Dear
Computer is working very bad lately, it has a long time advertisement when the browser is used, any browser (IE, google chrome, Firefox).
then it blocks sometimes, and very slow.
exampe of advertisement:
http://www.30daychanges.co/
https://www.nordicbet.dk
http://canuck-method.co/b/special-offe
before these websites shows, alwsays first this comes:
http://fal.apostroph...ges.com/0bqPDkv
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:05-03-2016 01
Gestart door Egon (Beheerder) op EGON-PC (30-03-2016 18:35:26)
Gestart vanaf C:\Users\Egon\Desktop
Geladen Profielen: Egon (Beschikbare Profielen: Egon)
Platform: Windows 8.1 Pro (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: FF)
Boot Modus: Normal
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
() C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_svc.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola_updater.exe
() C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVC.EXE
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Microsoft Online Services\MSOIDSVCM.EXE
(NewTech InfoSystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(PhraseProfessor) C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Service\ppsvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(华为技术有限公司) C:\Program Files (x86)\HiSuite\LiveUpdateTip.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Hola Networks Ltd.) C:\Program Files\Hola\app\hola.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(BlazeVideo Company) C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\MediaDetector.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(VoipConnect) C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe
(Isabel SA/NV) C:\Program Files (x86)\Common Files\Isabel\isacertupdate.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [hola] => C:\Program Files\Hola\app\hola.exe [2036864 2016-03-23] (Hola Networks Ltd.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12118840 2015-03-28] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [OfficeSubscriptionAgent] => C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osaui.exe [932160 2011-11-16] (Microsoft Corporation)
HKLM-x32\...\Run: [IsaCertUpdate] => C:\Program Files (x86)\Common Files\Isabel\isacertupdate.exe [1422344 2014-05-14] (Isabel SA/NV)
HKLM-x32\...\Run: [gmsd_be_004010022] => [X]
HKLM-x32\...\Run: [gmsd_be_005010023] => [X]
HKLM-x32\...\Run: [gmsd_be_005010031] => [X]
HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [33024 2010-03-02] ()
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-07-28] (Panda Security, S.L.)
HKLM\...\Winlogon: [Userinit] C:\WINDOWS\SysWOW64\userinit.exe,
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [BlazeServoTool] => C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\MediaDetector.exe [282624 2007-11-30] (BlazeVideo Company)
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [23260000 2016-02-24] (Google)
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Run: [VoipConnect] => C:\Program Files (x86)\VoipConnect.com\VoipConnect\voipconnect.exe [36547168 2016-02-22] (VoipConnect)
SecurityProviders: credssp.dll, schannel.dll
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2016-02-24] (Google)
GroupPolicy: Restrictie - Chrome <======= AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <======= AANDACHT
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 195.130.131.3 195.130.130.3
Tcpip\..\Interfaces\{9981AD65-30BF-480B-9A42-69288D9325F4}: [DhcpNameServer] 195.130.131.3 195.130.130.3
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-2492519384-784487665-790397795-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617912&ResetID=131020033644647599&GUID=7CB9D41B-404E-481E-A309-4BCFC79DBE21
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2492519384-784487665-790397795-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-09-22] (Eyeo GmbH)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-09-22] (Eyeo GmbH)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll Geen bestand
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1442477744&z=930bd4e5e7b93df2bb61eb8gfzfzco6zbmbm3w8bde&from=face&uid=WDCXWD3200AAJS-60M0A0_WD-WCAV2749348693486
FireFox:
========
FF ProfilePath: C:\Users\Egon\AppData\Roaming\Mozilla\Firefox\Profiles\hmgeooc5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-10] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-10] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @hola.org/FlashPlayer -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-23] ()
FF Plugin HKU\.DEFAULT: @hola.org/vlc -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-23] (Hola)
FF Plugin HKU\S-1-5-21-2492519384-784487665-790397795-1000: @hola.org/FlashPlayer -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\flash\NPSWF32_18_0_0_232.dll [2016-03-23] ()
FF Plugin HKU\S-1-5-21-2492519384-784487665-790397795-1000: @hola.org/vlc -> C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\vlc\npvlc.dll [2016-03-23] (Hola)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-28] ()
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [2014-12-10] [ niet getekend]
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-30] [ niet getekend]
Chrome:
=======
CHR Profile: C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-15]
CHR Extension: (Google Documenten) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-15]
CHR Extension: (Google Drive) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-15]
CHR Extension: (YouTube) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-15]
CHR Extension: (Google Spreadsheets) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-15]
CHR Extension: (Offline Documenten) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-16]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-03-15]
CHR Extension: (Google Snel scrollen) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\okanipcmceoeemlbjnmnbdibhgpbllgc [2016-03-15]
CHR Extension: (Gmail) - C:\Users\Egon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-15]
CHR HKU\S-1-5-21-2492519384-784487665-790397795-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com)
R2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [24832 2010-03-02] (NewTech Infosystems, Inc.)
R2 HiSuiteOuc64.exe; C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe [138544 2015-05-20] ()
R2 hola_svc; C:\Program Files\Hola\app\hola_svc.exe [8127616 2016-03-23] (Hola Networks Ltd.)
R2 hola_updater; C:\Program Files\Hola\app\hola_updater.exe [8126592 2015-11-28] (Hola Networks Ltd.)
R2 HuaweiHiSuiteService64.exe; C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe [192304 2015-05-20] ()
R2 msoidsvc; C:\Program Files\Common Files\Microsoft Shared\Microsoft Online Services\MSOIDSVC.EXE [2079520 2012-05-17] (Microsoft Corp.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-07-29] (Panda Security, S.L.)
R2 osubsvc; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\osa.exe [493384 2011-11-16] (Microsoft Corporation)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-07-23] (Panda Security, S.L.)
