Re: dropper generic9
[hjt]
scanresultaten van farbar recovery scan tool (frst) (x64) versie:26-11-2015
gestart door erik (beheerder) op pc-studiekamer (26-11-2015 23:12:25)
gestart vanaf c:\users\erik\desktop
geladen profielen: erik (beschikbare profielen: erik & chantal & myrthe)
platform: windows 8.1 (x64) taal: nederlands (nederland)
internet explorer versie 11 (standaardbrowser: ie)
boot modus: normal
handleiding voor farbar recovery scan tool:
[noparse]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/noparse]
==================== processen (gefilterd) =================
(als een item is opgenomen in de fixlist, het proces zal worden gesloten. het bestand zal niet worden verplaatst.)
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgrsa.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgcsrva.exe
()
c:\program files (x86)\avg web tuneup\wtusystemsupport.exe
(amd)
c:\windows\system32\atiesrxx.exe
(amd)
c:\windows\system32\atieclxx.exe
(advanced micro devices, inc.)
c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe
(apple inc.)
c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgidsagent.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\framework\common\avgsvca.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgwdsvcx.exe
(apple inc.)
c:\program files\bonjour\mdnsresponder.exe
(cyberlink)
c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsmonitorservice.exe
(cyberlink)
c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe
()
c:\program files\cyberlink\shared files\richvideo64.exe
(microsoft corporation)
c:\windows\system32\gwx\gwx.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgnsa.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgemca.exe
(realtek semiconductor)
c:\program files\realtek\audio\hda\ravcpl64.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\framework\common\avguix.exe
(avg technologies cz, s.r.o.)
c:\program files (x86)\avg\av\avgui.exe
(microsoft corporation)
c:\windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\tiworker.exe
==================== register (gefilterd) ===========================
(als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. het bestand zal niet worden verplaatst.)
hklm\...\run:
[rthdvcpl] => c:\program files\realtek\audio\hda\ravcpl64.exe [13219984 2012-11-07] (realtek semiconductor)
hklm\...\run:
[logitech download assistant] =>
c:\windows\system32\rundll32.exe c:\windows\system32\logilda.dll,logifetch
hklm\...\run:
[ituneshelper] => c:\program files\itunes\ituneshelper.exe [170256 2015-10-16] (apple inc.)
hklm-x32\...\run:
[clmlserver_for_p2g8] => c:\program files (x86)\cyberlink\power2go8\clmlsvc_p2g8.exe [110144 2013-03-05] (cyberlink)
hklm-x32\...\run:
[clvirtualdrive] => c:\program files (x86)\cyberlink\power2go8\virtualdrive.exe [492248 2012-12-26] (cyberlink corp.)
hklm-x32\...\run:
[remotecontrol10] => c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe [95192 2013-03-11] (cyberlink corp.)
hklm-x32\...\run:
[startccc] => c:\program files (x86)\ati technologies\ati.ace\core-static\amd64\clistart.exe [766688 2014-07-04] (advanced micro devices, inc.)
hklm-x32\...\run:
[quicktime task] => c:\program files (x86)\quicktime\qttask.exe [421888 2015-08-06] (apple inc.)
hklm-x32\...\run:
[avgui] => c:\program files (x86)\avg\framework\common\avguix.exe [1136552 2015-11-12] (avg technologies cz, s.r.o.)
hklm-x32\...\run:
[avg_ui] => c:\program files (x86)\avg\av\avgui.exe [3826600 2015-10-30] (avg technologies cz, s.r.o.)
hklm\...\policies\explorer:
[confirmfiledelete] 1
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\run:
[startmenux] => c:\program files\start menu x\startmenux.exe [7671104 2013-09-28] (ordinarysoft)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\run:
[utorrent] => c:\users\erik\appdata\roaming\utorrent\utorrent.exe [1822048 2015-10-15] (bittorrent inc.)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\run:
[icloudservices] => c:\program files (x86)\common files\apple\internet services\icloudservices.exe [60688 2015-10-21] (apple inc.)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\run:
[applephotostreams] => c:\program files (x86)\common files\apple\internet services\applephotostreams.exe [61200 2015-10-21] (apple inc.)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\run:
[ccleaner monitoring] => c:\program files\ccleaner\ccleaner64.exe [8461224 2015-09-16] (piriform ltd)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\mountpoints2:
{8730b022-334b-11e3-be99-d43d7eaf2f21} -
g:\launchu3.exe -a
hku\s-1-5-21-3410450458-18125292-3348098418-1002\control panel\desktop\\scrnsave.exe -> c:\windows\system32\sstext3d.scr
[217088 2014-10-29] (microsoft corporation)
startup:
c:\users\chantal\appdata\roaming\microsoft\windows\start menu\programs\startup\onenote 2010 schermopname en snel starten.lnk [2014-10-10]
shortcuttarget: onenote 2010 schermopname en snel starten.lnk ->
c:\program files (x86)\microsoft office\office14\onenotem.exe (microsoft corporation)
==================== internet (gefilterd) ====================
(als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
tcpip\parameters:
[dhcpnameserver] 192.168.1.1
tcpip\..\interfaces\
{239bbc7a-0480-462b-bd33-1d5ee714d0a7}:
[dhcpnameserver] 192.168.1.1
tcpip\..\interfaces\
{56d57287-9546-46e2-8502-adcc4d0978eb}:
[dhcpnameserver] 192.168.1.1
internet explorer:
==================
searchscopes: hklm-x32 -> defaultscope waarde ontbreekt
bho: office document cache handler ->
{b4f3a835-0e21-4959-ba22-42b3008e02ff} ->
c:\program files\microsoft office\office14\urlredir.dll [2013-03-06] (microsoft corporation)
bho-x32: office document cache handler ->
{b4f3a835-0e21-4959-ba22-42b3008e02ff} ->
c:\program files (x86)\microsoft office\office14\urlredir.dll [2013-03-06] (microsoft corporation)
dpf: hklm-x32
{4b54a9de-ef1c-4ebe-a328-7c28ea3b433a} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
dpf: hklm-x32
{7530bfb8-7293-4d34-9923-61a11451afc5} hxxp://download.eset.com/special/eos/onlinescanner.cab
firefox:
========
ff plugin: @microsoft.com/officeauthz,version=14.0 ->
c:\progra~1\micros~2\office14\npauthz.dll [2010-01-09] (microsoft corporation)
ff plugin-x32: @apple.com/itunes,version=1.0 ->
c:\program files (x86)\itunes\mozilla plugins\npitunes.dll [2015-10-08] ()
ff plugin-x32: @microsoft.com/officeauthz,version=14.0 ->
c:\progra~2\micros~3\office14\npauthz.dll [2010-01-09] (microsoft corporation)
ff plugin-x32: @microsoft.com/sharepoint,version=14.0 ->
c:\progra~2\micros~3\office14\npspwrap.dll [2010-03-24] (microsoft corporation)
ff plugin-x32: @microsoft.com/wlpg,version=16.4.3508.0205 ->
c:\program files (x86)\windows live\photo gallery\npwlpg.dll [2013-02-05] (microsoft corporation)
ff plugin-x32: @tools.google.com/google update;version=3 ->
c:\program files (x86)\google\update\1.3.28.15\npgoogleupdate3.dll [2015-10-09] (google inc.)
ff plugin-x32: @tools.google.com/google update;version=9 ->
c:\program files (x86)\google\update\1.3.28.15\npgoogleupdate3.dll [2015-10-09] (google inc.)
chrome:
=======
chr profile: c:\users\erik\appdata\local\google\chrome\user data\default
chr extension: (google presentaties) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\aapocclcgogkmnckokdopfmhonfmgoek
[2015-10-09]
chr extension: (google documenten) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\aohghmighlieiainnegkcijnfilokake
[2015-10-09]
chr extension: (google drive) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\apdfllckaahabafndbhieahigkjlhalf
[2015-11-06]
chr extension: (youtube) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
[2015-10-09]
chr extension: (google search) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\coobgpohoikkiipiblmjeljniedjpjpf
[2015-11-06]
chr extension: (google spreadsheets) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\felcaaldnbdncclmgdcncolpebgiejap
[2015-10-09]
chr extension: (offline documenten) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
[2015-10-09]
chr extension: (betalingen via chrome web store) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda
[2015-10-09]
chr extension: (gmail) - c:\users\erik\appdata\local\google\chrome\user data\default\extensions\pjkljhegncpnkpknbcohdijeoejaedia
[2015-10-09]
chr hklm\...\chrome\extension:
[flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
chr hklm-x32\...\chrome\extension:
[flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== services (gefilterd) ========================
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
r2 amd fuel service;
c:\program files\ati technologies\ati.ace\fuel\fuel.service.exe [361984 2013-06-04] (advanced micro devices, inc.) [bestand niet getekend]
r2 apple mobile device service;
c:\program files\common files\apple\mobile device support\applemobiledeviceservice.exe [77104 2015-10-07] (apple inc.)
s3 avgamps;
c:\program files (x86)\avg\av\avgamps.exe [595376 2015-10-30] (avg technologies cz, s.r.o.)
r2 avgidsagent;
c:\program files (x86)\avg\av\avgidsagent.exe [3815648 2015-10-30] (avg technologies cz, s.r.o.)
r2 avgsvc;
c:\program files (x86)\avg\framework\common\avgsvca.exe [1046952 2015-11-12] (avg technologies cz, s.r.o.)
