces\{5166A127-CB30-4E2A-B84B-F3181148EDF2}: [DhcpNameServer] 89.101.251.229 89.101.251.228

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=hp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816av&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={9C7DE099-C08F-4A64-ADB7-EFB90EA0A21B}&mid=9c219bb92d2547d6a4ba318208a5bbb0-894fcf9ed17a22fae9af4b3295cfe5ed7eda62d4&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816av&pr=fr&d=2014-08-29 17:46:32&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001 -> {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxps://www.amazon.com/gp/bit/amazonserp/ref=bit_bds-p17_serp_ie_us_display?ie=UTF8&tagbase=bds-p17&tbrId=v1_abb-channel-17_0cb6e8ab_1201_1403_20160405_NL_ie_ds_&tag=bds-p17-serp-us-ie-20&query={searchTerms}
BHO: Windows Live Family Safety Browser Helper Class -> {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} -> C:\Program Files\Windows Live\Family Safety\fssbho.dll [2008-12-08] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Windows Live Aanmelden - Help -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27] (AVG)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-08] (Oracle Corporation)
BHO-x32: Logitech Flow Scroll -> {E11DB59D-5008-42ff-9069-535843BC0BE1} -> C:\Program Files\Logitech\FlowScroll\32-bit\LogiSmooth.dll [2012-02-08] (Logitech, Inc.)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2011-01-26] (SEIKO EPSON CORPORATION)
Handler: linkscanner - Geen CLSID Waarde
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-02] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\Windows\system32\npDeployJava1.dll [2012-07-11] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [Geen bestand]
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.3 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2008-11-13] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-04] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2578091034-2730396283-2997144666-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Have0\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [Geen bestand]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-05-16] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-05-16] (Apple Inc.)
FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared => niet gevonden
FF HKLM-x32\...\Firefox\Extensions: [{5D3F3872-91E9-4d59-AD9F-AA174A3145DD}] - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt
FF Extension: Logitech Flow Scroll - C:\Program Files\Logitech\FlowScroll\LogiSmoothFirefoxExt [2016-06-17] [ niet getekend]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => niet gevonden

Chrome:
=======
CHR dev: Chrome dev build gedetecteerd! <======= AANDACHT
CHR HKLM-x32\...\Chrome\Extension: [geooogfhpjdpeiphckpbgkhpbeobcaoi] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx [2016-06-17]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Amazon 1Button App Service; C:\Program Files (x86)\Amazon\Amazon1ButtonApp\Amazon1ButtonService64.Exe [436032 2016-02-17] (Amazon Inc.)
R2 ATKGFNEXSrv; C:\Program Files\ATKGFNEX\GFNEXSrv.exe [94208 2007-08-08] () [Bestand niet getekend]
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [637944 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5251808 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [712792 2016-07-22] (AVG Technologies CZ, s.r.o.)
R2 ftnlsv3hv; C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe [226240 2015-06-16] ()
R2 ftscanmgr; C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe [6363792 2015-07-31] ()
R2 vmware-view-usbd; C:\Program Files (x86)\VMware\VMware Horizon View Client\bin\vmware-view-usbd.exe [1156824 2015-07-31] (VMware, Inc.)
R2 vmwsprrdpwks; C:\Program Files (x86)\Common Files\VMware\SerialPortRedirection\Client\vmwsprrdpwks.exe [261776 2015-05-08] (VMware)
R2 vToolbarUpdater40.3.2; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.2\ToolbarUpdater.exe [1309768 2016-07-26] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-06-28] (Microsoft Corporation)
R2 wsnm; C:\Program Files (x86)\VMware\VMware Horizon View Client\wsnm\wsnm.exe [533208 2015-08-19] (VMware, Inc.)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [976456 2016-07-27] ()
S2 avast! Antivirus; "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" [X]

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 ASMMAP64; C:\Program Files\ATKGFNEX\ASMMAP64.sys [14904 2007-07-24] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-02] ()
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-11-02] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-02] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-02] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-02] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [426848 2014-11-02] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-11-02] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-11-02] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [310016 2016-06-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [261376 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [249088 2016-06-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [280320 2016-06-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2014-12-19] (AVG Technologies)
R0 avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [76544 2016-06-01] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806400 2009-06-05] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 tmlwf; geen ImagePath
U3 tmwfp; geen ImagePath