R2 ppsvc_1.10.0.24; C:\Program Files (x86)\PhraseProfessor_1.10.0.24\Service\ppsvc.exe [301664 2015-09-02] (PhraseProfessor)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-07-28] (Panda Security, S.L.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6942480 2016-03-02] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 423248f1; "C:\WINDOWS\system32\rundll32.exe" "c:\Program Files (x86)\IncludeRunner\IncludeRunner.dll",serv
S2 lexyfofi; C:\Program Files (x86)\CFE722AC-1436196531-11DE-9DB5-6D9E93EEBEE4\knsb2162.tmp [X]
===================== Drivers (gefilterd) ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 FAMv4; C:\Windows\System32\DRIVERS\FAMv4.sys [155160 2009-10-27] (VisionWorks Solutions, Inc)
S3 HWHandSet; C:\Windows\system32\DRIVERS\hw_quusbmdm.sys [223232 2015-05-07] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2015-05-07] (Huawei Technologies Co., Ltd.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201976 2015-07-09] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-07-09] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-07-09] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [78072 2015-07-09] ()
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-07-09] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-07-09] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [170232 2015-07-09] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-07-09] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [257784 2015-07-09] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-07-09] (Panda Security, S.L.)
R1 ppfd_vw_1_10_0_24; C:\Windows\System32\drivers\ppfd_vw_1_10_0_24.sys [57744 2015-09-02] (PhraseProfessor)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [164088 2015-07-19] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [121592 2015-07-19] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [197880 2015-07-19] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [124152 2015-07-19] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [134392 2015-07-19] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [107768 2015-07-19] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 usbser; C:\Windows\system32\DRIVERS\USBSER.sys [33280 2015-05-07] (Microsoft Corporation) [Bestand niet getekend]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
U3 idsvc; geen ImagePath
S1 innfd_1_10_0_14; system32\drivers\innfd_1_10_0_14.sys [X]
S1 wsafd_1_10_0_19; system32\drivers\wsafd_1_10_0_19.sys [X]
S1 wsfd_vw_1_10_0_20; system32\drivers\wsfd_vw_1_10_0_20.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-03-30 18:35 - 2016-03-30 18:36 - 00022070 _____ C:\Users\Egon\Desktop\FRST.txt
2016-03-30 18:21 - 2016-03-30 18:35 - 00000000 ____D C:\FRST
2016-03-30 18:21 - 2016-03-30 18:21 - 02374144 _____ (Farbar) C:\Users\Egon\Desktop\FRST64.exe
2016-03-30 18:02 - 2016-03-30 18:02 - 00001430 _____ C:\Users\Egon\Desktop\Internet Explorer.lnk
2016-03-30 17:53 - 2016-03-30 17:53 - 00000000 ____D C:\Users\Egon\AppData\Local\TeamViewer
2016-03-30 17:51 - 2016-03-30 17:54 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-03-30 17:51 - 2016-03-30 17:51 - 00001055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-03-30 17:51 - 2016-03-30 17:51 - 00001043 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-03-30 17:49 - 2016-03-30 17:49 - 09785648 _____ (TeamViewer GmbH) C:\Users\Egon\Desktop\TeamViewer_Setup_nl-jeo.exe
2016-03-30 17:48 - 2016-03-30 17:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (5).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (4).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (3).exe
2016-03-30 15:49 - 2016-03-30 15:49 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (2).exe
2016-03-30 15:48 - 2016-03-30 15:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS.exe
2016-03-30 15:48 - 2016-03-30 15:48 - 08374200 _____ (TeamViewer) C:\Users\Egon\Downloads\TeamViewerQS (1).exe
2016-03-17 14:54 - 2016-03-17 14:54 - 00047554 _____ C:\Users\Egon\Downloads\timenkelly.pdf
2016-03-16 15:18 - 2016-03-16 15:18 - 167583000 _____ (Apple Inc.) C:\Users\Egon\Downloads\iTunes6464Setup.exe
2016-03-16 15:17 - 2016-03-16 15:17 - 00001700 _____ C:\Users\Public\Desktop\Hervat Reimage Repair Installatie.lnk
2016-03-16 15:17 - 2016-03-16 15:17 - 00000099 _____ C:\WINDOWS\Reimage.ini
2016-03-15 16:03 - 2016-03-15 16:03 - 00002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-15 16:03 - 2016-03-15 16:03 - 00002295 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-09 14:57 - 2016-02-20 17:45 - 01373184 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 01168896 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-03-09 14:57 - 2016-02-20 17:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-03-09 14:57 - 2016-02-08 23:05 - 20352512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-03-09 14:57 - 2016-02-08 22:39 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-03-09 14:57 - 2016-02-08 22:34 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-03-09 14:57 - 2016-02-08 22:29 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-03-09 14:57 - 2016-02-08 22:28 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-03-09 14:57 - 2016-02-08 22:10 - 04611072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-03-09 14:57 - 2016-02-08 22:07 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-03-09 14:57 - 2016-02-08 22:05 - 25816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-03-09 14:57 - 2016-02-08 22:03 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-03-09 14:57 - 2016-02-08 22:02 - 13012480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-03-09 14:57 - 2016-02-08 22:02 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-03-09 14:57 - 2016-02-08 22:01 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-03-09 14:57 - 2016-02-08 21:43 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-03-09 14:57 - 2016-02-08 21:39 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-03-09 14:57 - 2016-02-08 21:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-03-09 14:57 - 2016-02-08 20:27 - 02887680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-03-09 14:57 - 2016-02-08 20:26 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-03-09 14:57 - 2016-02-08 20:16 - 06052352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-03-09 14:57 - 2016-02-08 20:14 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-03-09 14:57 - 2016-02-08 20:13 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-03-09 14:57 - 2016-02-08 19:51 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-03-09 14:57 - 2016-02-08 19:42 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-03-09 14:57 - 2016-02-08 19:37 