r2 avgwd;
c:\program files (x86)\avg\av\avgwdsvcx.exe [579776 2015-10-30] (avg technologies cz, s.r.o.)
r2 cyberlink powerdvd 10 ms monitor service;
c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsmonitorservice.exe [74712 2013-03-11] (cyberlink)
r2 cyberlink powerdvd 10 ms service;
c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe [316376 2013-03-11] (cyberlink)
s2 mbamservice;
c:\program files (x86)\malwarebytes anti-malware\mbamservice.exe [1135416 2015-10-05] (malwarebytes)
r2 richvideo64;
c:\program files\cyberlink\shared files\richvideo64.exe [386344 2010-08-19] ()
s3 wdnissvc;
c:\program files\windows defender\nissrv.exe [366552 2015-07-07] (microsoft corporation)
s3 windefend;
c:\program files\windows defender\msmpeng.exe [23824 2015-07-07] (microsoft corporation)
r2 wtusystemsupport;
c:\program files (x86)\avg web tuneup\wtusystemsupport.exe [1205136 2015-11-18] ()
===================== drivers (gefilterd) ==========================
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
s2 aoddriver4.2.0;
c:\program files\ati technologies\ati.ace\fuel\amd64\aoddriver2.sys [57472 2012-04-09] (advanced micro devices)
r3 atihdaudioservice;
c:\windows\system32\drivers\atihdw86.sys [94208 2013-04-24] (advanced micro devices)
s0 avgboota;
c:\windows\system32\drivers\avgboota.sys [23152 2015-09-09] (avg technologies cz, s.r.o.)
r1 avgdiska;
c:\windows\system32\drivers\avgdiska.sys [197040 2015-08-10] (avg technologies cz, s.r.o.)
r1 avgidsdriver;
c:\windows\system32\drivers\avgidsdrivera.sys [313776 2015-10-19] (avg technologies cz, s.r.o.)
r0 avgidsha;
c:\windows\system32\drivers\avgidsha.sys [298416 2015-08-20] (avg technologies cz, s.r.o.)
r1 avgldx64;
c:\windows\system32\drivers\avgldx64.sys [284080 2015-10-21] (avg technologies cz, s.r.o.)
r0 avgloga;
c:\windows\system32\drivers\avgloga.sys [398256 2015-08-14] (avg technologies cz, s.r.o.)
r0 avgmfx64;
c:\windows\system32\drivers\avgmfx64.sys [255408 2015-10-21] (avg technologies cz, s.r.o.)
r0 avgrkx64;
c:\windows\system32\drivers\avgrkx64.sys [42416 2015-08-10] (avg technologies cz, s.r.o.)
r1 avgwfpa;
c:\windows\system32\drivers\avgwfpa.sys [306608 2015-10-08] (avg technologies cz, s.r.o.)
r1 clvirtualdrive;
c:\windows\system32\drivers\clvirtualdrive.sys [91712 2013-03-05] (cyberlink)
s0 ebdrv;
c:\windows\system32\drivers\evbda.sys [3357024 2013-08-22] (broadcom corporation)
r3 mbamprotector;
c:\windows\system32\drivers\mbam.sys [25816 2015-10-05] (malwarebytes)
s3 mbamwebaccesscontrol;
c:\windows\system32\drivers\mwac.sys [64216 2015-10-05] (malwarebytes corporation)
r3 rtlwlanu;
c:\windows\system32\drivers\rtwlanu.sys [1975000 2013-07-31] (realtek semiconductor corporation )
s3 ssudserd;
c:\windows\system32\drivers\ssudserd.sys [206080 2014-01-22] (devguru co., ltd.(
www.devguru.co.kr))
s3 wdboot;
c:\windows\system32\drivers\wdboot.sys [44560 2015-07-07] (microsoft corporation)
s3 wdfilter;
c:\windows\system32\drivers\wdfilter.sys [270168 2015-07-07] (microsoft corporation)
s3 wdnisdrv;
c:\windows\system32\drivers\wdnisdrv.sys [114520 2015-07-07] (microsoft corporation)
==================== netsvcs (gefilterd) ===================
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== een maand aangemaakt bestanden en mappen ========
(als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2015-11-26 23:08 - 2015-11-26 23:10 - 02348544 _____ (farbar)
c:\users\erik\desktop\frst64.exe
2015-11-26 22:55 - 2015-11-26 22:55 - 01733632 _____
c:\users\erik\desktop\adwcleaner_5.022.exe
2015-11-26 22:54 - 2015-11-26 22:54 - 00000548 _____ c:\users\erik\desktop\jrt2611.txt
2015-11-26 22:33 - 2015-11-26 22:33 - 01599336 _____ (malwarebytes)
c:\users\erik\desktop\jrt.exe
2015-11-25 09:11 - 2015-11-25 09:11 - 00197632 _____ (singularlabs)
c:\users\erik\desktop\oldchromeremover-0.5.exe
2015-11-24 15:55 - 2015-11-24 15:55 - 00000000 ____d c:\users\myrthe\appdata\roaming\avg
2015-11-24 15:55 - 2015-11-24 15:55 - 00000000 ____d c:\users\myrthe\appdata\local\avg
2015-11-23 23:38 - 2015-11-23 23:38 - 00000679 _____ c:\users\erik\desktop\checkup.txt
2015-11-22 23:23 - 2015-11-22 23:23 - 00000867 _____ c:\users\erik\desktop\uhosted_ca.cer
2015-11-21 14:31 - 2015-11-21 14:31 - 00000000 ____d c:\program files (x86)\eset
2015-11-21 09:41 - 2015-11-26 22:54 - 00000548 _____ c:\users\erik\desktop\jrt.txt
2015-11-20 21:45 - 2015-11-20 21:45 - 00000703 _____ c:\users\erik\desktop\9lab-log-2015-11-20 (21-02-48).txt
2015-11-20 21:02 - 2015-11-20 21:02 - 00000954 _____
c:\users\public\desktop\removal tool.lnk
2015-11-20 21:02 - 2015-11-20 21:02 - 00000000 ____d c:\users\erik\appdata\roaming\9-lab
2015-11-20 21:02 - 2015-11-20 21:02 - 00000000 ____d c:\programdata\microsoft\windows\start menu\programs\9-lab removal tool
2015-11-20 21:02 - 2015-11-20 21:02 - 00000000 ____d c:\programdata\9-lab
2015-11-20 21:02 - 2015-11-20 21:02 - 00000000 ____d c:\program files\9-lab
2015-11-20 21:01 - 2015-11-20 21:01 - 06254992 _____
c:\users\erik\desktop\rmtool-setup-x64.exe
2015-11-20 20:58 - 2015-11-20 20:58 - 00001244 _____ c:\users\erik\desktop\mbam sacnlogboek.txt
2015-11-20 14:59 - 2015-11-20 15:01 - 00001662 _____ c:\users\erik\desktop\fixlog.txt
2015-11-20 09:02 - 2015-11-26 23:12 - 00013567 _____ c:\users\erik\desktop\frst.txt
2015-11-20 09:02 - 2015-11-26 23:12 - 00000000 ____d c:\frst
2015-11-20 09:02 - 2015-11-20 09:03 - 00026945 _____ c:\users\erik\desktop\addition.txt
2015-11-20 08:42 - 2015-11-20 08:48 - 00199854 _____ c:\windows\ntbtlog.txt
2015-11-18 13:48 - 2015-11-18 13:48 - 00001118 _____
c:\users\public\desktop\malwarebytes anti-malware.lnk
2015-11-18 13:48 - 2015-11-18 13:48 - 00000000 ____d c:\programdata\microsoft\windows\start menu\programs\malwarebytes anti-malware
2015-11-18 13:48 - 2015-11-18 13:48 - 00000000 ____d c:\program files (x86)\malwarebytes anti-malware
2015-11-18 13:48 - 2015-10-05 09:50 - 00109272 _____ (malwarebytes)
c:\windows\system32\drivers\mbamchameleon.sys
2015-11-18 13:48 - 2015-10-05 09:50 - 00064216 _____ (malwarebytes corporation)
c:\windows\system32\drivers\mwac.sys
2015-11-18 13:48 - 2015-10-05 09:50 - 00025816 _____ (malwarebytes)
c:\windows\system32\drivers\mbam.sys
2015-11-18 13:09 - 2015-11-18 13:09 - 00012342 _____ c:\users\erik\desktop\adwcleaner
[c1].txt
2015-11-18 13:04 - 2015-11-26 22:59 - 00000000 ____d c:\adwcleaner
2015-11-18 10:14 - 2015-11-18 10:14 - 00000000 _____ c:\autoexec.bat
2015-11-18 09:51 - 2015-11-18 09:51 - 00000000 ____d c:\users\erik\appdata\local\avg web tuneup
2015-11-18 09:51 - 2015-11-18 09:51 - 00000000 ____d c:\program files (x86)\mozilla firefox
2015-11-18 09:50 - 2015-11-18 09:51 - 00000000 ____d c:\programdata\avg web tuneup
2015-11-18 09:50 - 2015-11-18 09:50 - 00000000 ____d c:\program files\avg web tuneup
2015-11-18 09:50 - 2015-11-18 09:50 - 00000000 ____d c:\program files (x86)\avg web tuneup
2015-11-18 09:40 - 2015-11-18 09:40 - 00000000 ____d c:\users\erik\appdata\roaming\avg
2015-11-18 09:40 - 2015-11-18 09:40 - 00000000 ____d c:\program files\common files\av
2015-11-18 09:39 - 2015-11-18 09:39 - 00000956 _____
c:\users\public\desktop\avg protection.lnk
2015-11-18 09:39 - 2015-11-18 09:39 - 00000000 ___hd c:\$avg
2015-11-18 09:39 - 2015-11-18 09:39 - 00000000 ____d c:\users\erik\appdata\roaming\tuneup software
2015-11-18 09:39 - 2015-11-18 09:39 - 00000000 ____d c:\programdata\microsoft\windows\start menu\programs\avg
2015-11-18 09:36 - 2015-11-26 22:11 - 00000000 ____d c:\programdata\mfadata
2015-11-18 09:36 - 2015-11-18 10:02 - 00000000 ____d c:\users\erik\appdata\local\avg
2015-11-18 09:36 - 2015-11-18 10:02 - 00000000 ____d c:\program files (x86)\avg
2015-11-18 09:36 - 2015-11-18 10:01 - 00000000 ____d c:\programdata\avg
2015-11-18 09:36 - 2015-11-18 10:00 - 00000000 ____d c:\users\erik\appdata\local\avgsetuplog
2015-11-18 09:36 - 2015-11-18 09:36 - 00000000 ____d c:\users\erik\appdata\local\mfadata
2015-11-18 09:36 - 2015-11-18 09:36 - 00000000 ____d c:\users\erik\appdata\local\avg2015
2015-11-18 09:08 - 2015-11-18 09:08 - 00003288 _____ c:\windows\system32\tasks\urla3
2015-11-18 09:08 - 2015-11-18 09:08 - 00003288 _____ c:\windows\system32\tasks\urla2
2015-11-18 09:08 - 2015-11-18 09:08 - 00003288 _____ c:\windows\system32\tasks\urla1
2015-11-13 17:23 - 2015-11-13 17:26 - 00000000 ____d c:\program files (x86)\logosmartz trial
2015-11-13 17:23 - 2010-02-23 17:00 - 02267368 _____ (adobe systems, inc.)