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-02 19:58 - 2016-08-02 20:00 - 00021845 ____C C:\Users\Have0\Downloads\FRST.txt
2016-08-02 19:57 - 2016-08-02 19:58 - 00000000 ___DC C:\FRST
2016-08-02 19:54 - 2016-08-02 19:56 - 02394112 ____C (Farbar) C:\Users\Have0\Downloads\FRST64.exe
2016-08-02 16:56 - 2016-08-02 16:56 - 00000000 ___DC C:\rsit
2016-08-02 16:54 - 2016-08-02 16:54 - 01222144 ____C C:\Users\Have0\Downloads\RSITx64.exe
2016-08-02 15:19 - 2016-08-02 15:19 - 00000000 ___DC C:\Users\Have0\Desktop\Oude Firefox-gegevens
2016-08-02 14:43 - 2016-08-02 15:09 - 00003170 ____C C:\Windows\System32\Tasks\P4GIntlCtrl
2016-08-01 17:46 - 2016-08-03 00:40 - 00000000 ___DC C:\Program Files (x86)\Amazon Browser Settings
2016-07-27 23:11 - 2016-07-27 23:11 - 00626176 ____C C:\new.avi
2016-07-26 14:34 - 2016-07-26 18:48 - 00000000 ___DC C:\Users\Have0\AppData\Local\AVG Web TuneUp
2016-07-26 14:34 - 2016-07-26 14:34 - 00000000 ___DC C:\Program Files\Common Files\AVG Secure Search
2016-07-26 14:32 - 2016-07-27 16:45 - 00000000 ___DC C:\ProgramData\AVG Web TuneUp
2016-07-26 14:32 - 2016-07-27 16:44 - 00000000 ___DC C:\Program Files (x86)\AVG Web TuneUp
2016-07-21 18:14 - 2016-07-21 18:14 - 02530304 ____C (BitTorrent Inc.) C:\Users\Have0\Downloads\uTorrent.exe
2016-07-21 18:13 - 2016-07-21 18:14 - 00012239 ____C C:\Users\Have0\Downloads\08FFDAF1C7FB4A5B9D9AFBE88E3FF9D8B9723C00.torrent
2016-07-20 20:19 - 2016-07-20 20:19 - 17133900 ____C C:\Users\Have0\Downloads\PlayStore_v6.8.22.F-all.apk
2016-07-11 13:34 - 2016-07-11 13:34 - 00064680 ____C C:\Users\Have0\Downloads\BM9910-3792378.pdf

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-03 00:40 - 2015-12-15 20:42 - 00000000 __SDC C:\Windows\system32\GWX
2016-08-03 00:40 - 2015-12-15 20:17 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-03 00:40 - 2015-12-15 20:14 - 00000000 ___DC C:\ProgramData\Oracle
2016-08-03 00:40 - 2010-08-31 15:49 - 00000000 ___DC C:\Program Files (x86)\Java
2016-08-03 00:40 - 2009-12-19 04:43 - 00000000 ___DC C:\ProgramData\P4G
2016-08-03 00:40 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\registration
2016-08-02 19:53 - 2013-05-31 19:52 - 00000940 ____C C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-08-02 18:24 - 2014-05-16 11:38 - 00000000 ___DC C:\Users\Have0\Documents\Outlook-bestanden
2016-08-02 16:58 - 2009-07-14 06:45 - 00019056 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-02 16:58 - 2009-07-14 06:45 - 00019056 ___HC C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-02 16:56 - 2013-10-21 21:35 - 00000000 ___DC C:\Program Files\trend micro
2016-08-02 15:13 - 2014-06-19 19:18 - 00003486 ____C C:\Windows\System32\Tasks\AutoKMS
2016-08-02 15:08 - 2009-07-14 07:08 - 00000006 ___HC C:\Windows\Tasks\SA.DAT
2016-08-02 14:51 - 2010-11-17 23:21 - 00000000 ___DC C:\ProgramData\MFAData
2016-08-02 14:43 - 2010-02-24 21:13 - 00000000 ___DC C:\Users\Have0
2016-08-01 17:33 - 2015-12-15 20:18 - 00000000 ___DC C:\Users\Have0\.oracle_jre_usage
2016-07-31 14:26 - 2014-06-29 13:39 - 00192216 ____C (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-07-30 14:28 - 2009-08-04 12:15 - 00748952 ____C C:\Windows\system32\perfh013.dat
2016-07-30 14:28 - 2009-08-04 12:15 - 00154962 ____C C:\Windows\system32\perfc013.dat
2016-07-30 14:28 - 2009-07-14 07:32 - 00000000 ___DC C:\Windows\system32\FxsTmp
2016-07-30 14:28 - 2009-07-14 07:13 - 01679026 ____C C:\Windows\system32\PerfStringBackup.INI
2016-07-30 14:28 - 2009-07-14 05:20 - 00000000 ___DC C:\Windows\inf
2016-07-28 10:52 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2016-07-25 20:54 - 2016-05-14 15:00 - 00000938 ____C C:\Users\Public\Desktop\AVG Protection.lnk
2016-07-25 20:54 - 2016-05-14 15:00 - 00000000 ___DC C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-07-25 16:49 - 2011-09-19 23:32 - 00000000 ___DC C:\Windows\pss
2016-07-14 20:53 - 2015-10-14 19:41 - 00004476 ____C C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-14 20:52 - 2015-11-23 20:23 - 00002441 ____C C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-12 21:02 - 2016-04-07 20:08 - 06079168 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-07-12 21:02 - 2013-05-31 19:52 - 00003878 ____C C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 21:02 - 2012-07-29 16:10 - 00796352 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-12 21:02 - 2012-07-29 16:10 - 00142528 ____C (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 21:02 - 2012-07-29 16:10 - 00000000 ___DC C:\Windows\system32\Macromed
2016-07-12 21:02 - 2009-12-19 04:24 - 00000000 ___DC C:\Windows\SysWOW64\Macromed