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-03-09 14:57 - 2016-02-08 19:34 - 00798720 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-03-09 14:57 - 2016-02-08 19:33 - 14613504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-03-09 14:57 - 2016-02-08 19:33 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-03-09 14:57 - 2016-02-08 19:19 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-03-09 14:57 - 2016-02-08 19:15 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-03-09 14:57 - 2016-02-08 19:07 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-03-09 14:57 - 2016-02-08 18:55 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-03-09 14:57 - 2016-02-05 21:06 - 00046768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-03-09 14:57 - 2016-02-05 16:59 - 07784960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-03-09 14:57 - 2016-02-05 16:55 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-03-09 14:57 - 2016-02-05 16:48 - 07075840 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-03-09 14:57 - 2016-02-05 16:47 - 05268480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-03-09 14:57 - 2016-01-09 03:38 - 00091992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2016-03-09 14:57 - 2016-01-06 20:25 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-03-09 14:57 - 2015-12-30 23:53 - 02017624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00419160 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00378712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-03-09 14:55 - 2016-01-24 20:19 - 00331608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2016-03-09 14:55 - 2016-01-24 13:57 - 01335296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-03-09 14:55 - 2016-01-24 13:45 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-03-09 14:55 - 2016-01-09 03:49 - 00218448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-03-09 14:55 - 2016-01-09 03:49 - 00192120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-03-09 14:54 - 2016-02-11 16:21 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:21 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:20 - 00875720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-03-09 14:54 - 2016-02-11 16:20 - 00536776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-03-09 14:54 - 2016-02-06 18:58 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-03-09 14:54 - 2016-02-06 18:32 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-03-09 14:54 - 2016-01-07 01:46 - 00148752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-03-09 14:54 - 2016-01-07 01:45 - 00177712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-03-09 14:54 - 2016-01-06 18:47 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-03-09 14:53 - 2016-02-12 21:14 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-03-09 14:53 - 2016-02-12 17:14 - 03708416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-03-09 14:53 - 2016-02-12 16:55 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2016-03-09 14:53 - 2016-02-12 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2016-03-09 14:53 - 2016-02-12 16:51 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2016-03-09 14:53 - 2016-02-12 16:51 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2016-03-09 14:53 - 2016-02-12 16:51 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2016-03-09 14:53 - 2016-02-12 16:48 - 02244096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2016-03-09 14:53 - 2016-02-12 16:47 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-03-09 14:53 - 2016-02-12 16:46 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-03-09 14:53 - 2016-02-06 20:08 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-03-09 14:53 - 2016-02-05 21:07 - 00292696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMASF.DLL
2016-03-09 14:53 - 2016-02-05 21:07 - 00243032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMASF.DLL
2016-03-09 14:53 - 2016-02-05 17:03 - 15432704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-03-09 14:53 - 2016-02-05 17:00 - 13318144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-03-09 14:53 - 2016-02-04 20:18 - 04174336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-03-09 14:53 - 2016-02-04 20:18 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-03-09 14:53 - 2016-02-04 20:12 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-03-09 14:53 - 2016-02-04 19:44 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-03-09 14:53 - 2016-02-04 19:39 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-03-09 14:53 - 2016-02-04 19:24 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-03-09 14:53 - 2016-02-04 19:02 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-03-09 14:53 - 2016-02-03 22:37 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-03-09 14:53 - 2016-02-03 22:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-03-09 14:53 - 2016-02-03 17:09 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-03-09 14:53 - 2016-02-03 17:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-03-09 14:53 - 2016-02-03 17:00 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-03-09 14:53 - 2016-01-31 21:16 - 00148832 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-03-09 14:53 - 2016-01-15 18:56 - 02487296 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2016-03-09 14:53 - 2016-01-15 18:45 - 01482240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2016-03-09 14:53 - 2016-01-10 18:41 - 01707008 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-03-09 14:53 - 2016-01-10 18:31 - 01344512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-03-09 14:53 - 2016-01-05 17:00 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-03-09 14:53 - 2015-12-30 22:49 - 00470360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2016-03-09 14:53 - 2015-12-20 16:57 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-03-09 14:53 - 2015-12-20 16:56 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2016-03-09 14:53 - 2015-12-20 16:43 - 00696320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-03-09 14:53 - 2015-11-19 16:33 - 00994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2016-03-09 14:53 - 2015-11-19 16:26 - 00922432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2016-03-02 13:38 - 2016-03-02 13:39 - 00000000 ____D C:\Users\Egon\Documents\btw brieven 1ste kw 2016
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-03-30 18:34 - 2016-01-11 12:29 - 00000000 ___RD C:\Users\Egon\Google Drive
2016-03-30 18:34 - 2016-01-11 12:27 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-30 18:34 - 2014-12-13 11:10 - 00000000 __RDO C:\Users\Egon\OneDrive