c:\windows\syswow64\flash9d.ocx
2015-11-13 17:23 - 2010-02-23 17:00 - 00117507 _____ (microsoft corporation)
c:\windows\syswow64\msinet.ocx
2015-11-13 17:23 - 2010-02-23 17:00 - 00109248 _____ (microsoft corporation)
c:\windows\syswow64\mswinsck.ocx
2015-11-13 17:23 - 2001-03-13 14:49 - 00140288 _____ (microsoft corporation)
c:\windows\syswow64\comdlg32.ocx
2015-11-13 17:23 - 1996-11-08 02:48 - 00368912 _____ (microsoft corporation)
c:\windows\syswow64\vbar332.dll
2015-11-13 17:20 - 2015-11-13 17:20 - 00000098 _____
c:\programdata\{262e20b8-6e20-4cef-b1fd-d022ab1085f5}.dat
2015-11-13 17:19 - 2015-11-18 10:36 - 00000000 ____d c:\users\erik\appdata\local\
{652546e4-3f1b-4d7e-8a08-29263d851015}
2015-11-13 17:19 - 2015-11-13 17:56 - 00000000 ____d c:\users\erik\desktop\logo
2015-11-13 17:19 - 2015-11-13 17:19 - 00003086 _____ c:\windows\system32\tasks\gte3014
2015-11-11 10:14 - 2015-10-15 17:08 - 00990208 _____ (microsoft corporation)
c:\windows\system32\kerberos.dll
2015-11-11 10:14 - 2015-10-15 16:46 - 00803328 _____ (microsoft corporation)
c:\windows\syswow64\kerberos.dll
2015-11-11 10:14 - 2015-10-13 18:10 - 00559616 _____ (microsoft corporation)
c:\windows\system32\drivers\afd.sys
2015-11-11 10:14 - 2015-10-13 18:10 - 00108032 _____ (microsoft corporation)
c:\windows\system32\drivers\tdx.sys
2015-11-11 10:14 - 2015-10-13 16:59 - 00397224 _____ (microsoft corporation)
c:\windows\system32\bcryptprimitives.dll
2015-11-11 10:14 - 2015-10-13 16:59 - 00340872 _____ (microsoft corporation)
c:\windows\syswow64\bcryptprimitives.dll
2015-11-11 10:14 - 2015-10-13 16:59 - 00137960 _____ (microsoft corporation)
c:\windows\system32\ncrypt.dll
2015-11-11 10:14 - 2015-10-13 16:59 - 00120376 _____ (microsoft corporation)
c:\windows\syswow64\ncrypt.dll
2015-11-11 10:14 - 2015-10-13 16:59 - 00106952 _____ (microsoft corporation)
c:\windows\system32\ncryptsslp.dll
2015-11-11 10:14 - 2015-10-13 16:59 - 00091416 _____ (microsoft corporation)
c:\windows\syswow64\ncryptsslp.dll
2015-11-11 10:14 - 2015-10-11 07:36 - 00561952 _____ (microsoft corporation)
c:\windows\system32\drivers\cng.sys
2015-11-11 10:14 - 2015-10-11 07:36 - 00177496 _____ (microsoft corporation)
c:\windows\system32\drivers\ksecpkg.sys
2015-11-11 10:14 - 2015-10-10 19:40 - 00202240 _____ (microsoft corporation)
c:\windows\system32\drivers\mrxsmb20.sys
2015-11-11 10:14 - 2015-10-10 19:39 - 00401408 _____ (microsoft corporation)
c:\windows\system32\drivers\mrxsmb.sys
2015-11-11 10:14 - 2015-10-10 19:07 - 00445440 _____ (microsoft corporation)
c:\windows\system32\certcli.dll
2015-11-11 10:14 - 2015-10-10 18:33 - 01441280 _____ (microsoft corporation)
c:\windows\system32\lsasrv.dll
2015-11-11 10:14 - 2015-10-10 18:27 - 00432640 _____ (microsoft corporation)
c:\windows\system32\schannel.dll
2015-11-11 10:14 - 2015-10-10 18:11 - 00324096 _____ (microsoft corporation)
c:\windows\syswow64\certcli.dll
2015-11-11 10:14 - 2015-10-10 17:45 - 00359424 _____ (microsoft corporation)
c:\windows\syswow64\schannel.dll
2015-11-11 10:14 - 2015-09-12 14:47 - 00414559 _____ c:\windows\system32\apndatabase.xml
2015-11-11 10:14 - 2015-08-28 23:20 - 00183368 _____ (microsoft corporation)
c:\windows\system32\authhost.exe
2015-11-11 10:13 - 2015-10-20 22:54 - 00136904 _____ (microsoft corporation)
c:\windows\system32\wuauclt.exe
2015-11-11 10:13 - 2015-10-20 15:53 - 03705856 _____ (microsoft corporation)
c:\windows\system32\wuaueng.dll
2015-11-11 10:13 - 2015-10-20 15:36 - 02243072 _____ (microsoft corporation)
c:\windows\system32\wucltux.dll
2015-11-11 10:13 - 2015-10-20 15:35 - 00891904 _____ (microsoft corporation)
c:\windows\system32\wuapi.dll
2015-11-11 10:13 - 2015-10-20 15:34 - 00409088 _____ (microsoft corporation)
c:\windows\system32\wusettingsprovider.dll
2015-11-11 10:13 - 2015-10-20 15:34 - 00140288 _____ (microsoft corporation)
c:\windows\system32\wuwebv.dll
2015-11-11 10:13 - 2015-10-20 15:34 - 00035840 _____ (microsoft corporation)
c:\windows\system32\wuapp.exe
2015-11-11 10:13 - 2015-10-20 15:33 - 00095744 _____ (microsoft corporation)
c:\windows\system32\wudriver.dll
2015-11-11 10:13 - 2015-10-20 15:14 - 00721920 _____ (microsoft corporation)
c:\windows\syswow64\wuapi.dll
2015-11-11 10:13 - 2015-10-20 15:13 - 00124928 _____ (microsoft corporation)
c:\windows\syswow64\wuwebv.dll
2015-11-11 10:13 - 2015-10-20 15:13 - 00081920 _____ (microsoft corporation)
c:\windows\syswow64\wudriver.dll
2015-11-11 10:13 - 2015-10-20 15:13 - 00029696 _____ (microsoft corporation)
c:\windows\syswow64\wuapp.exe
2015-11-11 10:13 - 2015-10-15 00:02 - 07455064 _____ (microsoft corporation)
c:\windows\system32\ntoskrnl.exe
2015-11-11 10:13 - 2015-10-15 00:02 - 01659560 _____ (microsoft corporation) c:\windows\system32\winload.efi
2015-11-11 10:13 - 2015-10-15 00:02 - 01519592 _____ (microsoft corporation)
c:\windows\system32\winload.exe
2015-11-11 10:13 - 2015-10-15 00:02 - 01487008 _____ (microsoft corporation) c:\windows\system32\winresume.efi
2015-11-11 10:13 - 2015-10-15 00:02 - 01355848 _____ (microsoft corporation)
c:\windows\system32\winresume.exe
2015-11-11 10:12 - 2015-10-31 00:46 - 25818624 _____ (microsoft corporation)
c:\windows\system32\mshtml.dll
2015-11-11 10:12 - 2015-10-31 00:25 - 02886656 _____ (microsoft corporation)
c:\windows\system32\iertutil.dll
2015-11-11 10:12 - 2015-10-31 00:24 - 00585728 _____ (microsoft corporation)
c:\windows\system32\vbscript.dll
2015-11-11 10:12 - 2015-10-31 00:11 - 05990912 _____ (microsoft corporation)
c:\windows\system32\jscript9.dll
2015-11-11 10:12 - 2015-10-31 00:11 - 00817664 _____ (microsoft corporation)
c:\windows\system32\jscript.dll
2015-11-11 10:12 - 2015-10-30 23:52 - 20331520 _____ (microsoft corporation)
c:\windows\syswow64\mshtml.dll
2015-11-11 10:12 - 2015-10-30 23:47 - 00504832 _____ (microsoft corporation)
c:\windows\syswow64\vbscript.dll
2015-11-11 10:12 - 2015-10-30 23:42 - 02279936 _____ (microsoft corporation)
c:\windows\syswow64\iertutil.dll
2015-11-11 10:12 - 2015-10-30 23:39 - 01032704 _____ (microsoft corporation)
c:\windows\system32\inetcomm.dll
2015-11-11 10:12 - 2015-10-30 23:36 - 00663552 _____ (microsoft corporation)
c:\windows\syswow64\jscript.dll
2015-11-11 10:12 - 2015-10-30 23:32 - 00720896 _____ (microsoft corporation)
c:\windows\system32\ie4uinit.exe
2015-11-11 10:12 - 2015-10-30 23:31 - 00801280 _____ (microsoft corporation)
c:\windows\system32\msfeeds.dll
2015-11-11 10:12 - 2015-10-30 23:22 - 14457856 _____ (microsoft corporation)
c:\windows\system32\ieframe.dll
2015-11-11 10:12 - 2015-10-30 23:17 - 02487808 _____ (microsoft corporation)
c:\windows\system32\wininet.dll
2015-11-11 10:12 - 2015-10-30 23:16 - 04527616 _____ (microsoft corporation)
c:\windows\syswow64\jscript9.dll