==================== Bestanden in de root van sommige mappen =======

2012-12-28 20:37 - 2012-12-28 20:37 - 0099384 ____C () C:\Users\Have0\AppData\Roaming\inst.exe
2012-12-28 20:37 - 2012-12-28 20:37 - 0007859 ____C () C:\Users\Have0\AppData\Roaming\pcouffin.cat
2012-12-28 20:37 - 2012-12-28 20:37 - 0001167 ____C () C:\Users\Have0\AppData\Roaming\pcouffin.inf
2012-12-28 20:37 - 2012-12-28 20:37 - 0082816 ____C (VSO Software) C:\Users\Have0\AppData\Roaming\pcouffin.sys
2012-01-16 19:58 - 2015-10-03 20:59 - 0017408 ____C () C:\Users\Have0\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-16 21:17 - 2015-11-01 18:36 - 24211322 ____C () C:\Users\Have0\AppData\Local\package.nw.new
2015-01-21 19:31 - 2015-01-21 19:31 - 0007609 ____C () C:\Users\Have0\AppData\Local\Resmon.ResmonCfg
2014-04-11 15:58 - 2014-04-11 16:00 - 0002199 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.155801.txt
2014-04-11 16:07 - 2014-04-11 16:07 - 0002217 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.160720.txt
2014-04-11 16:22 - 2014-04-11 16:23 - 0002220 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20140411.162228.txt
2014-12-02 17:43 - 2014-12-02 17:44 - 0002201 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20141202.164319.txt
2014-12-02 17:45 - 2014-12-02 17:46 - 0002218 ____C () C:\Users\Have0\AppData\Local\WiDiSetupLog.20141202.164555.txt
2015-09-13 17:06 - 2015-09-13 17:06 - 0004105 ____C () C:\ProgramData\wmzddnmb.cix
2009-12-19 04:10 - 2009-12-19 04:11 - 0000105 ____C () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-12-19 04:10 - 2009-12-19 04:10 - 0000107 ____C () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log

Sommige bestanden in TEMP:
====================
C:\Users\Have0\AppData\Local\Temp\avguirn_08493044749.exe
C:\Users\Have0\AppData\Local\Temp\avguirn_08714411002.exe
C:\Users\Have0\AppData\Local\Temp\avguirn_08749983667.exe
C:\Users\Have0\AppData\Local\Temp\jre-8u101-windows-au.exe
C:\Users\Have0\AppData\Local\Temp\LMkRstPt.exe


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-06-12 20:29

==================== Eind van FRST.txt ============================

Link naar reactie
Delen op andere sites


Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 27-07-2016
Gestart door Have0 (2016-08-02 20:01:35)
Gestart vanaf C:\Users\Have0\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2010-02-24 19:12:57)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2578091034-2730396283-2997144666-500 - Administrator - Disabled)
Gast (S-1-5-21-2578091034-2730396283-2997144666-501 - Limited - Disabled)
Have0 (S-1-5-21-2578091034-2730396283-2997144666-1001 - Administrator - Enabled) => C:\Users\Have0
HomeGroupUser$ (S-1-5-21-2578091034-2730396283-2997144666-1002 - Limited - Enabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

