• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

check up.

Status
Niet open voor verdere reacties.

vanoense

Nieuw lid
Lid geworden
3 jan 2017
Berichten
27
Waarderingsscore
0
Hoi,

Reeds geruime tijd vind ik mijn pc wat trager worden. Ook heb ik de indruk dat wat malware meeloopt.
Kunt u mijn logje even checken?

Mvg
Vanoense

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 01-01-2017
Gestart door Thomas Vanhonsebrouc (Beheerder) op THOMAS (03-01-2017 19:26:54)
Gestart vanaf C:\Users\Thomas Vanhonsebrouc\Desktop
Geladen Profielen: Thomas Vanhonsebrouc (Beschikbare Profielen: Thomas Vanhonsebrouc)
Platform: Windows 10 Home Versie 1607 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

() C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OFFICE15\CSISYNCCLIENT.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(BitTorrent Inc.) C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\uTorrent\uTorrent.exe
(BitTorrent Inc.) C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe
(BitTorrent Inc.) C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\uTorrent\updates\3.4.9_43085\utorrentie.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
() C:\Program Files\WindowsApps\Microsoft.XboxApp_24.24.20004.0_x64__8wekyb3d8bbwe\XboxApp.exe
() C:\Program Files\WindowsApps\Microsoft.BingNews_4.18.41.0_x86__8wekyb3d8bbwe\Microsoft.Msn.News.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Farbar) C:\Users\Thomas Vanhonsebrouc\Desktop\FRST64 (1).exe

==================== Register (gefilterd) ====================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7194840 2013-07-27] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2249104 2013-09-03] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [151608 2013-08-23] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [151608 2013-08-23] (Hewlett-Packard)
HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [401896 2016-11-01] ()
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2015-06-15] (LogMeIn, Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-08-01] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-07-23] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [917576 2016-12-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [beid] => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [843480 2014-10-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [60136 2016-11-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-11-11] (LogMeIn Inc.)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [EPSON Stylus DX4400] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICAE.EXE [211456 2007-03-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [Spotify Web Helper] => C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2345584 2016-01-08] (Spotify Ltd)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [EPSON Stylus DX4400 Series] => /FU "C:\WINDOWS\TEMP\E_S6868.tmp" /EF "HKCU" <===== AANDACHT
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [921192 2016-11-08] (Google Inc.)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2016-11-29] (Garmin Ltd. or its subsidiaries)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
Tcpip\..\Interfaces\{4a72a7f2-d5d2-4268-9425-a6bab299974e}: [DhcpNameServer] 195.130.130.133 195.130.131.133
Tcpip\..\Interfaces\{c59f9d6b-36e8-48ac-a870-1bc4c564f548}: [DhcpNameServer] 195.130.131.5 195.130.130.5
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCON14/2
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/2
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON14/2
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {92B0D2E2-FF96-4F94-8A2A-44E1E3F8D30A} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-29906-12136-18/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {92B0D2E2-FF96-4F94-8A2A-44E1E3F8D30A} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-29906-12136-18/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2351850404-3369495712-1912687821-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2351850404-3369495712-1912687821-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
SearchScopes: HKU\S-1-5-21-2351850404-3369495712-1912687821-1001 -> {92B0D2E2-FF96-4F94-8A2A-44E1E3F8D30A} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2351850404-3369495712-1912687821-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/1553-29906-12136-18/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-10-18] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-08-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-24] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-11-15] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-24] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: vg3rr1e6.default
FF ProfilePath: C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Mozilla\Firefox\Profiles\vg3rr1e6.default [2017-01-03]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1203133.dll [2013-06-26] (Adobe Systems, Inc.)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-09] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2351850404-3369495712-1912687821-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [Geen bestand]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default [2017-01-03]
CHR Extension: (Google Documenten) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (eID Chrome Extension) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkbdaodnaecdijpajecpncpdomgcoakc [2016-12-21]
CHR Extension: (YouTube) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avira Browser Safety) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-09-20]
CHR Extension: (Offline Documenten) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
CHR Extension: (AdBlock) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-12-29]
CHR Extension: (Cargo Bridge) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\keembkgclppcbilkekfgpobhldjjhpmn [2014-06-10]
CHR Extension: (Frontline Defense 2) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbmiefdkkkliondbpemkhdkkncpkjceo [2014-06-10]
CHR Extension: (Skype) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-20]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-07-15]
CHR Extension: (Gmail) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [1089592 2016-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [476736 2016-12-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [476736 2016-12-18] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1490296 2016-12-18] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [350528 2016-11-24] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-08-23] () [Bestand niet getekend]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-08-12] (CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-08-12] (CyberLink)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1029648 2016-11-29] (Garmin Ltd. or its subsidiaries)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2627080 2016-11-11] (LogMeIn Inc.)
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-07-23] (Hewlett-Packard Development Company, L.P.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Bestand niet getekend]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Bestand niet getekend]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-08-09] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-09] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [419248 2016-11-11] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [508936 2016-04-20] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2015-06-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-08-23] (Softex Inc.) [Bestand niet getekend]
R2 PnkBstrA; C:\Program Files (x86)\EA Games\Need for Speed Undercover\PB\PnkBstrA.exe [63040 2008-10-22] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-19] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [260704 2016-09-02] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 ACSSCR; C:\WINDOWS\system32\DRIVERS\a38usb.sys [77832 2016-11-28] (Advanced Card Systems Ltd.)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [151352 2016-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [153904 2016-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [78208 2016-05-13] (Avira Operations GmbH & Co. KG)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)
R1 CLVirtualDrive; C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
U5 dc3d; C:\Windows\System32\Drivers\dc3d.sys [76496 2014-03-19] (Microsoft Corporation)
R1 dtsoftbus01; C:\WINDOWS\System32\drivers\dtsoftbus01.sys [283064 2014-06-24] (Disc Soft Ltd)
R3 Hamachi; C:\WINDOWS\System32\drivers\Hamdrv.sys [45680 2016-04-05] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2015-06-15] (LogMeIn, Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2017-01-03] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-09] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 netr28x; C:\WINDOWS\system32\DRIVERS\netr28x.sys [2554528 2015-06-12] (MediaTek Inc.)
R3 rtbth; C:\WINDOWS\System32\drivers\rtbth.sys [1219200 2015-06-03] (Ralink Technology, Corp.)
S3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [52904 2016-04-27] (Synaptics Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
U3 aspnet_state; geen ImagePath