2016-03-30 18:31 - 2014-03-18 17:31 - 01823174 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-03-30 18:31 - 2014-03-18 17:00 - 00805462 _____ C:\WINDOWS\system32\perfh013.dat
2016-03-30 18:31 - 2014-03-18 17:00 - 00161964 _____ C:\WINDOWS\system32\perfc013.dat
2016-03-30 18:31 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-03-30 18:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-03-30 18:26 - 2014-06-12 03:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-03-30 18:25 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-03-30 18:09 - 2015-08-24 16:44 - 00000000 ____D C:\Users\Egon\Desktop\Cortofisc diversen
2016-03-30 18:08 - 2015-08-24 16:55 - 00000000 ____D C:\Users\Egon\Desktop\windows 10 NL
2016-03-30 18:04 - 2015-09-17 19:27 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1000
2016-03-30 17:56 - 2013-08-22 16:44 - 00537040 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-03-30 17:47 - 2015-08-18 17:25 - 00000940 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-03-30 17:38 - 2016-01-11 12:27 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-30 16:10 - 2015-12-21 14:29 - 00003950 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AB7330F7-2940-403A-BE7C-C30B143E0F16}
2016-03-30 15:49 - 2012-07-12 11:55 - 00000000 ____D C:\Users\Egon\AppData\Roaming\TeamViewer
2016-03-30 13:33 - 2014-12-13 00:19 - 00000000 ____D C:\Users\Egon
2016-03-24 12:47 - 2015-08-18 17:25 - 00003828 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-03-24 10:02 - 2015-04-13 12:59 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2016-03-24 10:02 - 2015-04-13 12:59 - 00000000 ___SD C:\WINDOWS\system32\GWX
2016-03-24 10:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-03-23 09:29 - 2015-09-17 19:27 - 00000000 ____D C:\Users\Egon\AppData\Roaming\Hola
2016-03-17 13:42 - 2015-09-30 16:58 - 00003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1443625059
2016-03-17 13:42 - 2014-09-02 10:43 - 00000000 ____D C:\Program Files (x86)\Opera
2016-03-17 13:41 - 2015-09-30 16:57 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-03-15 16:03 - 2012-07-26 16:31 - 00000000 ____D C:\Program Files (x86)\Google
2016-03-14 09:38 - 2016-01-11 12:28 - 00002058 _____ C:\Users\Public\Desktop\Google Slides.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00002056 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00002046 _____ C:\Users\Public\Desktop\Google Docs.lnk
2016-03-14 09:38 - 2016-01-11 12:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2016-03-11 09:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-03-10 10:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-03-09 18:32 - 2014-12-17 21:37 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-03-09 15:16 - 2013-08-15 03:05 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-03-09 15:16 - 2012-07-03 13:44 - 143659408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-03-09 14:46 - 2015-12-10 04:56 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-03-09 14:46 - 2015-12-10 04:56 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-03-09 14:46 - 2015-12-10 04:56 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-03-08 09:00 - 2015-01-05 16:10 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-03-08 09:00 - 2015-01-05 16:10 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Bestanden in de root van sommige mappen =======
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\4gd6NIgFbFWQFc1O5yI9vvqp.exe
2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan
2015-08-25 10:51 - 2015-08-25 10:51 - 1579520 _____ () C:\Users\Egon\AppData\Roaming\VvaFj8aAhOEJ1ykPi5shan.exe
2015-09-17 09:05 - 2015-09-17 09:05 - 3531374 _____ () C:\Users\Egon\AppData\Local\curl.zip
2015-09-07 14:00 - 2015-09-07 14:00 - 0000398 _____ () C:\Users\Egon\AppData\Local\Kx42m.vbs
2015-09-17 10:19 - 2015-09-17 10:19 - 0000398 _____ () C:\Users\Egon\AppData\Local\McCLmJP.vbs
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsaF76A.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsb7C34.tmp
2015-09-07 14:01 - 2015-09-07 14:01 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsh31AB.tmp
2015-08-25 10:50 - 2015-08-25 10:50 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nskAACA.tmp
2015-09-17 10:19 - 2015-09-17 10:19 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nslE424.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsmE030.tmp
2015-09-17 09:34 - 2015-09-17 09:34 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst45ED.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0628688 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nst6D28.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nsxD78D.tmp
2015-08-25 10:51 - 2015-08-25 10:51 - 0613255 _____ (CMI Limited) C:\Users\Egon\AppData\Local\nszD16F.tmp
2015-10-24 12:52 - 2015-10-24 12:52 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Sommige bestanden in TEMP:
====================
C:\Users\Egon\AppData\Local\Temp\1021.exe
C:\Users\Egon\AppData\Local\Temp\4245.exe
C:\Users\Egon\AppData\Local\Temp\5074.exe
C:\Users\Egon\AppData\Local\Temp\6008.exe
C:\Users\Egon\AppData\Local\Temp\8363.exe
C:\Users\Egon\AppData\Local\Temp\894.exe
C:\Users\Egon\AppData\Local\Temp\fsd2AAD.exe
C:\Users\Egon\AppData\Local\Temp\fsd6F61.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.369.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.105.exe
C:\Users\Egon\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.9.510.exe
C:\Users\Egon\AppData\Local\Temp\optprosetup.exe
C:\Users\Egon\AppData\Local\Temp\Quarantine.exe
C:\Users\Egon\AppData\Local\Temp\sqlite3.dll
C:\Users\Egon\AppData\Local\Temp\sqlite3.exe
C:\Users\Egon\AppData\Local\Temp\supoptsetup.exe
C:\Users\Egon\AppData\Local\Temp\Uninstall.exe
C:\Users\Egon\AppData\Local\Temp\UninstallModule.exe
C:\Users\Egon\AppData\Local\Temp\{1998A2D8-FD81-4673-B30F-C2AF8C283998}.exe
==================== Bamital & volsnap =================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2016-03-24 10:24
==================== Eind van FRST.txt ============================
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:05-03-2016 01
Gestart door Egon (2016-03-30 18:36:39)
Gestart vanaf C:\Users\Egon\Desktop
Windows 8.1 Pro (X64) (2014-12-13 09:02:27)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2492519384-784487665-790397795-500 - Administrator - Disabled)
Egon (S-1-5-21-2492519384-784487665-790397795-1000 - Administrator - Enabled) => C:\Users\Egon
Gast (S-1-5-21-2492519384-784487665-790397795-501 - Limited - Disabled)
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Geïnstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
ACS Unified PC/SC Driver 4.0.0.0 (HKLM\...\{8A89A9DD-9ED4-4532-AE8A-863B291D9472}) (Version: 4.0.0.0 - Advanced Card Systems Ltd.)