ABBYY FineReader 9.0 Sprint (HKLM-x32\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (x32 Version: 9.01.513.58212 - ABBYY) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}) (Version: 1.2.17.25001 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.17.25001 - Alcor Micro Corp.) Hidden
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazon 1Button App (x32 Version: 2.3.4 - Amazon) Hidden <==== AANDACHT
AMD USB Filter Driver (HKLM-x32\...\{82809116-D1EE-443C-AE31-F19E709DDF7A}) (Version: 1.0.11.86 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.6 - ASUS)
ASUS AP Bank (HKLM-x32\...\ASUS AP Bank_is1) (Version: 1.0.0.0 - ASUSTEK)
ASUS FancyStart (HKLM-x32\...\{F0DF4513-3C4C-4EB8-8012-2C5F70AF3988}) (Version: 1.0.6 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.20 - ASUS)
ASUS Live Update (HKLM-x32\...\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}) (Version: 2.5.9 - ASUS)
ASUS MultiFrame (HKLM-x32\...\{9D48531D-2135-49FC-BC29-ACCDA5396A76}) (Version: 1.0.0019 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.24 - ASUS)
ASUS SmartLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0007 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0028 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.18 - asus)
Asus WebStorage (HKLM\...\Asus WebStorage) (Version: 2.0.31.477 - eCareme Technologies, Inc.)
Atheros Communications Inc.(R) AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.16 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{138CD2BA-D40F-B371-83A2-6412684CEFDD}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
ATK Generic Function Service (HKLM-x32\...\{D3D54F3E-C5C3-443D-978F-87A72E5616E8}) (Version: 1.00.0008 - ATK)
ATK Hotkey (HKLM-x32\...\{7C05592D-424B-46CB-B505-E0013E8E75C9}) (Version: 1.0.0052 - ASUS)
ATK Media (HKLM-x32\...\{D1E5870E-E3E5-4475-98A6-ADD614524ADF}) (Version: 2.0.0006 - ASUS)
ATKOSD2 (HKLM-x32\...\{3B05F2FB-745B-4012-ADF2-439F36B2E70B}) (Version: 7.0.0006 - ASUS)
AVG (Version: 16.91.7690 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.3681 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4627 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.91.7690 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.2.18 - AVG Technologies)
Basishandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Bog) (Version:  - )
Belle en het Beest - De Ster van het Bal (HKLM-x32\...\La Belle et la Bete - La Belle du bal) (Version:  - )
ccc-core-static (x32 Version: 2009.0729.2227.38498 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.15 - Piriform)
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ControlDeck (HKLM-x32\...\{5B65EF64-1DFA-414A-8C94-7BB726158E21}) (Version: 1.0.4 - ASUS)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1720 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.2713 - CyberLink Corp.)
Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION)
EasyVideoMaker (HKLM-x32\...\{03EC818F-96E5-497F-AF28-EC6BC4CF32D3}) (Version: 5.15 - Easy Video Maker)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON SX440 Series Printer Uninstall (HKLM\...\EPSON SX440 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
ETDWare PS/2-x64 7.0.5.7_WHQL (HKLM\...\Elantech) (Version:  - )
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.4 - ASUS)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Free Audio Converter version 5.0.59.525 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.59.525 - DVDVideoSoft Ltd.)
Gebruikershandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Useg) (Version:  - )
inSSIDer (HKLM-x32\...\{65A5E87D-7A3F-4819-807D-B86990D5F369}) (Version: 2.1.6 - MetaGeek)
Intel WiDi Media Share (x32 Version: 1.1.0.0 - Intel Corporation) Hidden
Intel® WiDi Media Share (HKLM-x32\...\{32d14b1d-18fa-48e7-867d-93b7a72c816a}) (Version: 1.1.0.0 - Intel Corporation)
Island Wars 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110304260}) (Version:  - Oberon Media)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Logitech Flow Scroll 4.0 (HKLM\...\Sn1) (Version: 4.00.33 - Logitech)
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.3 (HKLM-x32\...\{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}) (Version: 2.0.2313.0 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95120000-0120-0413-0000-0000000FF1CE}) (Version: 12.0.6414.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft1.7.4 (HKLM-x32\...\Minecraft1.7.4) (Version:  - )
Movavi Video Editor 10 (HKLM-x32\...\Movavi Video Editor 10) (Version: 10.3.0 - Movavi)
Mozilla Firefox 47.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 nl)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.1.6018 - Mozilla)
Netwerkhandleiding EPSON SX440 Series (HKLM-x32\...\EPSON SX440 Series Netg) (Version:  - )
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
SABnzbd 0.7.16 (HKLM-x32\...\SABnzbd) (Version: 0.7.16 - The SABnzbd Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Smileyville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110413757}) (Version:  - Oberon Media)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TomTom HOME (HKLM-x32\...\{5DCB2EB3-87AD-426E-8D74-8B92C9D731C4}) (Version: 2.9.8 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TVersity Codec Pack 1.7 (HKLM-x32\...\TVersity Codec Pack) (Version: 1.7 - TVersity Inc.)
USB 2.0 1.3M UVC WebCam (HKLM\...\USB 2.0 1.3M UVC WebCam) (Version:  - )
USB Audio/Vide Driver (HKLM-x32\...\InstallShield_{03CD367D-3959-4529-81B6-B7C80F146781}) (Version: 1.00.0000 - )
USB Audio/Vide Driver (x32 Version: 1.00.0000 - ) Hidden
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VMware Horizon Client (HKLM\...\{783A7221-AF59-4F7D-8D88-FBE4266BC8F6}) (Version: 3.5.0.29526 - VMware, Inc.)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter 10.5_is1) (Version:  - ZJ Computing,Inc.)
Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live aanmeldhulp (HKLM-x32\...\{7E1FBCB0-500C-4A0D-AC9C-B1B76E75666B}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{A5F3E8C0-E949-40D0-B529-D34A4BCDA43C}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.29.0 - ASUS)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip 20.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C24105}) (Version: 20.5.12118 - WinZip Computing, S.L. )
Wireless Console 3 (HKLM-x32\...\{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}) (Version: 3.0.11 - ASUS)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.1) (Version: 1.3.1 - Xvid Team)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001_Classes\CLSID\{CB2B673F-D441-4CD4-AFBE-DC4037CA4220}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {3BF87D6F-3241-4CCB-A284-20706C34C1DA} - System32\Tasks\WinZipBackGroundToolsTask => C:\Program Files\WinZip\WzBGTools.exe [2016-05-01] (WinZip Computing, S.L.)
Task: {4928B02E-BF35-4DBF-A521-74E0EB8443BF} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {4D03DA6C-90B6-4BC3-9610-17B2F0714065} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {55271D53-419F-468D-ACB2-7D4A76F1A975} - System32\Tasks\{A43D4B78-0311-4C53-983B-3317133FAC60} => C:\Program Files (x86)\LG Software Innovations\1Click DVD Copy Pro\1ClickDvdCopyPro.exe
Task: {5FB2FC62-791A-46E9-95B1-1F36EB423DDE} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-06-19] ()
Task: {637072CC-07CF-4B3A-8CB4-4E0048E95B63} - System32\Tasks\P4GIntlCtrl => C:\Program Files\P4G\IntlCtrl.exe [2009-08-12] (TODO: <Company name>)
Task: {6A21E193-7A92-4E68-979C-676F0F4365D0} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {7CC95640-FBCF-47B6-B317-0FB0710FDD3D} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2009-07-23] (ATK)
Task: {AFCE63F4-53EC-4858-928F-734010A3F4C3} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2009-09-08] (ATK)
Task: {B4B1F1F8-243C-4900-893F-5B72948B53D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {B8C3EC42-7818-4D91-A1B7-AACA6C0302AE} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2009-05-19] (ASUS)
Task: {C496B371-F6F2-4025-B3E3-5E183E8A200E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2016-02-12] (Piriform Ltd)
Task: {CC2C9781-5EB7-4EB5-9494-C84ED6F3C4CC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {CEE2FC1F-A3E3-4EA7-B8F0-9A1F1D909BAA} - System32\Tasks\WC3 => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2009-09-05] ()
Task: {DB339C1A-15AF-41D6-B38B-26B0915B5EC3} - System32\Tasks\ASUSControlDeck => C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe [2009-09-24] ()
Task: {F9175C10-4AB6-43E2-AC34-3492F0EAF781} - System32\Tasks\{6F034AA8-8BDD-4443-BDC7-9F8C6D7A8AB4} => pcalua.exe -a C:\Users\Have0\Downloads\Setup.exe -d C:\Users\Have0\Downloads
Task: {FBA7058E-908E-455F-9ACD-1DE4C4606DB1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {FEDC8796-AADC-452C-BE07-7E81320D10BF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