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-01-03 19:26 - 2017-01-03 19:28 - 00029192 _____ C:\Users\Thomas Vanhonsebrouc\Desktop\FRST.txt
2017-01-03 19:26 - 2017-01-03 19:26 - 02418176 _____ (Farbar) C:\Users\Thomas Vanhonsebrouc\Downloads\FRST64 (1).exe
2017-01-03 19:26 - 2017-01-03 19:26 - 02418176 _____ (Farbar) C:\Users\Thomas Vanhonsebrouc\Desktop\FRST64 (1).exe
2017-01-03 19:23 - 2017-01-03 19:26 - 00000000 ____D C:\FRST
2017-01-03 19:23 - 2017-01-03 19:23 - 02418176 _____ (Farbar) C:\Users\Thomas Vanhonsebrouc\Downloads\FRST64.exe
2016-12-30 15:40 - 2016-12-30 15:40 - 24754243 _____ C:\Users\Thomas Vanhonsebrouc\Downloads\f9bcbdab-5eb3-507e_693.mp4
2016-12-27 12:45 - 2016-12-27 12:46 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\Documents\American Truck Simulator
2016-12-26 12:16 - 2016-12-26 12:16 - 00040189 _____ C:\Users\Thomas Vanhonsebrouc\Documents\pdf_inschrijving.pdf
2016-12-21 10:54 - 2016-12-21 10:54 - 00000000 ____D C:\WINDOWS\LastGood
2016-12-21 10:54 - 2016-12-21 10:54 - 00000000 ____D C:\Program Files (x86)\eid-chrome-middleware
2016-12-20 10:34 - 2016-12-20 10:34 - 00001817 _____ C:\Users\Thomas Vanhonsebrouc\Desktop\nfs - Snelkoppeling.lnk
2016-12-20 09:30 - 2016-12-20 09:30 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\Documents\NFS Undercover
2016-12-20 09:30 - 2016-12-20 09:30 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Local\PunkBuster
2016-12-20 09:27 - 2016-12-20 09:27 - 00004734 _____ C:\WINDOWS\SysWOW64\ealregsnapshot1.reg
2016-12-20 09:27 - 2016-12-20 09:27 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Local\Downloaded Installations
2016-12-20 09:26 - 2016-12-20 09:26 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Leadertech
2016-12-20 09:20 - 2016-12-20 09:29 - 00000000 ____D C:\Program Files (x86)\EA Games
2016-12-20 09:19 - 2016-12-20 09:20 - 00246114 _____ C:\WINDOWS\DirectX.log
2016-12-20 08:35 - 2016-12-20 08:35 - 00012421 _____ C:\Users\Thomas Vanhonsebrouc\Documents\nfs crack.docx
2016-12-20 08:34 - 2016-12-20 08:53 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\Downloads\Need.For.Speed.Undercover
2016-12-20 08:32 - 2016-12-20 08:32 - 00006850 _____ C:\Users\Thomas Vanhonsebrouc\Downloads\Need_For_Speed_Undercover_-RELOADED.torrent
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.2.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.1.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.0.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 00065536 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.blf
2016-12-19 17:46 - 2016-12-19 17:46 - 00000000 ___HD C:\OneDriveTemp
2016-12-14 19:04 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-14 19:04 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-14 19:04 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-14 19:04 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-14 19:04 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-14 19:04 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-14 19:04 - 2016-12-09 11:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-14 19:04 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-14 19:04 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 19:04 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-14 19:04 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-14 19:04 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-14 19:04 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-14 19:04 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-14 19:04 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-14 19:04 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-14 19:04 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-14 19:04 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-14 19:04 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-14 19:04 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-14 19:04 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-14 19:04 - 2016-12-09 11:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-14 19:04 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-14 19:04 - 2016-12-09 11:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-14 19:04 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-14 19:04 - 2016-12-09 11:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-14 19:04 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-14 19:04 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-14 19:04 - 2016-12-09 11:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-14 19:04 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-14 19:04 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-14 19:04 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-14 19:04 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-14 19:04 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-14 19:04 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-14 19:04 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-14 19:04 - 2016-12-09 10:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-14 19:04 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-14 19:04 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-14 19:04 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-14 19:04 - 2016-12-09 10:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-14 19:04 - 2016-12-09 10:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-14 19:04 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-14 19:04 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-14 19:04 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-14 19:04 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-14 19:04 - 2016-12-09 10:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-14 19:04 - 2016-12-09 10:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-14 19:04 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-14 19:04 - 2016-12-09 10:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-14 19:04 - 2016-12-09 10:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-14 19:04 - 2016-12-09 10:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-14 19:04 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-14 19:04 - 2016-12-09 10:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-14 19:04 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-14 19:04 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-14 19:04 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-14 19:04 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-14 19:04 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-14 19:04 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-14 19:04 - 2016-12-09 10:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-14 19:04 - 2016-12-09 10:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-14 19:04 - 2016-12-09 10:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-14 19:04 - 2016-12-09 10:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-14 19:04 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-14 19:04 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-14 19:04 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-14 19:04 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-14 19:04 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-14 19:04 - 2016-12-09 10:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-14 19:04 - 2016-12-09 10:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-14 19:04 - 2016-12-09 10:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-14 19:04 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-14 19:04 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-14 19:04 - 2016-12-09 10:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-14 19:04 - 2016-12-09 10:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-14 19:04 - 2016-12-09 10:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-14 19:04 - 2016-12-09 10:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-14 19:04 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-14 19:04 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-14 19:04 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-14 19:04 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-14 19:04 - 2016-12-09 10:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-14 19:04 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-14 19:04 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-14 19:04 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-14 19:04 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-14 19:04 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-14 19:04 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-14 19:04 - 2016-12-09 10:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-14 19:04 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-14 19:04 - 2016-12-09 10:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-14 19:04 - 2016-12-09 10:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-14 19:04 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-14 19:04 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-14 19:04 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-14 19:04 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-14 19:04 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 19:03 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-14 19:03 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-14 19:03 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-14 19:03 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-14 19:03 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-14 19:03 - 