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{EAB6B77C-0E46-48EF-8660-7ABA400F7FB4}) (Version: 1.5 - Eyeo GmbH)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1a - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.9.160 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Basissoftware voor HP Officejet Pro 8500 A910 (HKLM\...\{E72B796E-BB9B-44D5-BDCB-36AC39E0C5D0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
BitComet 1.38 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.38 - CometNetwork)
BNP Paribas Fortis Security Components (HKLM-x32\...\{45909428-3E25-40BD-8FBD-2AF3FF4EA7E8}) (Version: 6.28.0006 - BNP Paribas Fortis NV/SA)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Cheetah DVD Burner (HKLM-x32\...\{BD01E97F-2A6A-495E-BE38-22C7B80F3CD7}) (Version: - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
GamesDesktop 005.005010089 (HKLM-x32\...\gmsd_be_005010089_is1) (Version: - GAMESDESKTOP) <==== AANDACHT
GemistDownloader (HKLM-x32\...\GemistDownloader) (Version: 2.8.1.8a - Wietze Beukema (HelpdeskWeb.nl))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.87 - Google Inc.)
Google Drive (HKLM-x32\...\{895D0391-459F-4D45-B8DD-13F0DE70C66E}) (Version: 1.28.1549.1322 - Google, Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google SketchUp 8 (HKLM-x32\...\{13FE3480-9E41-48C0-930F-BFC0767CC340}) (Version: 3.0.14369 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 41.003.55.00.06 - Huawei Technologies Co.,Ltd)
Hola™ 1.12.459 - Better Internet (HKLM\...\Hola) (Version: 1.12.459 - Hola Networks Ltd.)
HP Officejet Pro 8500 A910 Haelp (HKLM-x32\...\{871B2A9D-0F12-44B3-88C1-E0CB10A232E4}) (Version: 140.0.2.2 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Microsoft Lync 2010 (HKLM\...\{C7B887F2-07CA-4903-93A2-9B4E16E4EABD}) (Version: 4.0.7577.4461 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSSUB) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 nl)) (Version: 45.0.1 - Mozilla)
NTI Backup Now 5 (x32 Version: 5.5.0.63 - NewTech Infosystems, Inc.) Hidden
NTI Backup Now 5.5 (HKLM-x32\...\InstallShield_{EFD455EE-0C23-440A-AB9E-E4BEC4705A6E}) (Version: 5.5.0.63 - NewTech Infosystems, Inc.)
NTI Digital Flix 2.5.0.4 (HKLM-x32\...\NTI Digital Flix 2.5.0.4_is1) (Version: - )
NTI Media Maker 9 Premium (HKLM-x32\...\InstallShield_{BAD7EFEC-E8D9-4B57-9F1B-9DD30D839933}) (Version: 9.0.1.8933 - NTI Corporation)
NTI Media Maker 9 Premium (x32 Version: 9.0.1.8933 - NTI Corporation) Hidden
NTI Open File Manager (HKLM-x32\...\NTI Open File Manager) (Version: - NewTech Infosystems, Inc.)
Opera Stable 36.0.2130.32 (HKLM-x32\...\Opera 36.0.2130.32) (Version: 36.0.2130.32 - Opera Software)
Påloggingsassistent for Microsoft Online Services (HKLM\...\{46E637E2-AC34-4B45-B5DF-D20903A3DB61}) (Version: 7.250.4303.0 - Microsoft Corporation)
Panda Devices Agent (x32 Version: 1.03.05 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.0.1 - Panda Security)
Panda Free Antivirus (Version: 8.03.00.0000 - Panda Security) Hidden
PhraseProfessor 1.10.0.24 (HKLM-x32\...\PhraseProfessor_1.10.0.24) (Version: 1.10.0.24 - PhraseProfessor) <==== AANDACHT
Popcorn Time (HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\Popcorn Time) (Version: - Popcorn Official)
Productverbeteringonderzoek HP Officejet Pro 8500 A910 (HKLM\...\{9C28F7FA-A393-4256-A1A8-278AD506F990}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-011D-0000-0000-0000000FF1CE}_Office14.PROPLUSSUB_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== AANDACHT
SHARP MX/MX-M Series PCL/PS Printer Driver (HKLM-x32\...\SHARP MX-2310U PCL PS Printer Driver) (Version: 1.00.000 - SHARP)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Snelkoppelingen naar Marketsplash (HKLM-x32\...\{61A74D66-D2E0-45C8-AC28-EC66EA9D9002}) (Version: 1.0.1.7 - Hewlett-Packard)
Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (10/10/2013 4.0.0.0) (HKLM\...\017E462195A49B92E61A2EE9F52F341D2A5D6C3B) (Version: 10/10/2013 4.0.0.0 - Advanced Card Systems Ltd.)