Shortcut: C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mijn websites bij MSN\target.lnk -> hxxp://www.msnusers.com

==================== Geladen Modules (gefilterd) ==============

2016-07-26 14:32 - 2016-07-27 16:42 - 00976456 ____C () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2009-12-19 04:43 - 2007-08-08 10:08 - 00094208 _____ () C:\Program Files\ATKGFNEX\GFNEXSrv.exe
2009-12-19 04:45 - 2007-11-30 21:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2008-10-01 09:02 - 2008-10-01 09:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2008-08-14 06:59 - 2008-08-14 06:59 - 00301624 _____ () C:\Program Files (x86)\ASUS\ATK Hotkey\Atouch64.exe
2009-09-11 02:42 - 2009-09-11 02:42 - 00041984 _____ () C:\Program Files\P4G\DevMng.dll
2009-09-11 22:27 - 2009-09-11 22:27 - 00029184 _____ () C:\Program Files\P4G\OvrClk.dll
2009-12-19 04:43 - 2007-03-10 04:58 - 00124416 _____ () C:\Program Files\ATKGFNEX\AGFNEX64.dll
2009-09-05 01:24 - 2009-09-05 01:24 - 01600128 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
2009-09-24 23:50 - 2009-09-24 23:50 - 00053888 _____ () C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
2015-06-16 11:10 - 2015-06-16 11:10 - 00226240 ____C () C:\Program Files\Common Files\VMware\DeviceRedirectionCommon\ftnlsv.exe
2015-07-31 15:42 - 2015-07-31 15:42 - 06363792 ____C () C:\Program Files (x86)\VMware\ScannerRedirection\ftscanmgr.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 ____C () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2009-08-25 09:47 - 2009-08-25 09:47 - 00140560 _____ () C:\Program Files (x86)\ASUS\Asus WebStorage\EcaremeDLL.dll
2009-12-19 04:17 - 2009-12-19 04:17 - 00029968 _____ () C:\Windows\assembly\GAC_MSIL\SqliteShared\1.0.3524.15966__0d0f4b69e50e559b\SqliteShared.dll
2009-12-19 04:17 - 2009-12-19 04:17 - 00931840 _____ () C:\Windows\assembly\GAC_64\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
2016-07-26 14:32 - 2016-07-27 16:42 - 02162760 ____C () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2009-12-19 04:29 - 2009-12-19 04:29 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-06-16 11:04 - 2015-06-16 11:04 - 00239552 ____C () C:\Program Files (x86)\Common Files\VMware\DeviceRedirectionCommon\ftnlapi.dll
2016-05-14 14:48 - 2016-05-14 14:46 - 40500224 ____C () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 ____C () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-11-11 03:42 - 2015-11-11 03:42 - 01045672 ____C () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)

IE trusted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\amazon.com -> hxxps://amazon.com
IE trusted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\localhost -> localhost
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\...\100sexlinks.com -> 100sexlinks.com

Er zijn 4788 Meer websites.