2015-11-11 10:12 - 2015-10-30 23:14 - 00880128 _____ (microsoft corporation)
c:\windows\syswow64\inetcomm.dll
2015-11-11 10:12 - 2015-10-30 23:10 - 00689152 _____ (microsoft corporation)
c:\windows\syswow64\msfeeds.dll
2015-11-11 10:12 - 2015-10-30 23:09 - 12854272 _____ (microsoft corporation)
c:\windows\syswow64\ieframe.dll
2015-11-11 10:12 - 2015-10-30 23:04 - 01547264 _____ (microsoft corporation)
c:\windows\system32\urlmon.dll
2015-11-11 10:12 - 2015-10-30 22:53 - 00800768 _____ (microsoft corporation)
c:\windows\system32\ieapfltr.dll
2015-11-11 10:12 - 2015-10-30 22:51 - 02011136 _____ (microsoft corporation)
c:\windows\syswow64\wininet.dll
2015-11-11 10:12 - 2015-10-30 22:48 - 01311744 _____ (microsoft corporation)
c:\windows\syswow64\urlmon.dll
2015-11-11 10:12 - 2015-10-30 22:46 - 00710144 _____ (microsoft corporation)
c:\windows\syswow64\ieapfltr.dll
2015-11-11 10:12 - 2015-10-17 15:19 - 04176384 _____ (microsoft corporation)
c:\windows\system32\win32k.sys
2015-11-11 10:12 - 2015-10-08 17:08 - 01083904 _____ (microsoft corporation)
c:\windows\system32\ikeext.dll
2015-11-11 10:12 - 2015-09-29 13:24 - 00155480 ____c (microsoft corporation)
c:\windows\system32\drivers\tpm.sys
2015-11-11 10:12 - 2015-09-07 17:22 - 00477184 _____ (microsoft corporation)
c:\windows\system32\puiobj.dll
2015-11-11 10:12 - 2015-09-07 16:54 - 00367104 _____ (microsoft corporation)
c:\windows\syswow64\puiobj.dll
2015-11-11 10:12 - 2015-09-07 16:30 - 01091584 _____ (microsoft corporation)
c:\windows\system32\localspl.dll
2015-11-11 10:12 - 2015-09-04 20:24 - 00154112 _____ (microsoft corporation)
c:\windows\system32\drivers\tunnel.sys
2015-11-11 10:12 - 2015-08-20 21:45 - 01380048 _____ (microsoft corporation)
c:\windows\system32\gdi32.dll
2015-11-11 10:12 - 2015-08-20 18:48 - 01096704 _____ (microsoft corporation)
c:\windows\syswow64\gdi32.dll
2015-11-11 10:12 - 2015-08-10 19:15 - 00845312 _____ (microsoft corporation)
c:\windows\system32\bfe.dll
2015-11-11 10:12 - 2015-08-10 19:06 - 00422400 _____ (microsoft corporation)
c:\windows\system32\fwpuclnt.dll
2015-11-11 10:12 - 2015-08-10 18:49 - 00713216 _____ (microsoft corporation)
c:\windows\system32\nshwfp.dll
2015-11-11 10:12 - 2015-08-10 17:56 - 00272384 _____ (microsoft corporation)
c:\windows\syswow64\fwpuclnt.dll
2015-11-11 10:12 - 2015-08-10 17:46 - 00561664 _____ (microsoft corporation)
c:\windows\syswow64\nshwfp.dll
2015-11-06 19:12 - 2015-11-06 19:12 - 00014294 _____ c:\users\myrthe\desktop\planning week 46 en 47.xlsx
2015-11-06 13:39 - 2015-11-06 13:39 - 04226034 _____ c:\users\erik\desktop\certificaat cloud.pdf
2015-11-04 13:53 - 2015-11-04 13:54 - 00308281 _____ c:\users\erik\desktop\factuur w&b 20151103 meerkilometers oktober.pdf
2015-11-04 13:52 - 2015-11-04 13:52 - 00014705 _____ c:\users\erik\desktop\factuur w&b 20151103 meerkilometers oktober.xlsx
2015-11-04 13:40 - 2015-11-04 13:43 - 00094989 _____ c:\users\erik\desktop\kilometeradministratie chamyra tm 04112015.xlsx
2015-11-04 11:22 - 2015-11-04 11:22 - 00661298 _____ c:\users\erik\downloads\finglaccounts (1).xls
2015-11-04 09:06 - 2015-11-04 09:06 - 00000000 ____d c:\programdata\microsoft\windows\start menu\programs\icloud
2015-11-04 09:05 - 2015-11-04 09:05 - 00001769 _____
c:\users\public\desktop\itunes.lnk
2015-11-04 09:05 - 2015-11-04 09:05 - 00000000 ____d c:\programdata\microsoft\windows\start menu\programs\itunes
2015-11-04 09:05 - 2015-11-04 09:05 - 00000000 ____d c:\program files\ipod
2015-11-04 09:05 - 2015-11-04 09:05 - 00000000 ____d c:\program files (x86)\itunes
2015-11-04 09:04 - 2015-11-04 09:05 - 00000000 ____d c:\program files\itunes
2015-10-30 18:34 - 2015-10-30 18:46 - 00014720 _____ c:\users\myrthe\desktop\planning week 45 en 46.xlsx
2015-10-30 14:50 - 2015-10-30 14:52 - 00014548 _____ c:\users\erik\desktop\planning 45 en 46.xlsx
2015-10-28 11:44 - 2015-11-25 13:03 - 00000000 ____d c:\users\erik\desktop\ww
==================== een maand gewijzigd bestanden en mappen ========
(als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2015-11-26 23:12 - 2013-08-22 16:36 - 00000000 ____d c:\windows\appreadiness
2015-11-26 23:11 - 2013-10-12 15:55 - 00003594 _____ c:\windows\system32\tasks\optimize start menu cache files-s-1-5-21-3410450458-18125292-3348098418-1002
2015-11-26 23:09 - 2013-08-22 14:36 - 00000000 ____d c:\windows
2015-11-26 23:07 - 2015-10-09 09:02 - 00001082 _____
c:\windows\tasks\googleupdatetaskmachineua.job
2015-11-26 23:07 - 2015-10-09 09:02 - 00000000 ____d c:\program files (x86)\google
2015-11-26 23:07 - 2013-12-24 12:25 - 00000000 ____d c:\users\erik\appdata\local\google
2015-11-26 22:58 - 2015-10-09 09:02 - 00001078 _____
c:\windows\tasks\googleupdatetaskmachinecore.job
2015-11-26 22:58 - 2013-08-22 15:45 - 00000006 ____h
c:\windows\tasks\sa.dat
2015-11-26 20:57 - 2013-08-22 16:36 - 00000000 ____d c:\windows\system32\fxstmp
2015-11-26 20:18 - 2013-10-13 12:24 - 00003596 _____ c:\windows\system32\tasks\optimize start menu cache files-s-1-5-21-3410450458-18125292-3348098418-1006
2015-11-26 20:12 - 2014-03-01 00:33 - 00003978 _____ c:\windows\system32\tasks\user_feed_synchronization-
{93776467-10a1-4d9d-811f-fb46bf1c7e0c}
2015-11-26 14:38 - 2013-08-22 14:36 - 00000000 ____d c:\windows\inf
2015-11-25 11:11 - 2013-08-22 14:25 - 00262144 ___sh c:\windows\system32\config\elam
2015-11-25 10:29 - 2014-05-07 06:56 - 00192216 _____ (malwarebytes)
c:\windows\system32\drivers\mbamswissarmy.sys
2015-11-25 10:26 - 2015-02-13 11:39 - 00000000 ____d c:\programdata\package cache
2015-11-25 10:23 - 2014-02-26 18:11 - 00000000 ____d c:\users\erik
2015-11-24 17:02 - 2014-09-07 15:14 - 00003986 _____ c:\windows\system32\tasks\user_feed_synchronization-
{28f00a2f-c937-45db-8339-5b327a7e6dea}
2015-11-22 22:48 - 2013-08-22 14:25 - 00524288 ___sh c:\windows\system32\config\bbi
2015-11-21 14:31 - 2013-08-22 16:36 - 00000000 ___sd c:\windows\downloaded program files
2015-11-20 16:39 - 2013-10-05 16:12 - 00000000 ____d c:\users\erik\appdata\local\elevateddiagnostics
2015-11-18 16:01 - 2014-06-02 21:59 - 00000000 ____d c:\users\erik\appdata\roaming\utorrent
2015-11-18 15:06 - 2015-10-15 07:23 - 00000000 ____d c:\users\erik\appdata\locallow\utorrent
2015-11-18 12:53 - 2015-10-09 09:02 - 00002227 _____
c:\users\public\desktop\google chrome.lnk
2015-11-18 12:53 - 2013-10-13 12:15 - 00001887 _____
c:\users\myrthe\desktop\welkom bij medion.lnk
2015-11-18 12:53 - 2013-10-13 12:15 - 00001029 _____
c:\users\myrthe\desktop\windows 8 info.lnk
2015-11-18 12:53 - 2013-10-12 13:09 - 00001887 _____
c:\users\chantal\desktop\welkom bij medion.lnk
2015-11-18 12:53 - 2013-10-12 13:09 - 00001029 _____
c:\users\chantal\desktop\windows 8 info.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001899 _____