Stuurprogrammapakket voor Windows - Fedict SmartCard (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.56083 - TeamViewer)
VoipConnect (HKLM-x32\...\VoipConnect_is1) (Version: 4.14 build 766 - Finarea S.A. Switzerland)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-2492519384-784487665-790397795-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> C:\Program Files\WinZip\adxloader64.dll ()
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {0344E402-903B-4AEB-A66B-182691E44176} - \HPCustParticipation HP Officejet Pro 8500 A910 -> Geen bestand <==== AANDACHT
Task: {100BD8F6-BE4E-4B0D-B380-06C5A5114EF0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {103D0E89-7F36-4EFD-9FFC-C3FD5AD539CC} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {11496A3A-A45A-4254-A1F3-A2FAC42A5D6B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {1B0218B4-1B6A-4287-8CB3-59B242D7087D} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {1CFEA1B0-0959-4094-9974-AF8A6AF0A48D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {20337873-788B-4B3C-8857-FCE927E5B469} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {2390764F-4931-4E38-806E-92AE6BED97FD} - \Winsta Update -> Geen bestand <==== AANDACHT
Task: {2A8C99C5-E70D-4D49-A795-088799184777} - \CreateChoiceProcessTask -> Geen bestand <==== AANDACHT
Task: {2AAA900E-95AE-4A74-9316-78AE0AEEAD98} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {2FD59D3E-40D0-4F60-852D-07FB053B9661} - System32\Tasks\Opera scheduled Autoupdate 1443625059 => C:\Program Files (x86)\Opera\launcher.exe [2016-03-14] (Opera Software)
Task: {463A06F7-7FA1-4B43-B3B1-6ED4D934D39E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {4E08CF6A-2919-49E9-806A-4A0A89A8E5B2} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {5017C623-6393-440C-93E9-027CB14FE9AE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {5290EC6B-47A1-404D-9431-45E2BA61F36F} - \{6BC3BD36-CC7E-4666-867E-D66FB83918ED} -> Geen bestand <==== AANDACHT
Task: {676E2551-F630-4FCB-A6CA-F026111D4B5A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {67F881E8-9A16-4DB1-9D99-49B32FDD3BED} - \Adobe Acrobat Update Task -> Geen bestand <==== AANDACHT
Task: {6FDF98F6-07EC-4196-B562-F87B2067E272} - \PhraseProfessor Auto Updater 1.10.0.24 Pending Update -> Geen bestand <==== AANDACHT
Task: {72D0A54C-A787-4B92-979C-8549EF85BAD9} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {7BACB88B-395D-4299-8EEA-A4BAD8514AC4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-03-09] (Microsoft Corporation)
Task: {7E9723A4-BBC1-4980-859A-3A3ACC68D87A} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {7F0C1CFB-49EF-469F-8EDF-88EEB18C91AB} - \Optimize Start Menu Cache Files-S-1-5-21-2492519384-784487665-790397795-1027 -> Geen bestand <==== AANDACHT
Task: {917F26D7-C930-4660-88DF-1A90F519834D} - \{102B20BA-1E82-47B3-BFE8-CF1FBBE2A804} -> Geen bestand <==== AANDACHT
Task: {92D126A0-9769-4C77-9200-122C2389ABF1} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {9363264E-3508-4F7A-9B82-4681F1B6A295} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {96C7FC2A-6CAD-48B8-A807-A990202E457A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {A0CBE4A1-9549-49F4-83C5-21712C34826F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {A65354F3-67E7-41D7-A11C-6F2DA1DE080C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A6557BA1-1169-4F87-A476-60004569BA68} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {AB41D3CD-CB0A-4C02-83B3-0EECBB981185} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {AB4C4A60-A4B8-4A65-896C-FE5539273DDE} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: {B50B0AAE-4481-464C-A705-962DF62DF74C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {B771C835-E4CC-4D66-A1B9-20322F1ECFB6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {B87D32FE-D516-4819-BF77-B069ED8104D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {BA07F5E6-3807-45A9-89A1-69464EBD5EF2} - \Microsoft OneDrive Auto Update Task-S-1-5-21-2492519384-784487665-790397795-1000 -> Geen bestand <==== AANDACHT
Task: {BAB0EE2C-87F0-4E03-A097-C9171A897EAC} - \WinKit -> Geen bestand <==== AANDACHT
Task: {C0489AB8-7603-41BD-B097-A83D06116A53} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {CD392819-9C96-4461-BB49-649CCC5BBBAE} - \Convertor -> Geen bestand <==== AANDACHT
Task: {D97904B3-7702-4F10-8594-5D634F98EBC4} - \PhraseProfessor Auto Updater 1.10.0.24 Core -> Geen bestand <==== AANDACHT
Task: {DB71D5B5-DD89-4981-B282-8CC2B522BDC1} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
Task: {EED13EE7-F957-4401-9F20-6EBBCD10F83C} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {EF7B4887-8375-4365-9E87-4C7815BA705D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-11] (Google Inc.)
Task: {F232EDBF-46EC-4A35-BC7F-ADCD48C02681} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {FD6ED0F3-0FAA-4BCE-93AB-674D589BEB1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\Bidaily Synchronize Task[8da6].job => c:\programdata\{f6a12d13-0e71-d3e8-f6a1-12d130e7b44c}\hqghumeaylnlf.exe <==== AANDACHT
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-12-17 19:38 - 2015-12-17 19:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-05-28 11:16 - 2015-05-20 12:46 - 00138544 _____ () C:\ProgramData\HiSuiteOuc\HiSuiteOuc64.exe
2015-05-28 11:16 - 2015-05-20 12:46 - 00192304 _____ () C:\ProgramData\HandSetService\HuaweiHiSuiteService64.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-08-17 14:21 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-06 14:13 - 2015-07-06 14:13 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2010-03-02 11:29 - 2010-03-02 11:29 - 00033024 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
2010-03-02 11:30 - 2010-03-02 11:30 - 01066240 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll
2010-03-02 11:30 - 2010-03-02 11:30 - 00103680 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll
2010-03-02 11:30 - 2010-03-02 11:30 - 00066816 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2015-09-17 09:52 - 2007-02-27 18:45 - 00073728 _____ () C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\VersionInfo.dll
2015-09-17 09:52 - 2007-02-27 18:45 - 00106496 _____ () C:\Program Files (x86)\NTI\NTI Digital Flix 2.5.0.4\mlutil.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00098816 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32api.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00110080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pywintypes27.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00364544 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pythoncom27.dll