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2012-07-28 19:30 - 00000027 ___AC C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-2578091034-2730396283-2997144666-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 89.101.251.229 - 89.101.251.228
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NewShortcut1.lnk => C:\Windows\pss\NewShortcut1.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Update-melder.lnk => C:\Windows\pss\Update-melder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WinZip Preloader.lnk => C:\Windows\pss\WinZip Preloader.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Have0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk => C:\Windows\pss\In Voor En Tegenspoed - Seizoen 1 _ Aflevering 1.mov.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: EeeStorageBackup => C:\Program Files (x86)\ASUS\Asus WebStorage\BackupService.exe
MSCONFIG\startupreg: EEventManager => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: uTorrent => "C:\Users\Have0\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [{95D3EED8-4DC9-4A2E-9D0A-DDFFC0084AD5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{EB0DF1F4-6803-4B8D-8F69-3F584C548809}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{0FDB93C9-DBC2-4694-B822-A3B4D20418B9}] => (Allow) svchost.exe
FirewallRules: [{5D5D7C8A-77DB-46D0-B242-0DC2E5F4DAF6}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{CAB61662-1C97-4DA8-9125-D2F907F0CF0C}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{8C253058-D4CE-4A67-BA19-84F24AA52E8D}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{B2EEAFF8-FBDE-4C80-A4D4-338FD9646D51}] => (Allow) C:\Users\Have0\Downloads\AudioConverter_Setup.exe
FirewallRules: [{4CB999F9-80AE-499C-A5A1-E781B9FAE433}] => (Allow) C:\Users\Have0\Downloads\AudioConverter_Setup.exe
FirewallRules: [TCP Query User{CD581EB8-53F3-4935-A6D0-2E7812A51893}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{06023446-5686-40F8-828E-6E8A3F50F91A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{320B1F01-A4DC-457B-87F1-898A70D7D81B}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{AB2EF3B4-8C4B-432F-A81C-68162CCCD655}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{49ADCAE4-CE4F-4A58-A864-7AC547B54D91}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{909F0EE1-2AC6-4B9F-86C8-3E8DC69345A2}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{EBCACC12-2791-41EE-A9FC-B4A3D9EE6B36}] => (Allow) E:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [TCP Query User{80FC0B9F-6444-4F5E-8690-2A514566314E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{2289EAA5-DEDC-4AAD-87C9-323E7A37D335}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1452AFC6-3680-4E76-AB89-8A7955B99276}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{D2D4A55A-A79B-4C9E-999E-6183FFDFAB03}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{551BEABD-E88F-4CA2-9465-30FD33E89D38}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{2166D924-B493-4379-B6F2-EA3C2A57C91B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{B6681F01-BE31-466E-AF57-CF9EEC0853E3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DE741EF4-02F8-48AC-A2BA-08ABDED61057}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{903BD016-6DDD-45FF-9F7B-1A39CC76C07D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{0074333C-0E00-4D2E-B39D-F257D0C3B2AC}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{3CA60519-1587-41F1-88CD-35691EFE6CE3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{C725B6D0-AC6B-4AF2-A4E8-9FF451447B16}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{8D536DA5-1234-4B16-91DB-8A64B76913B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B717A87A-64E6-4DFE-BA52-1285BCF1B504}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{90F2134E-1D74-4C4F-9784-29D93541B99A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{334DB732-9388-4F3D-8AE1-88EB86FC236E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{1FB866DB-F5AF-4CE6-AE7E-1C38404BDAFE}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-remotemks.exe
FirewallRules: [{96336EBA-62D1-43E7-959B-A95E7B842E0A}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{659700F9-63AE-4E22-B342-9446F4D479C1}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{CFA73E55-1BE6-4F67-9F43-961F6AE24B9E}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{66E7EEBD-56D2-472D-900B-7F0BD5A04B47}] => (Allow) C:\Program Files (x86)\VMware\VMware Horizon View Client\vmware-view.exe
FirewallRules: [{11A0109E-7776-4943-A7F3-DB15B0E42FB4}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{75AF02A1-99DB-4825-BD44-AC55132643DF}] => (Allow) F:\Network\EpsonNetSetup\ENEasyApp.exe
FirewallRules: [{96EC06D6-D4B9-40D9-9624-A17AC6123E27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5882AD78-7C88-485D-8A51-595D8F330B69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0E0201C4-3CD2-43D4-9B50-F780CDF70292}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{EAB6603C-910B-4506-A1C4-BEE4EEC52E76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{3A97F26C-3009-444B-B2E7-FC37CF282553}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{7DCB9F12-8AF2-4621-B755-9E85D70DC372}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [TCP Query User{E73B1009-4F98-48E0-B843-34E40E826806}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [UDP Query User{237D45EE-BD43-469E-95E5-8881A490AE6D}C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe] => (Allow) C:\program files (x86)\vmware\vmware horizon view client\vmware-remotemks.exe
FirewallRules: [{29D4DBFC-0323-452F-A3B1-02480C01DABD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D0D0BCC2-5EC8-4A30-AE27-340A026A0F39}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DF29DF52-68BC-4FA9-AAB8-0CE55AC6951A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{394A9DC7-CB50-4BCE-BEB1-CF9949A1AA8A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{FB759A83-2B0F-4046-A43E-89EA4830FCE8}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{DB7268EF-A24D-4CA0-844A-C5E5B5B3F138}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe

==================== Herstelpunten =========================

31-07-2016 20:35:14 Windows Back-up
02-08-2016 15:15:32 WinZip 20.5 is verwijderd

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (07/03/2016 09:44:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0xdc8
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (07/03/2016 09:44:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (07/01/2016 04:38:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x1780
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (07/01/2016 04:38:15 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/30/2016 03:51:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x10d4
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/30/2016 03:50:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/29/2016 08:33:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x19c0
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/29/2016 08:32:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()

Error: (06/28/2016 07:51:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: WzBGTools.exe, versie: 20.5.12119.0, tijdstempel: 0x57220624
Naam van module met fout: KERNELBASE.dll, versie: 6.1.7601.23418, tijdstempel: 0x5708a89c
Uitzonderingscode: 0xe0434352
Foutoffset: 0x000000000001a06d
Id van proces met fout: 0x1b74
Starttijd van toepassing met fout: 0xWzBGTools.exe0
Pad naar toepassing met fout: WzBGTools.exe1
Pad naar module met fout: WzBGTools.exe2
Rapport-id: WzBGTools.exe3

Error: (06/28/2016 07:51:18 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Toepassing: WzBGTools.exe
Framework-versie: v4.0.30319
Beschrijving: het proces is beëindigd als gevolg van een onverwerkte uitzondering.
Uitzonderingsinformatie: System.UnauthorizedAccessException
Stack:
   bij System.IO.__Error.WinIOError(Int32, System.String)
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].CommonInit()
   bij System.IO.FileSystemEnumerableIterator`1[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]]..ctor(System.String, System.String, System.String, System.IO.SearchOption, System.IO.SearchResultHandler`1<System.__Canon>, Boolean)
   bij System.IO.DirectoryInfo.InternalGetFileSystemInfos(System.String, System.IO.SearchOption)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ew.ah(WzBGTool.BGTListRule)
   bij ev.ah(WzBGTool.BGTListRule)
   bij WzBGTool.WzBGToolTemporary.s()
   bij WzBGTool.WzBGToolCommon.a(WzBGTool.INotificationCallback)
   bij WzBGTool.WzBGToolCommon.ac(WzBGTool.INotificationCallback)
   bij e0.c()
   bij e1.b()
   bij System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bij System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   bij System.Threading.ThreadHelper.ThreadStart()


Systeemfouten:
=============
Error: (08/02/2016 07:52:44 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 06:24:28 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 05:20:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 04:38:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (08/02/2016 04:38:49 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (08/02/2016 04:38:46 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (08/02/2016 04:38:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: vmwsprrdpwks.

Error: (08/02/2016 03:55:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Installer-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 120000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/02/2016 03:10:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
aswSnx

Error: (08/02/2016 03:08:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De avast! Antivirus-service is afhankelijk van de aswMonFlt-service, die vanwege de volgende fout niet kan worden gestart:
%%2 = Het systeem kan het opgegeven bestand niet vinden.

 

CodeIntegrity:
===================================
  Date: 2015-09-09 16:14:26.255
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:25.693
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:25.147
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:24.601
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:24.055
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:23.556
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:23.041
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-09 16:14:22.542
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-08 20:00:27.124
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

  Date: 2015-09-08 20:00:26.656
  Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.


==================== Geheugen info ===========================

Processor: AMD Athlon(tm) II Dual-Core M300
Percentage geheugen in gebruik: 46%
Totaal fysiek RAM-geheugen: 4095.21 MB
Beschikbaar fysiek RAM-geheugen: 2205.61 MB
Totaal Virtueel geheugen: 13106.03 MB
Beschikbaar Virtual geheugen: 10665.14 MB

==================== Schijven ================================

Drive c: (OS) (Fixed) (Total:74.52 GB) (Free:2.1 GB) NTFS ==>[schijf met boot componenten (verkregen van BCD)]
Drive d: (DATA) (Fixed) (Total:208.92 GB) (Free:186.41 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 76692CA8)
Partition 1: (Not Active) - (Size=14.6 GB) - (Type=1C)
Partition 2: (Active) - (Size=74.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=208.9 GB) - (Type=OF Extended)

==================== Eind van Addition.txt ============================

Link naar reactie
Delen op andere sites

Goede avond,

 

U heeft de tool niet op het bureaublad gestart, ( Downloads )  Verplaats het eerst even naar het bureaublad aub.

 

U gebruikt AVG antivirus maar ik zie ook Avast (in error) in het logje.

 

1. Ga naar start>configuratiescherm>software of programma's en onderdelen en verwijder daar Avast.
2. Volg hierna de onderstaande instructies.


Download aswClear5.exe naar het bureaublad.