c:\users\erik\desktop\aldi foto service.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001899 _____
c:\users\default\desktop\aldi foto service.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001899 _____
c:\users\default user\desktop\aldi foto service.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001887 _____
c:\users\default\desktop\welkom bij medion.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001887 _____
c:\users\default user\desktop\welkom bij medion.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001869 _____
c:\users\default\desktop\aldi talk.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001869 _____
c:\users\default user\desktop\aldi talk.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001711 _____
c:\users\default\desktop\lifestore.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001711 _____
c:\users\default user\desktop\lifestore.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001107 _____
c:\users\default\desktop\hartelijk welkom bij aldi.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001107 _____
c:\users\default user\desktop\hartelijk welkom bij aldi.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001029 _____
c:\users\default\desktop\windows 8 info.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00001029 _____
c:\users\default user\desktop\windows 8 info.lnk
2015-11-18 12:53 - 2013-10-05 14:04 - 00000927 _____
c:\users\public\desktop\marktplaats.nl.lnk
2015-11-18 12:53 - 2013-07-19 16:14 - 00002449 _____
c:\programdata\microsoft\windows\start menu\programs\welcome.lnk
2015-11-18 12:53 - 2013-07-19 16:14 - 00002449 _____
c:\programdata\microsoft\windows\start menu\programs\medionhome.lnk
2015-11-18 10:09 - 2013-11-14 13:39 - 01823174 _____
c:\windows\system32\perfstringbackup.ini
2015-11-18 10:09 - 2013-11-14 13:23 - 00805462 _____
c:\windows\system32\perfh013.dat
2015-11-18 10:09 - 2013-11-14 13:23 - 00161964 _____
c:\windows\system32\perfc013.dat
2015-11-18 09:39 - 2012-07-26 09:12 - 00000000 ___hd c:\windows\elambkup
2015-11-15 10:24 - 2013-08-22 16:36 - 00000000 ____d c:\windows\rescache
2015-11-13 17:15 - 2014-07-09 12:56 - 00000000 ____d c:\users\erik\appdata\local\windows live
2015-11-12 18:05 - 2013-08-22 15:44 - 00420504 _____
c:\windows\system32\fntcache.dat
2015-11-12 17:33 - 2013-08-22 16:36 - 00000000 ___rd c:\windows\toastdata
2015-11-12 16:50 - 2013-10-12 14:58 - 00000000 ____d c:\programdata\microsoft help
2015-11-12 16:50 - 2012-07-26 08:59 - 00000000 ____d c:\windows\cbstemp
2015-11-12 16:45 - 2013-10-14 07:15 - 00000000 ____d c:\windows\system32\mrt
2015-11-12 16:41 - 2013-01-07 18:56 - 145617392 _____ (microsoft corporation)
c:\windows\system32\mrt.exe
2015-11-09 20:38 - 2013-08-22 16:36 - 00000000 ____d c:\windows\system32\ndf
2015-11-06 19:09 - 2013-08-22 16:36 - 00000000 ___hd c:\program files\windowsapps
2015-11-06 13:08 - 2015-09-04 15:14 - 00000000 ____d c:\users\myrthe\documents\h2b
2015-11-04 09:07 - 2015-01-07 11:41 - 00000000 ____d c:\users\erik\desktop\uitzoeken
2015-11-04 09:06 - 2015-05-20 08:42 - 00000000 ____d c:\users\erik\appdata\roaming\apple computer
2015-11-04 09:06 - 2015-05-20 08:42 - 00000000 ____d c:\users\erik\appdata\local\apple computer
2015-11-04 09:04 - 2015-05-20 08:39 - 00000000 ____d c:\program files\common files\apple
2015-11-03 01:23 - 2014-05-22 21:23 - 00810488 _____ (adobe systems incorporated)
c:\windows\syswow64\flashplayerapp.exe
2015-11-03 01:23 - 2014-05-22 21:23 - 00176632 _____ (adobe systems incorporated) c:\windows\syswow64\flashplayercplapp.cpl
2015-10-28 15:08 - 2013-10-12 13:29 - 00000000 ____d c:\users\erik\appdata\roaming\belastingdienst
==================== bestanden in de root van sommige mappen =======
2014-02-26 09:01 - 2014-06-01 12:05 - 0007605 _____ () c:\users\erik\appdata\local\resmon.resmoncfg
2015-11-13 17:20 - 2015-11-13 17:20 - 0000098 _____ ()
c:\programdata\{262e20b8-6e20-4cef-b1fd-d022ab1085f5}.dat
bestanden om te verplaatsen of verwijderen:
====================
c:\programdata\{262e20b8-6e20-4cef-b1fd-d022ab1085f5}.dat
sommige bestanden in temp:
====================
c:\users\erik\appdata\local\temp\avgnt.exe
c:\users\erik\appdata\local\temp\sqlite3.dll
==================== bamital & volsnap =================
(er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
c:\windows\system32\winlogon.exe => bestand is getekend
c:\windows\system32\wininit.exe => bestand is getekend
c:\windows\explorer.exe => bestand is getekend
c:\windows\syswow64\explorer.exe => bestand is getekend
c:\windows\system32\svchost.exe => bestand is getekend
c:\windows\syswow64\svchost.exe => bestand is getekend
c:\windows\system32\services.exe => bestand is getekend
c:\windows\system32\user32.dll => bestand is getekend
c:\windows\syswow64\user32.dll => bestand is getekend
c:\windows\system32\userinit.exe => bestand is getekend
c:\windows\syswow64\userinit.exe => bestand is getekend
c:\windows\system32\rpcss.dll => bestand is getekend
c:\windows\system32\dnsapi.dll => bestand is getekend
c:\windows\syswow64\dnsapi.dll => bestand is getekend
c:\windows\system32\drivers\volsnap.sys => bestand is getekend
lastregback: 2015-11-26 20:18
==================== eind van frst.txt ============================
[/hjt]
[hjt]
extra scanresultaten van farbar recovery scan tool (x64) versie:26-11-2015
gestart door erik (2015-11-26 23:12:56)
gestart vanaf c:\users\erik\desktop
windows 8.1 (x64) (2014-02-26 18:08:14)
boot modus: normal
==========================================================
==================== accounts: =============================
administrator (s-1-5-21-3410450458-18125292-3348098418-500 - administrator - disabled)
chantal (s-1-5-21-3410450458-18125292-3348098418-1005 - limited - enabled) => c:\users\chantal
erik (s-1-5-21-3410450458-18125292-3348098418-1002 - administrator - enabled) => c:\users\erik
gast (s-1-5-21-3410450458-18125292-3348098418-501 - limited - disabled)
myrthe (s-1-5-21-3410450458-18125292-3348098418-1006 - limited - enabled) => c:\users\myrthe
==================== security center ========================
(als een item is opgenomen in de fixlist, zal het worden verwijderd.)
av: windows defender (disabled - up to date)
{d68ddc3a-831f-4fae-9e44-da132c1acf46}
av: avg antivirus (enabled - up to date)
{4d41356f-32ad-7c42-c820-63775ee4f413}
as: windows defender (disabled - up to date)
{d68ddc3a-831f-4fae-9e44-da132c1acf46}
as: avg antivirus (enabled - up to date)
{f620d48b-1497-73cc-f290-58052563beae}
==================== genstalleerde programma's ======================
(alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. de adware-programma's moeten handmatig gedeinstallerd worden.)
torrent (hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\utorrent) (version: 3.4.5.41202 - bittorrent inc.)