2016-03-30 18:34 - 2016-03-30 18:34 - 00320512 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32com.shell.shell.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00776704 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_hashlib.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01176576 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._core_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00806400 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._gdi_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00816128 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._windows_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01067008 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._controls_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00733184 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._misc_.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00682496 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pysqlite2._sqlite.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00088064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_ctypes.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00119808 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32file.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00108544 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32security.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00007168 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\hashobjs_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00017920 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\thumbnails_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00088064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\usb_ext.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00167936 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32gui.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00018432 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32event.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00046080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_socket.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 01208320 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_ssl.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00128512 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_elementtree.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00127488 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\pyexpat.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00013824 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\common.time34.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00038912 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32inet.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00036864 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_psutil_windows.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00525208 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\windows._lib_cacheinvalidation.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00011264 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32crypt.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00077312 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._html2.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00027136 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_multiprocessing.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00020480 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\_yappi.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00035840 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32process.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00686080 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\unicodedata.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00078848 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._animate.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00123392 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\wx._wizard.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00024064 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32pipe.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00010240 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\select.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00025600 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32pdh.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00017408 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32profile.pyd
2016-03-30 18:34 - 2016-03-30 18:34 - 00022528 _____ () C:\Users\Egon\AppData\Local\Temp\_MEI49402\win32ts.pyd
2010-03-02 11:30 - 2010-03-02 11:30 - 00008960 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
IE trusted site: HKU\.DEFAULT\...\belgium.be -> hxxps://*.belgium.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.be -> hxxp://*.bnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.be -> hxxps://*.bnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\bnpparibasfortis.com -> hxxp://*.bnpparibasfortis.com
IE trusted site: HKU\.DEFAULT\...\fgov.be -> hxxps://*.minfin.fgov.be
IE trusted site: HKU\.DEFAULT\...\fortis.com -> hxxp://wwwqa.merchant-banking.fortis.com
IE trusted site: HKU\.DEFAULT\...\fortisbank.com -> hxxps://businessportal.fortisbank.com
IE trusted site: HKU\.DEFAULT\...\isabel.be -> hxxps://*.IBS6.isabel.be
IE trusted site: HKU\.DEFAULT\...\isabel.eu -> hxxps://www.isabel.eu
IE trusted site: HKU\.DEFAULT\...\isabel.eu -> hxxp://www.isabel.eu
IE trusted site: HKU\.DEFAULT\...\nbb.be -> hxxps://*.nbb.be
IE trusted site: HKU\.DEFAULT\...\qabnpparibasfortis.be -> hxxps://pcbb.qabnpparibasfortis.be
IE trusted site: HKU\.DEFAULT\...\socialsecurity.be -> hxxps://*.socialsecurity.be
IE trusted site: HKU\.DEFAULT\...\zoomit.be -> hxxps://*.zoomit.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\belgium.be -> hxxps://*.belgium.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.be -> hxxp://*.bnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.be -> hxxps://*.bnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\bnpparibasfortis.com -> hxxp://*.bnpparibasfortis.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fgov.be -> hxxps://*.minfin.fgov.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fortis.com -> hxxp://wwwqa.merchant-banking.fortis.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\fortisbank.com -> hxxps://businessportal.fortisbank.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\hola.org -> hxxp://hola.org
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.be -> hxxps://*.IBS6.isabel.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.eu -> hxxps://www.isabel.eu
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\isabel.eu -> hxxp://www.isabel.eu
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\nbb.be -> hxxps://*.nbb.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\qabnpparibasfortis.be -> hxxps://pcbb.qabnpparibasfortis.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\sharepoint.com -> hxxps://cortofisc2.sharepoint.com
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\socialsecurity.be -> hxxps://*.socialsecurity.be
IE trusted site: HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\zoomit.be -> hxxps://*.zoomit.be
==================== Hosts inhoud: ===============================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-2492519384-784487665-790397795-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 195.130.131.3 - 195.130.130.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKLM\...\StartupApproved\Run: => "SpaceSoundPro"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "rec_be_69"
HKLM\...\StartupApproved\Run32: => "gmsd_be_005010089"
HKU\S-1-5-21-2492519384-784487665-790397795-1000\...\StartupApproved\Run: => "Sidebar"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{26AE2DB3-6CD3-4659-8A79-9D1A7C1A5BF3}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{B8BC9883-C795-429A-8169-6CABB1478402}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\DeviceSetup.exe
FirewallRules: [{82BCE6DB-73FB-4345-8598-F5B1F0043E8E}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D48F4947-8D93-425F-AFA0-18747443DA88}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8500 A910\Bin\HPNetworkCommunicator.exe
FirewallRules: [{24BB3A21-FD1D-4A53-8550-33A80970E457}] => (Allow) C:\Program Files (x86)\Microsoft Lync\communicator.exe
FirewallRules: [{355E94DD-5836-465A-94C9-9C8241E65FEE}] => (Allow) C:\Program Files (x86)\Microsoft Lync\UcMapi.exe
FirewallRules: [{780B12B5-4BC8-49C8-8640-47ACCAAAE023}] => (Allow) C:\Program Files\Microsoft Lync\UcMapi64.exe