2016-12-09 10:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-14 19:03 - 2016-12-09 10:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-14 19:03 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-14 19:03 - 2016-12-09 10:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-14 19:03 - 2016-12-09 10:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-14 19:03 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-14 19:03 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-14 19:03 - 2016-12-09 10:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-14 19:03 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-14 19:03 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-14 14:36 - 2016-12-14 14:36 - 00003302 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-11 16:47 - 2016-11-11 09:01 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-12-11 16:47 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-12-11 16:47 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2016-12-11 16:47 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-12-11 16:47 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2016-12-11 16:47 - 2016-11-11 08:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-11 16:47 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-12-11 16:47 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-11 16:47 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-11 16:47 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2016-12-11 16:47 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-12-11 16:47 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2016-12-11 16:47 - 2016-11-11 08:27 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-12-11 16:47 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2016-12-11 16:47 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-12-11 16:47 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-12-11 16:47 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2016-12-11 16:47 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-12-11 16:47 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-12-11 16:47 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2016-12-11 16:47 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-12-11 16:47 - 2016-11-11 08:21 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-12-11 16:47 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 16:47 - 2016-11-11 08:20 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-12-11 16:47 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-12-11 16:47 - 2016-11-11 08:20 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-12-11 16:47 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-12-11 16:47 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-12-11 16:47 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2016-12-11 16:47 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-12-11 16:47 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2016-12-11 16:47 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2016-12-11 16:47 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-12-11 16:47 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-12-11 16:47 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2016-12-11 16:47 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-12-11 16:47 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 16:47 - 2016-11-11 08:15 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-12-11 16:47 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-12-11 16:47 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-12-11 16:47 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-12-11 16:47 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-12-11 16:47 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2016-12-11 16:47 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-12-11 16:47 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-12-11 16:47 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-12-11 16:47 - 2016-11-11 08:06 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-12-11 16:47 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2016-12-11 16:47 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2016-12-11 16:47 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-12-11 16:47 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-12-11 16:47 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2016-12-11 16:47 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-12-11 16:47 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-12-11 16:47 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-12-11 16:47 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-12-11 16:47 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-12-11 16:47 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-12-11 16:47 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-12-11 16:47 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-12-11 16:47 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-12-11 16:47 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-12-11 16:47 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-12-11 16:47 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-12-11 16:46 - 2016-11-11 09:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-11 16:46 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-12-11 16:46 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2016-12-11 16:46 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-12-11 16:46 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-11 16:46 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-11 16:46 - 2016-11-11 08:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-11 16:46 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-12-11 16:46 - 2016-11-11 08:28 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-12-11 16:46 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2016-12-11 16:46 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-12-11 16:46 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-12-11 16:46 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-12-11 16:46 - 2016-11-11 08:19 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-12-11 16:46 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2016-12-11 16:46 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-12-11 16:46 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-12-11 16:46 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-12-11 16:46 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2016-12-11 16:46 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2016-12-11 16:46 - 2016-11-11 08:13 - 00499200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-12-11 16:46 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2016-12-11 16:46 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2016-12-11 16:46 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-12-11 16:46 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-12-11 16:46 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-12-11 16:46 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-12-11 16:40 - 2016-11-11 11:03 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-12-11 16:40 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-11 16:40 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-11 16:40 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2016-12-11 16:40 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-11 16:40 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-11 16:39 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-11 16:39 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-11 16:39 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-12-11 16:39 - 2016-11-11 10:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-11 16:39 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-12-11 16:39 - 2016-11-11 10:28 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-12-11 16:39 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2016-12-11 16:39 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2016-12-11 16:39 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-12-11 16:39 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-11 16:39 - 2016-11-11 10:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-11 16:39 - 2016-11-11 10:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-11 16:39 - 2016-11-11 10:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-11 16:39 - 2016-11-11 10:19 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-12-11 16:39 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-12-11 16:39 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-11 16:39 - 2016-11-11 10:17 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-12-11 16:39 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-12-11 16:39 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-12-11 16:39 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-12-11 16:39 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-12-11 16:39 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-12-11 16:39 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2016-12-11 16:39 - 2016-11-11 10:07 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-12-11 16:39 - 2016-11-11 10:05 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-12-11 16:39 - 2016-11-11 10:04 - 02317312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-12-11 16:39 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-12-11 16:39 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-11 16:39 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-11 16:39 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2016-12-11 16:39 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-12-11 16:39 - 2016-11-11 10:03 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-12-11 16:39 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2016-12-11 16:39 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-12-11 16:38 - 2016-12-11 16:38 - 00001212 _____ C:\Users\Public\Desktop\Avira Connect.lnk