9-lab removal tool (hklm-x32\...\9-lab removal tool) (version: - )
aangifte inkomstenbelasting 2007 (hklm-x32\...\aangifte inkomstenbelasting 2007) (version: - )
aangifte inkomstenbelasting 2008 (hklm-x32\...\aangifte inkomstenbelasting 2008) (version: - belastingdienst)
aangifte inkomstenbelasting 2009 (hklm-x32\...\aangifte inkomstenbelasting 2009) (version: - belastingdienst)
aangifte inkomstenbelasting 2010 (hklm-x32\...\aangifte inkomstenbelasting 2010) (version: - belastingdienst)
aangifte inkomstenbelasting 2011 (hklm-x32\...\aangifte inkomstenbelasting 2011) (version: - belastingdienst)
aangifte inkomstenbelasting 2012 (hklm-x32\...\aangifte inkomstenbelasting 2012) (version: - belastingdienst)
aangifte inkomstenbelasting 2013 (hklm-x32\...\aangifte inkomstenbelasting 2013) (version: - belastingdienst)
aangifte inkomstenbelasting 2014 (hklm-x32\...\aangifte inkomstenbelasting 2014) (version: - belastingdienst)
amd catalyst install manager (hklm\...\
{654e38f8-81ee-3159-f215-d4bf3dc0441e}) (version: 8.0.915.0 - advanced micro devices, inc.)
amd vision engine control center (hklm-x32\...\wucccapp) (version: 1.00.0000 - amd)
apple application support (32-bit) (hklm-x32\...\
{649a1fd9-5892-46ad-8df0-c4a43ff61cb7}) (version: 4.1 - apple inc.)
apple application support (64-bit) (hklm\...\
{0de0a178-ac7b-4650-806c-cf226de03766}) (version: 4.1 - apple inc.)
apple mobile device support (hklm\...\
{3540181e-340a-4e7a-b409-31663472b2f7}) (version: 9.1.0.6 - apple inc.)
apple software update (hklm-x32\...\
{ffd1f7f1-1ac9-4bc4-a908-0686d635abaf}) (version: 2.1.4.131 - apple inc.)
ashampoo applauncher (medion) v.1.0.0 (hklm-x32\...\ashampoo applauncher (medion)_is1) (version: 1.0.0 - ashampoo gmbh & co. kg)
avg (version: 16.7.7227 - avg technologies) hidden
avg 2016 (version: 16.0.4460 - avg technologies) hidden
avg protection (hklm\...\avg) (version: 2016.7.7227 - avg technologies)
avg web tuneup (hklm-x32\...\avg web tuneup) (version: 4.1.8.599 - avg technologies)
bonjour (hklm\...\
{56dddfb8-7f79-4480-89d5-25e1f52ab28f}) (version: 3.1.0.1 - apple inc.)
canon mx880 series mp drivers (hklm\...\
{1199fad5-9546-44f3-81cf-ffdb8040b7bf}_canon_mx880_series) (version: - )
ccleaner (hklm\...\ccleaner) (version: 5.10 - piriform)
cyberlink powerdirector (version: 9.0.0.5129 - cyberlink corp.) hidden
cyberlink powerrecover (hklm-x32\...\installshield_
{44b2a0ab-412e-4f8c-b058-d1e8aeccdff5}) (version: 5.7.0.0913 - cyberlink corp.)
cyberlink powerrecover (version: 5.7.0.0913 - cyberlink corp.) hidden
d3dx10 (x32 version: 15.4.2368.0902 - microsoft) hidden
eset online scanner v3 (hklm-x32\...\eset online scanner) (version: - )
excel password recovery lastic 1.1 (hklm-x32\...\excel password recovery lastic_is1) (version: - )
fmw 1 (version: 1.32.2 - avg technologies) hidden
fotogalerie (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
fotogalerija (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
fotogalleri (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
fotogalleriet (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
foto?raf galerisi (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
fottr (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
galeria de fotografias (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
galera de fotos (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
galeria fotografii (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
galerie de photos (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
google chrome (hklm-x32\...\google chrome) (version: 46.0.2490.86 - google inc.)
google update helper (x32 version: 1.3.28.15 - google inc.) hidden
icloud (hklm\...\
{b33c558f-772f-4308-a059-390fbf9baaae}) (version: 5.0.2.61 - apple inc.)
itunes (hklm\...\
{e690a491-702f-4dec-9977-c015d1dbb57c}) (version: 12.3.1.23 - apple inc.)
malwarebytes anti-malware versie 2.2.0.1024 (hklm-x32\...\malwarebytes anti-malware_is1) (version: 2.2.0.1024 - malwarebytes)
medion home cinema 10 (hklm-x32\...\installshield_
{8f14aa37-5193-4a14-bd5b-bdf9b361aef7}) (version: 10.0 - cyberlink corp.)
medion home cinema 10 (x32 version: 10.2419 - cyberlink corp.) hidden
microsoft office home and student 2010 (hklm-x32\...\office14.singleimage) (version: 14.0.7015.1000 - microsoft corporation)
microsoft sql server 2005 compact edition
[enu] (hklm-x32\...\
{f0b430d1-b6aa-473d-9b06-aa3dd01fd0b8}) (version: 3.1.0000 - microsoft corporation)
microsoft visual c++ 2005 redistributable (hklm-x32\...\
{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (version: 8.0.61001 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x64 9.0.30729.17 (hklm\...\
{8220eefe-38cd-377e-8595-13398d740ace}) (version: 9.0.30729 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x64 9.0.30729.6161 (hklm\...\
{5fce6d76-f5dc-37ab-b2b8-22ab8cedb1d4}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.17 (hklm-x32\...\
{9a25302d-30c0-39d9-bd6f-21e6ec160475}) (version: 9.0.30729 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.4148 (hklm-x32\...\
{1f1c2dfc-2d24-3e06-bcb8-725134adf989}) (version: 9.0.30729.4148 - microsoft corporation)
microsoft visual c++ 2008 redistributable - x86 9.0.30729.6161 (hklm-x32\...\
{9be518e6-ecc6-35a9-88e4-87755c07200f}) (version: 9.0.30729.6161 - microsoft corporation)
microsoft visual c++ 2010 x64 redistributable - 10.0.40219 (hklm\...\
{1d8e6291-b0d5-35ec-8441-6616f567a0f7}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2010 x86 redistributable - 10.0.40219 (hklm-x32\...\
{f0c3e5d1-1ade-321e-8167-68ef0de699a5}) (version: 10.0.40219 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x64) - 11.0.50727 (hklm-x32\...\
{15134cb0-b767-4960-a911-f2d16ae54797}) (version: 11.0.50727.1 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x64) - 11.0.61030 (hklm-x32\...\
{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x86) - 11.0.50727 (hklm-x32\...\
{22154f09-719a-4619-bb71-5b3356999fbf}) (version: 11.0.50727.1 - microsoft corporation)
microsoft visual c++ 2012 redistributable (x86) - 11.0.61030 (hklm-x32\...\
{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (version: 11.0.61030.0 - microsoft corporation)
microsoft visual studio 2010 tools for office runtime (x64) (hklm\...\microsoft visual studio 2010 tools for office runtime (x64)) (version: 10.0.50903 - microsoft corporation)
movie maker (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
msxml 4.0 sp3 parser (kb2758694) (hklm-x32\...\
{1d95ba90-f4f8-47ec-a882-441c99d30c1e}) (version: 4.30.2117.0 - microsoft corporation)
pdfcreator (hklm-x32\...\
{0001b4fd-9ea3-4d90-a79e-fd14ba3ab01d}) (version: 1.7.1 - pdfforge)
photonow (x32 version: 1.1.7717 - cyberlink corp.) hidden
podstawowe programy windows live (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
quicktime 7 (hklm-x32\...\
{80ceeb1e-0a6c-45b9-a312-37a1d25fdebc}) (version: 7.78.80.95 - apple inc.)
raccolta foto (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
realtek high definition audio driver (hklm-x32\...\
{f132af7f-7bca-4ede-8a7c-958108fe7dbc}) (version: 6.0.1.6777 - realtek semiconductor corp.)
service pack 2 for microsoft office 2010 (kb2687455) 32-bit edition (hklm-x32\...\
{90140000-003d-0000-0000-0000000ff1ce}_office14.singleimage_
{de28b448-32e8-4e8f-84f0-a52b21a49b5b}) (version: - microsoft)
start menu x versie 4.97 (hklm\...\
{3e494002-985c-4908-b72c-5b4dd15be090}_is1) (version: 4.97 - ordinarysoft)
taalpakket voor microsoft visual studio 2010 tools for office runtime (x64) - nld (hklm\...\microsoft visual studio 2010 tools for office runtime (x64) language pack - nld) (version: 10.0.50903 - microsoft corporation)
valokuvavalikoima (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
visual studio 2012 x64 redistributables (hklm\...\
{8c775e70-a791-4da8-bcc3-6ab7136f4484}) (version: 14.0.0.1 - avg technologies)
visual studio 2012 x86 redistributables (hklm-x32\...\
{98eff19a-30ab-4e4b-b943-f06b1c63ebf8}) (version: 14.0.0.1 - avg technologies cz, s.r.o.)