  • Start de computer op in de veilige modus (klik)
  • Dubbelklik op "aswClear5.exe" om de uninstall tool te starten.
  • staat Avast niet in de standaard directory geïnstalleerd navigeer dan naar de juiste installatie directory.
    • Let op!!! de complete inhoud van deze directory zal verwijderd worden.
     
  • Klik nu op "Remove" en herstart de computer.

Link naar reactie
Delen op andere sites

Beste Juisterr, bedoelt u dat ik beiden loges op mijn bureaublad moet zetten ? Zijn dit wel de goede logfiles zo ? Of bedoelt u Farbar Recovery Scan Tool uitvoeren, dat ik dit programmaatje op mijn bureaublad moet plaatsen ? Sorry ik ben echt een leek met p.c.

En moet ik ervoor zorgen dat Avast verplaatst wordt naar software of programma's en onderdelen zetten en daarna verwijderen ?
Ik heb windows 7. Bedankt voor uw tijd !

aangepast door Have0
Link naar reactie
Delen op andere sites


  • 2 weken later...

Goede middag,

 

Sorry voor het late antwoord.

 

Schakel eerst de Antivirussoftware uit voordat je zoek.exe download of uitvoert.
Schakel je antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk de werking van Zoek.exe nadelig beïnvloeden. 
(hier en hier) kan je lezen hoe je dat doet.

en download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad.
klik hier voor meer informatie over hoe zoek.exe te gebruiken)

  • Wanneer Internet Explorer of een andere browser of virusscanner  melding geeft dat dit bestand onveilig zou zijn kan je dat negeren, het is namelijk een onterechte waarschuwing.


  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze Computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.
    emptyfolderscheck;delete
    torpigcheck; 
    firefoxlook; 
    Chromelook;
    services-list;  
    autoclean; 
    iedefaults; 
    
    

  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht  als bijlage.


  

Link naar reactie
Delen op andere sites

Spoiler

Beste Juisterr,

het lijkt of de run blijft hangen ? Zie hieronder ? Doe ik iets fout of kan ik het beter opnieuw doen ?


Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Have0 on ma 22-08-2016 at 13:32:45,88.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Have0\Desktop\zoek.exe [Scan all users] [Script inserted] 

===== Runcheck 13:51:46,37 =====

--- Create Environment Variables 13:51:53,11 
--- Create System Restore Point 13:52:18,83 
--- Checking Input 13:53:21,37 
--- Torpig Check 13:55:14,64 
--- AU AppData Check 13:55:36,47 
--- Remove From Windows Installer 13:55:51,52 
--- Registry HKLM Software Check 14:05:24,57 
--- Quick Launch Shortcut Check 14:07:46,38 
--- IE Startpage Check 14:08:49,34 
--- Program Files DB Check 14:13:54,96 
--- C:\Users\Default\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Default User\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Have0\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\SysNative\config\systemprofile\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\serviceprofiles\networkservice\AppData\Roaming DB Check 14:18:12,36 
--- C:\Windows\serviceprofiles\Localservice\AppData\Roaming DB Check 14:18:12,36 
--- C:\Users\Have0 DB Check 14:27:15,88 
--- C:\PROGRA~3 DB Check 14:28:38,44 
--- C:\Users\Default\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Default User\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Have0\AppData\Local DB Check 14:29:41,34 
--- C:\Users\Public\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\SysNative\config\systemprofile\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\serviceprofiles\networkservice\AppData\Local DB Check 14:29:41,34 
--- C:\Windows\serviceprofiles\Localservice\AppData\Local DB Check 14:29:41,34 
--- C:\ProgramData\Microsoft\Windows\Start Menu\Programs DB Check 14:36:40,04 
--- C:\Users\Have0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs DB Check 14:37:19,06 
--- Tasks DB Check 14:37:44,69 
--- Downloads DB Check 14:38:01,99 
--- C:\Users\Have0\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\SysNative\config\systemprofile\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\serviceprofiles\networkservice\AppData\LocalLow DB Check 14:38:24,40 
--- C:\Windows\serviceprofiles\Localservice\AppData\LocalLow DB Check 14:38:24,40 
--- Tasks2 DB Check 14:41:22,01 
--- Documents DB Check 14:43:30,49 
--- C:\Users\Have0\AppData\Roaming\Mozilla\Firefox\Profiles\93wcg9ro.default-1470143960058 DB Check 14:44:00,88 
--- C:\Users\Have0\AppData\Roaming\TomTom\HOME\Profiles\7gfw6mr0.default DB Check 14:44:00,88 
--- C:\Users\Public\Desktop DB Check 14:44:20,65 
--- C:\Users\Have0\Desktop DB Check 14:44:46,09 
--- Services DB Check 14:45:27,10 
--- FF prefs.js DB Check 14:48:51,68 
--- Del by CLSID 14:54:56,93 
--- Delete Services 14:57:43,03 
--- Delete files\folders 14:57:53,83 
--- Create Backups 14:57:54,38 
--- Folders in C:\PROGRA~3 0-6 Months 14:58:22,13 
--- Firefox Extensions 14:58:26,01 

 

 

Link naar reactie
Delen op andere sites

 Delen

×
×
  • Nieuwe aanmaken...