2016-12-11 16:38 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-11 16:38 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2016-12-11 16:38 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-11 16:38 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-12-11 16:38 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-11 16:38 - 2016-11-11 10:55 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-12-11 16:38 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-12-11 16:38 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-12-11 16:38 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-11 16:38 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-11 16:38 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2016-12-11 16:38 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-11 16:38 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-12-11 16:38 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2016-12-11 16:38 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-11 16:38 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-12-11 16:38 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-11 16:38 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-12-11 16:38 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-12-11 16:38 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-11 16:38 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2016-12-11 16:38 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2016-12-11 16:38 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-11 16:38 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-12-11 16:38 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2016-12-11 16:38 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2016-12-11 16:38 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-11 16:38 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-11 16:38 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-11 16:37 - 2016-11-11 11:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-11 16:37 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-11 16:37 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-11 16:37 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2016-12-11 16:37 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-12-11 16:37 - 2016-11-11 10:57 - 04130432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-12-11 16:37 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-12-11 16:37 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-12-11 16:37 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-11 16:37 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2016-12-11 16:37 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-12-11 16:37 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-12-11 16:37 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-12-11 16:37 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-11 16:37 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-12-11 16:37 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-12-11 16:37 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-12-11 16:37 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-12-11 16:37 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-11 16:37 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2016-12-11 16:37 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-12-11 16:37 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-11 16:37 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2016-12-11 16:37 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-12-11 16:37 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-12-11 16:37 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-12-11 16:37 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-11 16:37 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2016-12-11 16:37 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2016-12-11 16:37 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-12-11 16:37 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-12-11 16:37 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-12-11 16:37 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-11 16:37 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-12-11 16:37 - 2016-11-11 10:04 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-12-11 16:37 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-11 16:37 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-12-11 16:37 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-11 16:37 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-12-11 16:37 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-12-11 16:36 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-12-11 16:36 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-11 16:36 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-11 16:36 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-11 16:36 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-12-11 16:36 - 2016-11-11 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-11 16:36 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2016-12-11 16:36 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-12-11 16:36 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-11 16:36 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-12-11 16:36 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-11 16:36 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-12-11 16:36 - 2016-11-11 10:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-11 16:36 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-11 16:36 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2016-12-11 16:36 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-12-11 16:36 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-11 16:36 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2016-12-11 16:36 - 2016-11-11 10:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-11 16:36 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-11 16:36 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-12-11 16:36 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-12-11 16:36 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-12-11 16:36 - 2016-11-11 10:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-11 16:36 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-11 16:36 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-12-11 16:36 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-12-11 16:36 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-12-11 16:36 - 2016-11-11 10:03 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-12-11 16:35 - 2016-11-11 11:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-11 16:35 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-11 16:35 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-11 16:35 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-11 16:35 - 2016-11-11 11:00 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-12-11 16:35 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-12-11 16:35 - 2016-11-11 10:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-11 16:35 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2016-12-11 16:35 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2016-12-11 16:35 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-11 16:35 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-11 16:35 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-11 16:35 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2016-12-11 16:35 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-11 16:35 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-12-11 16:35 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2016-12-11 16:35 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-11 16:35 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-11 16:35 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-11 16:35 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-12-11 16:35 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-11 16:35 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-12-11 16:35 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-12-11 16:35 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-11 16:35 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-11 16:35 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-11 16:35 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-11 16:35 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2016-12-11 16:35 - 2016-11-11 10:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-11 16:35 - 2016-11-11 10:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-11 16:35 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-12-11 16:35 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-12-11 16:35 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-11 14:55 - 2016-12-21 10:51 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\LocalLow\uTorrent
2016-12-07 15:05 - 2016-12-28 11:40 - 00003358 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForThomas Vanhonsebrouc
2016-12-07 15:05 - 2016-12-28 11:40 - 00000406 _____ C:\WINDOWS\Tasks\HPCeeScheduleForThomas Vanhonsebrouc.job