FirewallRules: [TCP Query User{7FA2045D-7C21-4008-8754-BD916891823B}C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{836C0A6F-EC81-4409-937F-E7CA70DF57F7}C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\egon\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{2DC2F424-DDB8-42B6-B58C-0BA6C109D520}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{AA09B090-C6FA-48CC-B2EB-811E375082AC}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{E7F703DB-D089-4A9D-B832-10BEBF5C3C6D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EC82BDAD-4CE1-481F-807A-D855CB474CFA}] => (Allow) LPort=2869
FirewallRules: [{5281D25A-B00B-41C7-B33A-F385AE204EF0}] => (Allow) LPort=1900
FirewallRules: [{B1146F52-0849-4E3F-B9DA-FA9E84EE712E}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{952D0BC1-EA79-4FEB-A917-B8A849DFC7A4}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{60326222-B55A-4B62-BB47-0E5049CFBC8E}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox\app\hola_plugin.exe
FirewallRules: [{4255E804-DDC5-4175-8A21-C3072D22CCF7}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{12656270-9B9D-4CD5-9551-EEF1CDA32F8C}] => (Allow) C:\Program Files\Hola\app\hola_updater.exe
FirewallRules: [{8005F68B-CD1F-425D-8B5C-D8B9FBA0E801}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{BCA4CB25-D832-405B-B20A-BBE291A80AD6}] => (Allow) C:\Program Files\Hola\app\hola_svc.exe
FirewallRules: [{298A55A1-D99E-4CB5-8E84-BBAE6A7865D1}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{41C30A30-2050-4689-B41B-2C54BE1CD1F9}] => (Allow) C:\Users\Egon\AppData\Local\Hola\firefox_hola\app\hola_plugin.exe
FirewallRules: [{5312E195-FEA4-415C-8427-E5519D2B83F0}] => (Allow) C:\Users\Egon\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{256C660C-E9E5-452A-8155-3738CF0BFB4E}] => (Allow) C:\Program Files (x86)\MyBrowser\MyBrowser\Application\mybrowser.exe
FirewallRules: [{E4BFEAB9-D6F3-4FF6-8AF6-E299BDAF34B0}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{0C801698-BBC8-4297-B81F-263A8ED25151}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{04079FB2-F218-4184-8324-793701C05762}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\ShadowSvc.exe
FirewallRules: [{4671B49D-6583-44EA-981F-B287869B5536}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
FirewallRules: [{8165DFBB-234D-4415-99D1-9C316D382A80}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
FirewallRules: [{0E166778-406F-4EA7-9F26-A949EB2DBAD5}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\ShadowSvc.exe
FirewallRules: [{A933CEAA-2462-4FD2-9ED7-8D3B9AB0ED01}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{8BE715D8-B6D6-4E6B-A7CA-66E475B58E79}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
FirewallRules: [{687E1479-6865-4B8E-A2DB-043173A016BA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1457994-F634-4ECF-8F2C-B08BDF7F48AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C61F5D37-B68E-42F7-BBA8-31FCF555016B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A987E505-6B24-4DA5-8499-BAE7C1051DDD}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F0C074E4-22E8-4936-B75A-58B4DAB3DB18}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB390905-F91E-4CE9-87F4-6D003D01001F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{AF2327CE-DBAD-4E4F-B6F3-41CF821B96FC}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{76A33C77-2647-4229-A7D7-2472A1D41560}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Allow) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [TCP Query User{8B111706-0F2A-4B43-A413-E976295D248C}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [UDP Query User{39586827-2A9D-41A6-BE4A-3AE73B49BD36}C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe] => (Block) C:\program files (x86)\voipconnect.com\voipconnect\voipconnect.exe
FirewallRules: [{B0374E55-3232-4702-836E-23821B01E970}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C8DBD2B8-6515-42F6-B7EF-8ACEEBA17C0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{21EA14F4-2174-4479-BA39-1EFE0A0CF68D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6EB513F7-F7F6-4B7B-BA90-BD67A7F6AEB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F3FBBEDD-428D-4ABA-8B65-25487484FF37}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{AB3970B1-2983-48AA-A0E9-7C24DA7E9893}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Herstelpunten =========================
09-03-2016 10:00:26 Gepland controlepunt
18-03-2016 09:55:47 Gepland controlepunt
24-03-2016 10:01:49 Windows Update
==================== Defecte Apparaatbeheer Apparaten =============
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (03/30/2016 06:23:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: PSUAMain.exe, versie: 4.0.0.644, tijdstempel: 0x55b799d6
Naam van module met fout: ntdll.dll, versie: 6.3.9600.18202, tijdstempel: 0x569e72c5
Uitzonderingscode: 0xc000070a
Foutmarge: 0x000f5786
Id van proces met fout: 0x1650
Starttijd van toepassing met fout: 0xPSUAMain.exe0
Pad naar toepassing met fout: PSUAMain.exe1
Pad naar module met fout: PSUAMain.exe2
Rapport-id: PSUAMain.exe3
Volledige pakketnaam met fout: PSUAMain.exe4
Relatieve toepassings-id van pakket met fout: PSUAMain.exe5
Error: (03/30/2016 06:03:50 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma IEXPLORE.EXE, versie 11.0.9600.18124 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.
Proces-id: ae8
Starttijd: 01d18a9d95ad6cf9
Eindtijd: 109
Toepassingspad: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Rapport-id: fba57460-f690-11e5-beb8-00265538ba37
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:
Error: (03/30/2016 06:02:20 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1671
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1671
Error: (03/30/2016 05:27:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7563
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7563
Error: (03/29/2016 05:34:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/29/2016 05:34:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6078
Systeemfouten:
=============
Error: (03/30/2016 06:27:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Counter-intuitive Text Direction-service kan vanwege de volgende fout niet worden gestart:
%%2
Error: (03/30/2016 06:27:34 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: IncludeRunner.
Error: (03/30/2016 06:27:03 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
Error: (03/30/2016 05:57:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Counter-intuitive Text Direction-service kan vanwege de volgende fout niet worden gestart:
%%2
Error: (03/30/2016 05:57:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: IncludeRunner.
Error: (03/30/2016 05:57:12 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
Error: (03/30/2016 05:55:25 PM) (Source: DCOM) (EventID: 10010) (User: EGON-PC)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
Error: (03/30/2016 05:32:57 PM) (Source: WudfUsbccidDriver) (EventID: 11) (User: NT AUTHORITY)
Description: 0x810x20x10xfe0x00x0
Error: (03/30/2016 05:32:55 PM) (Source: WudfUsbccidDriver) (EventID: 1) (User: NT AUTHORITY)
Description: ScReadWrite: Failed to read reply.-8053061870xa0x00x00x0
Error: (03/30/2016 03:26:00 PM) (Source: WudfUsbccidDriver) (EventID: 6) (User: NT AUTHORITY)
Description: VendorIoctl0x313520
==================== Geheugen info ===========================
Processor: Intel® Core2 Duo CPU E7500 @ 2.93GHz
Percentage geheugen in gebruik: 41%
Totaal fysiek RAM-geheugen: 3037.17 MB
Beschikbaar fysiek RAM-geheugen: 1764.62 MB
Totaal Virtueel geheugen: 6109.17 MB
Beschikbaar Virtual geheugen: 4832.4 MB
==================== Schijven ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:213.21 GB) NTFS
==================== MBR & Partitietabel ==================
==================== Eind van Addition.txt ============================
Edited by HaraMo, 30 March 2016 - 01:24 PM.