windows live essentials (hklm-x32\...\winlivesuite) (version: 16.4.3508.0205 - microsoft corporation)
??????? ??????????? (x32 version: 16.4.3508.0205 - microsoft corporation) hidden
==================== aangepaste clsid (gefilterd): ==========================
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== herstelpunten =========================
18-11-2015 09:37:43 installed avg 2016
18-11-2015 09:38:52 installed avg
20-11-2015 14:59:22 restore point created by frst
21-11-2015 09:39:32 jrt pre-junkware removal
25-11-2015 15:12:41 jrt pre-junkware removal
26-11-2015 22:52:09 jrt pre-junkware removal
==================== hosts inhoud: ===============================
(als nodig hosts: opdracht kan worden opgenomen in de fixlist om hosts te resetten.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____n c:\windows\system32\drivers\etc\hosts
==================== geplande taken (gefilterd) =============
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
task:
{08371068-94bc-440f-94ea-b79f7367fe9e} - system32\tasks\googleupdatetaskmachineua =>
c:\program files (x86)\google\update\googleupdate.exe [2015-10-09] (google inc.)
task:
{12fcfa33-08fe-4cbf-920c-fd7987a225cc} - system32\tasks\microsoft\windows\removaltools\mrt_hb =>
c:\windows\system32\mrt.exe [2015-11-12] (microsoft corporation)
task:
{66577c9d-2890-429b-a808-a71d30e24050} - system32\tasks\urla1 => explorer
task:
{77224e96-50a4-41ba-a109-82e32d3006ce} - system32\tasks\
{4f98caba-2370-4b93-9746-dddd5a996e96} => iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/nl/abandoninstall?page=tsplugin
task:
{ad9eebcd-e901-4164-aea7-9b34f57dd1f1} - system32\tasks\urla3 => explorer
task:
{c6de6e4a-c59a-41aa-943b-699fd8655ccc} - system32\tasks\googleupdatetaskmachinecore =>
c:\program files (x86)\google\update\googleupdate.exe [2015-10-09] (google inc.)
task:
{e1e223ce-1eb1-4391-88f4-4c3c6c8ffcc6} - system32\tasks\gte3014 =>
c:\progra~2\fast-s~1\gte3014.exe <==== aandacht
task:
{ef318fa8-39c3-4b14-b027-94e290964322} - system32\tasks\urla2 => explorer
task:
{f0d06b93-48c6-44c2-9448-a4f351830646} - system32\tasks\apple\applesoftwareupdate =>
c:\program files (x86)\apple software update\softwareupdate.exe [2015-08-26] (apple inc.)
task:
{f5174320-6923-4a06-9490-3633bc3551dc} - system32\tasks\ccleanerskipuac =>
c:\program files\ccleaner\ccleaner.exe [2015-09-16] (piriform ltd)
(als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
task:
c:\windows\tasks\googleupdatetaskmachinecore.job =>
c:\program files (x86)\google\update\googleupdate.exe
task:
c:\windows\tasks\googleupdatetaskmachineua.job =>
c:\program files (x86)\google\update\googleupdate.exe
==================== snelkoppelingen =============================
(de items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== geladen modules (gefilterd) ==============
2015-11-18 09:50 - 2015-11-18 09:50 - 01205136 ____n ()
c:\program files (x86)\avg web tuneup\wtusystemsupport.exe
2013-06-04 18:40 - 2013-06-04 18:40 - 00073728 _____ ()
c:\program files\ati technologies\ati.ace\fuel\fuel.container.wlan.dll
2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ ()
c:\program files\common files\apple\apple application support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ ()
c:\program files\common files\apple\apple application support\libxml2.dll
2013-07-18 09:37 - 2010-08-19 17:43 - 00386344 _____ ()
c:\program files\cyberlink\shared files\richvideo64.exe
2015-11-18 09:36 - 2015-11-18 09:36 - 40500224 _____ ()
c:\program files (x86)\avg\uidll\2171\libcef.dll
==================== alternate data streams (gefilterd) =========
(als een item is opgenomen in de fixlist, alleen de ads wordt verwijderd.)
==================== veilige modus (gefilterd) ===================
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. de "alternateshell" waarde wordt hersteld.)
==================== exe bestandskoppeling (gefilterd) ===============
(als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== internet explorer vertrouwde/beperkte toegang ===============
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
==================== andere gebieden ============================
(momenteel is er geen automatische fix voor dit onderdeel.)
hku\s-1-5-21-3410450458-18125292-3348098418-1002\control panel\desktop\\wallpaper -> c:\windows\web\wallpaper\medion\wallpaper.jpg
dns servers: 192.168.1.1
hklm\software\microsoft\windows\currentversion\policies\system => (consentpromptbehavioradmin: 5) (consentpromptbehavioruser: 3) (enablelua: 1)
windows firewall is ingeschakeld.
==================== msconfig/task manager uitgeschakelde items ==
(momenteel is er geen automatische fix voor dit onderdeel.)
hklm\...\startupapproved\run: => "logitech download assistant"
hklm\...\startupapproved\run: => "ituneshelper"
hklm\...\startupapproved\run32: => "quicktime task"
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\startupapproved\run: => "startmenux"
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\startupapproved\run: => "utorrent"
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\startupapproved\run: => "ccleaner monitoring"
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\startupapproved\run: => "applephotostreams"
hku\s-1-5-21-3410450458-18125292-3348098418-1002\...\startupapproved\run: => "icloudservices"
==================== firewall regels (gefilterd) ===============
(als een item is opgenomen in de fixlist, wordt uit het register verwijderd. het bestand zal niet worden verplaatst tenzij apart vermeld.)
firewallrules:
[vm-monitoring-nb-session] => (allow) lport=139
firewallrules:
[{b48eae5f-d2d1-4d11-ac5b-9b02fafb3f06}] => (allow) lport=80
firewallrules:
[{2f478039-e857-4718-8ae4-6705876a0e06}] => (allow)
c:\program files (x86)\cyberlink\powerdvd10\device\mediaserver\clmsserver.exe
firewallrules:
[{71285da8-6842-471b-a502-ca4b24622f5d}] => (allow)
c:\program files (x86)\cyberlink\powerdvd10\pdvd10serv.exe
firewallrules:
[{59d49ab0-c7b8-41f5-8197-17b01bd1bb5c}] => (allow)
c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe
firewallrules:
[{78f1b066-bdd2-4be6-8f13-7c93207418df}] => (allow)
c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe
firewallrules:
[{2995e60b-e1ca-4aa7-b52f-b27eea6fa373}] => (allow)
c:\program files\cyberlink\powerdirector\pdr9.exe
firewallrules:
[{75f0000b-6491-4361-a063-82e097f88067}] => (allow) lport=1900
firewallrules:
[{c4749de7-ab5a-4634-b68c-07c236c49396}] => (allow) lport=2869
firewallrules:
[{b9ac56ab-b05a-4a1c-a359-764cea2549bb}] => (allow)
c:\program files (x86)\windows live\contacts\wlcomm.exe
firewallrules:
[{34d9f39a-a871-415e-b652-e528aad41854}] => (allow)
c:\users\erik\appdata\roaming\utorrent\utorrent.exe
firewallrules:
[{be6dc5de-cdc7-41a0-a5d3-a6afc5fa5c71}] => (allow)
c:\users\erik\appdata\roaming\utorrent\utorrent.exe
firewallrules:
[{d15d3d14-12f5-4c15-8116-5632e2867974}] => (allow)
c:\program files\bonjour\mdnsresponder.exe
firewallrules:
[{798d6adc-0990-4abe-a6ce-02c4b7af214f}] => (allow)
c:\program files\bonjour\mdnsresponder.exe
firewallrules:
[{917483b5-88c4-4c7d-93c6-1b954509ed46}] => (allow)
c:\program files (x86)\bonjour\mdnsresponder.exe
firewallrules:
[{520ad121-fe0c-450a-b961-cc8c37065993}] => (allow)
c:\program files (x86)\bonjour\mdnsresponder.exe
firewallrules:
[{284f32ae-90cc-42cb-9a84-42763fcdf51a}] => (allow)
c:\program files\itunes\itunes.exe
firewallrules:
[{2f5d2e32-5ca6-4fda-90a5-273bb12ee637}] => (allow)
c:\program files (x86)\google\chrome\application\chrome.exe
firewallrules:
[{279b7351-e990-4225-bf72-037cf320034f}] => (allow)
c:\program files (x86)\avg\av\avgnsa.exe
firewallrules:
[{1ea88352-934f-4750-86d4-cdcca1a2654e}] => (allow)
c:\program files (x86)\avg\av\avgnsa.exe
firewallrules:
[{d5f1f72f-cd63-4025-ba63-90a9810ef511}] => (allow)
c:\program files (x86)\avg\av\avgdiagex.exe
firewallrules:
[{e30202e2-6815-4a26-8931-274386b2fa34}] => (allow)
c:\program files (x86)\avg\av\avgdiagex.exe
firewallrules:
[{14afc45b-9000-4936-8b2c-42df8f32675c}] => (allow)
c:\program files (x86)\avg\av\avgmfapx.exe
firewallrules:
[{6aecde3e-a7c1-46dc-be27-fa81850bdf9d}] => (allow)
c:\program files (x86)\avg\av\avgmfapx.exe
firewallrules:
[{78c80a3f-43be-4e15-ac41-9c0f0e368826}] => (allow)
c:\program files (x86)\avg\av\avgemca.exe
firewallrules:
[{ed8e3464-6291-459f-baac-24bcd2d810df}] => (allow)
c:\program files (x86)\avg\av\avgemca.exe
==================== defecte apparaatbeheer apparaten =============
==================== eventlog fouten: =========================
applicatiefouten:
==================
error: (11/26/2015 10:52:49 pm) (source: application hang) (eventid: 1002) (user: )
description: het programma explorer.exe, versie 6.3.9600.17667 reageert niet meer op windows en is afgesloten. als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel onderhoudscentrum in het configuratiescherm.