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-01-03 19:28 - 2014-06-10 17:45 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\uTorrent
2017-01-03 19:25 - 2015-12-30 07:49 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-01-03 19:24 - 2015-06-16 16:39 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Skype
2017-01-03 19:17 - 2014-06-11 19:32 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-03 18:44 - 2016-08-28 21:30 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-03 18:28 - 2014-06-11 19:32 - 00001182 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-01-03 18:28 - 2014-06-11 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-01-03 18:28 - 2014-06-11 19:32 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2017-01-02 08:59 - 2016-04-19 17:33 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Local\LogMeIn Hamachi
2016-12-31 12:17 - 2016-07-16 23:15 - 00807970 _____ C:\WINDOWS\system32\perfh013.dat
2016-12-31 12:17 - 2016-07-16 23:15 - 00183066 _____ C:\WINDOWS\system32\perfc013.dat
2016-12-31 12:17 - 2016-07-16 12:49 - 00856710 _____ C:\WINDOWS\system32\perfh009.dat
2016-12-31 12:17 - 2016-07-16 12:49 - 00228686 _____ C:\WINDOWS\system32\perfc009.dat
2016-12-31 12:17 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\System32
2016-12-31 12:17 - 2015-11-27 21:01 - 02082834 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-12-30 12:50 - 2016-11-20 12:07 - 00004091 _____ C:\WINDOWS\setupact.log
2016-12-28 14:50 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Pictures
2016-12-28 11:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Tasks
2016-12-28 11:40 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Tasks
2016-12-27 12:45 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Documents
2016-12-25 20:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-12-24 14:22 - 2016-08-28 21:40 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Roaming
2016-12-24 14:22 - 2014-06-24 19:55 - 00183112 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2016-12-24 09:30 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-21 11:34 - 2014-06-18 16:18 - 00000052 _____ C:\WINDOWS\SysWOW64\DOErrors.log
2016-12-21 10:59 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-12-21 10:54 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-12-21 10:54 - 2016-07-16 07:04 - 00000000 ___RD C:\Program Files (x86)
2016-12-21 10:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\DriverStore
2016-12-21 10:54 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\CatRoot
2016-12-20 13:16 - 2016-08-28 21:39 - 00524288 ___SH C:\WINDOWS\system32\config\COMPONENTS{f48e7735-4ba1-11e6-80c8-a4badb27b402}.TMContainer00000000000000000001.regtrans-ms
2016-12-20 12:27 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\WinSxS
2016-12-20 09:30 - 2016-08-28 21:40 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Local\Microsoft
2016-12-20 09:30 - 2016-08-28 21:40 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\Local
2016-12-20 09:27 - 2016-07-16 12:47 - 00000000 _SHDC C:\WINDOWS\Installer
2016-12-20 09:27 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64
2016-12-20 09:27 - 2014-06-10 16:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-12-20 09:19 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\assembly
2016-12-20 08:57 - 2014-06-11 15:59 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-20 08:55 - 2016-08-28 21:40 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
2016-12-20 08:43 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs
2016-12-20 08:43 - 2013-09-06 17:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-12-19 17:47 - 2016-08-28 21:40 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc
2016-12-19 17:47 - 2014-06-10 16:46 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\Documents\Youcam
2016-12-19 17:47 - 2014-06-10 16:44 - 00000298 ___SH C:\Users\Thomas Vanhonsebrouc\Downloads\desktop.ini
2016-12-19 17:47 - 2014-06-10 16:44 - 00000282 ___SH C:\Users\Thomas Vanhonsebrouc\Desktop\desktop.ini
2016-12-19 17:46 - 2014-06-10 17:01 - 00000000 __RDO C:\Users\Thomas Vanhonsebrouc\SkyDrive
2016-12-19 17:45 - 2016-08-28 21:33 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-12-19 17:45 - 2015-11-27 21:39 - 00000000 __SHD C:\Users\Thomas Vanhonsebrouc\IntelGraphicsProfiles
2016-12-19 17:44 - 2016-08-28 21:40 - 04980736 ____H C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT
2016-12-19 17:44 - 2016-07-16 07:04 - 00262144 _____ C:\Users\Default\NTUSER.DAT
2016-12-19 17:40 - 2016-08-28 22:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-12-19 17:39 - 2016-11-22 17:56 - 00010764 _____ C:\WINDOWS\PFRO.log
2016-12-19 17:39 - 2016-08-28 21:56 - 3400560640 ___SH C:\hiberfil.sys
2016-12-19 17:39 - 2016-08-28 21:29 - 00352296 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-12-19 17:39 - 2016-07-16 07:04 - 20185088 _____ C:\WINDOWS\system32\config\SYSTEM