proces-id: 1bbc
starttijd: 01d1287df080dc48
eindtijd: 4294967295
toepassingspad:
c:\windows\explorer.exe
rapport-id: e8558562-9487-11e5-bff7-d43d7eaf2f21
volledige pakketnaam met fout:
relatieve toepassings-id van pakket met fout:
error: (11/21/2015 06:48:00 pm) (source: application error) (eventid: 1000) (user: )
description: naam van toepassing met fout: iexplore.exe, versie: 11.0.9600.17840, tijdstempel: 0x555fe1bb
naam van module met fout: flash.ocx, versie: 19.0.0.245, tijdstempel: 0x56312a77
uitzonderingscode: 0xc0000005
foutmarge: 0x0033268b
id van proces met fout: 0x1974
starttijd van toepassing met fout: 0xiexplore.exe0
pad naar toepassing met fout: iexplore.exe1
pad naar module met fout: iexplore.exe2
rapport-id: iexplore.exe3
volledige pakketnaam met fout: iexplore.exe4
relatieve toepassings-id van pakket met fout: iexplore.exe5
error: (11/21/2015 04:17:20 pm) (source: sidebyside) (eventid: 78) (user: )
description: kan activeringscontext voor c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 niet maken. fout in manifest of beleidsbestand c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 op regel c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
conflicterende onderdelen zijn:
onderdeel 1: c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
onderdeel 2: c:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
error: (11/21/2015 04:16:54 pm) (source: application error) (eventid: 1000) (user: )
description: naam van toepassing met fout: iexplore.exe, versie: 11.0.9600.17840, tijdstempel: 0x555fe1bb
naam van module met fout: online~1.ocx_unloaded, versie: 1.0.0.7777, tijdstempel: 0x55546935
uitzonderingscode: 0xc0000005
foutmarge: 0x000a08e0
id van proces met fout: 0xaf0
starttijd van toepassing met fout: 0xiexplore.exe0
pad naar toepassing met fout: iexplore.exe1
pad naar module met fout: iexplore.exe2
rapport-id: iexplore.exe3
volledige pakketnaam met fout: iexplore.exe4
relatieve toepassings-id van pakket met fout: iexplore.exe5
error: (11/21/2015 02:31:16 pm) (source: sidebyside) (eventid: 78) (user: )
description: kan activeringscontext voor c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 niet maken. fout in manifest of beleidsbestand c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 op regel c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
conflicterende onderdelen zijn:
onderdeel 1: c:\windows\winsxs\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
onderdeel 2: c:\windows\winsxs\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.
error: (11/21/2015 00:30:35 am) (source: microsoft-windows-locationprovider) (eventid: 2006) (user: nt authority)
description: there was an error with the windows location provider database
error: (11/20/2015 08:57:15 pm) (source: application error) (eventid: 1000) (user: )
description: naam van toepassing met fout: iexplore.exe, versie: 11.0.9600.17840, tijdstempel: 0x555fe1bb
naam van module met fout: flash.ocx, versie: 19.0.0.245, tijdstempel: 0x56312a77
uitzonderingscode: 0xc0000005
foutmarge: 0x0033268b
id van proces met fout: 0x5ac
starttijd van toepassing met fout: 0xiexplore.exe0
pad naar toepassing met fout: iexplore.exe1
pad naar module met fout: iexplore.exe2
rapport-id: iexplore.exe3
volledige pakketnaam met fout: iexplore.exe4
relatieve toepassings-id van pakket met fout: iexplore.exe5
error: (11/20/2015 02:59:19 pm) (source: vss) (eventid: 8194) (user: )
description: fout in de volume shadow copy-service: onverwachte fout bij het uitvoeren van een query voor de ivsswritercallback-interface. hr = 0x80070005, toegang geweigerd.
.
dit wordt vaak veroorzaakt door onjuiste beveiligingsinstellingen in het writer- of requestorproces.
bewerking:
schrijvergegevens verzamelen
context:
klasse-id van schrijver:
{e8132975-6f93-4464-a53e-1050253ae220}
naam van schrijver: system writer
instantie-id van schrijver:
{7bd274d5-fc4b-4e76-bb98-f958d7323eef}
error: (11/20/2015 09:51:30 am) (source: application hang) (eventid: 1002) (user: )
description: het programma iexplore.exe, versie 11.0.9600.17840 reageert niet meer op windows en is afgesloten. als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel onderhoudscentrum in het configuratiescherm.
proces-id: 166c
starttijd: 01d123709ba72cd1
eindtijd: 28
toepassingspad:
c:\program files (x86)\internet explorer\iexplore.exe
rapport-id: e2b10138-8f63-11e5-bff2-d43d7eaf2f21
volledige pakketnaam met fout:
relatieve toepassings-id van pakket met fout:
error: (11/18/2015 00:38:49 pm) (source: bonjour service) (eventid: 100) (user: )
description: 360: error: read_msg errno 0 (de bewerking is voltooid.)
systeemfouten:
=============
error: (11/26/2015 10:59:11 pm) (source: service control manager) (eventid: 7000) (user: )
description: de aoddriver4.2.0-service kan vanwege de volgende fout niet worden gestart:
%%2
error: (11/26/2015 10:58:52 pm) (source: service control manager) (eventid: 7000) (user: )
description: de aoddriver4.2.0-service kan vanwege de volgende fout niet worden gestart:
%%2
error: (11/26/2015 10:57:42 pm) (source: service control manager) (eventid: 7000) (user: )
description: de windows search-service kan vanwege de volgende fout niet worden gestart:
%%1069
error: (11/26/2015 10:57:42 pm) (source: service control manager) (eventid: 7038) (user: )
description: de wsearch-service kan niet als nt authority\system met het huidig ingestelde wachtwoord worden aangemeld vanwege de volgende fout:
%%50
gebruik de module services in de microsoft management console (mmc) om te controleren of de service juist is geconfigureerd.
error: (11/26/2015 10:57:12 pm) (source: service control manager) (eventid: 7034) (user: )
description: de bonjour-service-service is onverwacht beindigd. dit is nu 1 keer gebeurd.
error: (11/26/2015 10:57:12 pm) (source: service control manager) (eventid: 7034) (user: )
description: de office software protection platform-service is onverwacht beindigd. dit is nu 1 keer gebeurd.
error: (11/26/2015 10:57:12 pm) (source: service control manager) (eventid: 7031) (user: )
description: de windows search-service is onverwacht gestopt. dit is 1 keer gebeurd. de volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: service opnieuw starten.
error: (11/26/2015 10:57:12 pm) (source: service control manager) (eventid: 7034) (user: )
description: de cyberlink richvideo64 service(crvs)-service is onverwacht beindigd. dit is nu 1 keer gebeurd.
error: (11/26/2015 10:57:11 pm) (source: service control manager) (eventid: 7031) (user: )
description: de avg watchdog-service is onverwacht gestopt. dit is 1 keer gebeurd. de volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: service opnieuw starten.
error: (11/26/2015 10:57:10 pm) (source: service control manager) (eventid: 7031) (user: )
description: de avg service-service is onverwacht gestopt. dit is 1 keer gebeurd. de volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: service opnieuw starten.
codeintegrity:
===================================
date: 2015-11-26 23:10:55.502
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:10:55.299
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:09:30.016
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:09:29.797
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:09:25.687
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:09:25.453
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:07:32.436
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 23:07:32.186
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 22:59:52.010
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
date: 2015-11-26 22:59:51.797
description: code integrity determined that a process (\device\harddiskvolume5\program files (x86)\avg\av\avgidsagent.exe) attempted to load \device\harddiskvolume5\program files (x86)\bonjour\mdnsnsp.dll that did not meet the custom 3 / antimalware signing level requirements.
==================== geheugen info ===========================
processor: amd a8-6500 apu with radeon(tm) hd graphics
percentage geheugen in gebruik: 39%
totaal fysiek ram-geheugen: 3286.55 mb
beschikbaar fysiek ram-geheugen: 1993.54 mb
totaal virtueel geheugen: 4374.55 mb
beschikbaar virtual geheugen: 2906.8 mb
==================== schijven ================================
drive c: (boot) (fixed) (total:869.46 gb) (free:739.04 gb) ntfs
drive d: (recover) (fixed) (total:60 gb) (free:41.9 gb) ntfs
==================== mbr & partitietabel ==================
========================================================
disk: 0 (size: 931.5 gb) (disk id: b719b179)
partition: gpt.
==================== eind van addition.txt ============================
[/hjt]