2016-12-19 17:39 - 2016-07-16 07:04 - 107216896 _____ C:\WINDOWS\system32\config\SOFTWARE
2016-12-19 17:39 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-12-19 17:39 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT
2016-12-19 17:39 - 2016-07-16 07:04 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY
2016-12-19 17:39 - 2013-09-06 20:09 - 1342177280 ___SH C:\pagefile.sys
2016-12-19 17:39 - 2013-09-06 17:31 - 268435456 ___SH C:\swapfile.sys
2016-12-19 17:38 - 2016-08-28 21:29 - 00524288 ___SH C:\WINDOWS\system32\config\DRIVERS{f48e773b-4ba1-11e6-80c8-a4badb27b402}.TMContainer00000000000000000001.regtrans-ms
2016-12-19 17:38 - 2016-08-28 21:29 - 00065536 ___SH C:\WINDOWS\system32\config\DRIVERS{f48e773b-4ba1-11e6-80c8-a4badb27b402}.TM.blf
2016-12-19 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-US
2016-12-19 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\en-US
2016-12-19 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Boot
2016-12-19 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-12-19 17:38 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppPatch
2016-12-19 17:37 - 2016-07-16 12:47 - 00000796 ___SH C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-19 17:35 - 2016-09-01 18:07 - 00072354 ____H C:\Users\Thomas Vanhonsebrouc\AppData\Local\IconCache.db
2016-12-18 11:40 - 2014-06-12 19:22 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-12-18 11:39 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-12-18 11:39 - 2014-06-12 18:18 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-12-18 11:37 - 2013-08-22 14:25 - 00000199 _____ C:\WINDOWS\win.ini
2016-12-18 08:48 - 2016-07-28 10:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-12-18 08:46 - 2016-10-06 21:39 - 00028272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2016-12-18 08:46 - 2014-06-12 18:49 - 00153904 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-12-18 08:46 - 2014-06-12 18:49 - 00151352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-12-18 08:29 - 2016-08-28 21:40 - 00524288 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eeb-6d66-11e6-9509-97da7b338063}.TMContainer00000000000000000002.regtrans-ms
2016-12-18 08:29 - 2016-08-28 21:40 - 00065536 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eeb-6d66-11e6-9509-97da7b338063}.TM.blf
2016-12-18 08:21 - 2014-06-12 19:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-12-14 21:32 - 2014-06-12 19:56 - 135632432 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-12-14 14:36 - 2015-11-27 21:46 - 00002476 _____ C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-12 00:56 - 2016-11-09 20:24 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-12 00:56 - 2016-11-09 20:24 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-11 17:51 - 2016-08-28 22:26 - 00000174 ___SH C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
2016-12-11 17:51 - 2014-06-10 16:44 - 00000402 ___SH C:\Users\Thomas Vanhonsebrouc\Documents\desktop.ini
2016-12-11 17:51 - 2014-06-10 16:44 - 00000174 ___SH C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
2016-12-11 17:51 - 2014-06-10 16:44 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Searches
2016-12-11 17:51 - 2014-06-10 16:44 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Contacts
2016-12-11 17:51 - 2014-06-10 16:44 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2016-12-11 17:51 - 2014-06-10 16:44 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2016-12-11 17:51 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Videos
2016-12-11 17:51 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Saved Games
2016-12-11 17:51 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Music
2016-12-11 17:51 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Links
2016-12-11 17:51 - 2014-06-10 16:43 - 00000000 ___RD C:\Users\Thomas Vanhonsebrouc\Favorites
2016-12-11 17:43 - 2016-07-16 12:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2016-12-11 17:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-12-11 17:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-12-11 17:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\wbem
2016-12-11 17:43 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-12-11 17:43 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\sr-Latn-CS
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Internet Explorer
2016-12-11 17:42 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Internet Explorer
2016-12-11 17:42 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-12-11 17:42 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2016-12-11 16:38 - 2013-09-06 18:15 - 00000000 ____D C:\ProgramData\Package Cache
2016-12-11 15:04 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-12-11 14:55 - 2014-06-10 16:43 - 00000000 ____D C:\Users\Thomas Vanhonsebrouc\AppData\LocalLow

==================== Bestanden in de root van sommige mappen =======

2016-02-24 13:12 - 2016-02-24 13:12 - 0000455 _____ () C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\RTWtool.dat

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend


Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 01-01-2017
Gestart door Thomas Vanhonsebrouc (03-01-2017 19:29:23)
Gestart vanaf C:\Users\Thomas Vanhonsebrouc\Desktop
Windows 10 Home Versie 1607 (X64) (2016-08-28 21:25:55)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2351850404-3369495712-1912687821-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2351850404-3369495712-1912687821-503 - Limited - Disabled)
Gast (S-1-5-21-2351850404-3369495712-1912687821-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2351850404-3369495712-1912687821-1003 - Limited - Enabled)
Thomas Vanhonsebrouc (S-1-5-21-2351850404-3369495712-1912687821-1001 - Administrator - Enabled) => C:\Users\Thomas Vanhonsebrouc

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Genstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

Torrent (HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Reader XI (11.0.18) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.18 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{5A3BF213-01BC-E5A1-1D1B-EDE3167852AB}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.24.146 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{707e8edf-9482-4417-ae39-c9b5fe605e87}) (Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG)
Avira Connect (x32 Version: 1.2.76.27124 - Avira Operations GmbH & Co. KG) Hidden
Belgium e-ID middleware 4.0.7 (build 7453) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207453}) (Version: 4.0.7453 - Belgian Government)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3122 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3212 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.3201 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - Trion Worlds, Inc.)
eID Chrome Middleware 1.1.5 (HKLM-x32\...\eID Chrome Middleware 1.1.5) (Version: 1.1.5 - )
Elevated Installer (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Emulator Starter (HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON-printersoftware (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{00bf033c-5ade-400f-a174-be74932eebc6}) (Version: 4.5.0.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.5.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin USB Drivers (HKLM\...\{DC7720F2-98BE-41C1-B0A8-E391362E86B8}) (Version: 2.3.1.1 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{F5120027-B9BF-4A48-86E9-63F7F79A5263}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7045.4591 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.49 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}) (Version: 7.3.35.20 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}) (Version: 1.0.9 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{AED1C141-3AFC-47FE-AE90-C820AA60B103}) (Version: 2.2.5 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.49 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.49 - Softex Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kruidvat fotoservice (HKLM-x32\...\Kruidvat fotoservice) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
LogMeIn (HKLM-x32\...\{A783CD32-02BD-4DF0-A0C3-C7F7EBC9D688}) (Version: 4.1.7432 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.541 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.541 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\OneDriveSetup.exe) (Version: 17.3.6720.1207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\Minecraft 1.0.0) (Version: 1.0.0 - Mojang (installer by OfficialHawk))
Minecraft (x32 Version: 1.0.0 - Mojang (installer by OfficialHawk)) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 nl) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 nl)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
Need for Speed Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
NVIDIA PhysX (HKLM-x32\...\{54194F60-988C-4D03-B922-C2B00EFDA39A}) (Version: 9.10.0222 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}) (Version: 1.00.0000 - Uw bedrijfsnaam)
Outils de vrification linguistique 2013 de Microsoft Office*- Franais (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.1.0 - pdfforge)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pixum Fotoboek (HKLM-x32\...\Pixum Fotoboek) (Version: 5.1.5 - CEWE Stiftung u Co. KGaA)
Pixum Fotowereld (HKLM-x32\...\Pixum Fotowereld) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA)
PrimoPDF -- brought to you by Nitro PDF Software (HKLM-x32\...\PrimoPDF) (Version: 5 - Nitro PDF Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink Bluetooth Stack64 (HKLM\...\{8A2E2A41-B814-407E-2F96-4E433C42AB78}) (Version: 11.0.739.0 - Mediatek)
Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.29.8105 - Mediatek)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.20 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7010 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 1 for Microsoft Office 2013 Language Pack (KB2817427) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{110B183E-0D44-49D6-B4C0-33D3296DAE84}) (Version: 1.0.0.0 - Samsung )
Spotify (HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Spotify) (Version: 1.0.19.106.gb8a7150f - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4) (HKLM\...\B02255EDA75F867B4D85C5A5D23E13D9EF71E8AE) (Version: 03/25/2014 4.0.7.4 - Fedict)
Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Supreme Commander - Forged Alliance (HKLM-x32\...\{31D95937-B237-405D-920C-A3EF4E482395}) (Version: 1.00.0000 - Gas Powered Games)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.10 - Synaptics Incorporated)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3127976) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{E0107125-62C7-43B6-8E66-0582F397469E}) (Version: - Microsoft)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {03249910-0007-4FE6-A2BE-D8344C5A028A} - \WPD\SqmUpload_S-1-5-21-2351850404-3369495712-1912687821-1001 -> Geen bestand <==== AANDACHT
Task: {038E9051-2A30-4A5B-BAEB-04A022F2141E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {04124DD2-2FDE-4FF9-B1EE-E0C91E334DCD} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {0EA6C4A2-70A2-4F7C-9314-7D85C6839EC8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {12AB82BB-733A-4039-968C-DF78C84DAABE} - System32\Tasks\{CE852AE8-1837-48BC-A8DA-DF4CA6E58CD1} => pcalua.exe -a F:\FarCryAutoCD.exe -d F:\
Task: {171ABC24-C3DA-40D5-99AE-117BE780EA49} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {1BE24DDF-E285-4C7B-9E5F-22CA35064F33} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2016-12-15] (HP Inc.)
Task: {2C24090C-3B57-497F-AABE-AA590F007F20} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {38128E07-97CB-41E1-A225-8C66A5F7ACF2} - System32\Tasks\SessionAgent => C:\windows\gdp32.exe
Task: {398B5246-4A0C-4615-AF17-0DA3ECBFDA14} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.)
Task: {3A976232-6E0F-4171-9270-A49139D9DE59} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Thomas Vanhonsebrouc\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {4EFE6896-A055-4166-AFF5-7B4DAEA05889} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {50CC5F20-6950-4C8A-9CE8-9EAEF6A4FC13} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: {54BD4C32-8ABF-4B56-A4BA-40DA66FE227A} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {57862092-3BF1-4161-B150-4D8409C5F141} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {5FBE5014-ABEB-467A-8530-49A01B322FDD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {634D60D7-E248-4D3E-A8CF-BB972F4723BC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {66AACFC4-7C1E-466E-85EB-41E28DC2C904} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2016-11-29] ()
Task: {77D11792-5C34-41C2-895A-F5C575897C24} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {7D168715-E6F8-4AD3-BDD3-E61D8C6FE14F} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {7F314347-EBC2-4856-AF2B-B94E2336D534} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-10-21] (Adobe Systems Incorporated)
Task: {832F79C1-3018-4F0E-B78F-B6417DFB8B06} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8BB94136-970C-4992-BCF9-CEEC82D728E0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8C7152F8-F6EB-438F-A01F-4150EBEE5D5F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {8EE75577-3AC8-4287-ABEB-A8285B1ECE7D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)
Task: {94ECAB24-6E11-41EC-9F6E-4A55DA226835} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {A09024F8-B232-4B26-8740-F9B97D21E775} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {A3A89819-7031-42AC-89EF-E686228AF00B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {AB895CA6-DEEB-4B87-93C9-AE902C47562F} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {BA69988B-3B8E-442A-9DF7-E0C342C25908} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-12-14] (Microsoft Corporation)
Task: {BF5C0C34-C3DD-47EE-924C-C0F8033AAC8B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {C09B029C-A0B1-455C-AC2A-0AE42679F9BC} - System32\Tasks\HPCeeScheduleForThomas Vanhonsebrouc => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {C2A47377-B2C7-444B-9088-B9DDE783E1B7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-08-29] (Hewlett-Packard Company)
Task: {C5AED6EB-DE93-40BB-B9EB-71178E8BA099} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {C88AC3E9-BA53-4507-9153-36FA57FC88CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [2016-02-18] (Hewlett-Packard)
Task: {CBEDA839-1372-4B75-973A-4DE15F2DD97B} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {D0754387-329A-45FB-87EA-5ED342402C5D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {D1846715-E4BA-4D2D-8575-515CD2CB303E} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {D1BE1663-C6F8-4312-8916-B4B270302D0A} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {D9B98A2A-EF70-4054-B84F-6F54813FD577} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {DC3A50A0-CBD4-4133-9193-89ADF731D6CB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2016-12-12] (HP Inc.)
Task: {DF01A42B-40F9-4298-96F0-F77C3012C8D1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {FB193B6A-7C9D-4F26-89D3-CE92BD89845E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForThomas Vanhonsebrouc.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

==================== Geladen Modules (gefilterd) ==============
 
Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

Code:
[B][color=#0000FF]
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [EPSON Stylus DX4400 Series] => /FU "C:\WINDOWS\TEMP\E_S6868.tmp" /EF "HKCU" <===== AANDACHT
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.2.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.1.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.0.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 00065536 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.blf

cmd: ipconfig /flushdns
cmd: netsh winsock reset
[/COLOR][/B]

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Hallo,
Hier het fixlogje.

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 01-01-2017
Gestart door Thomas Vanhonsebrouc (03-01-2017 20:44:59) Run:1
Gestart vanaf C:\Users\Thomas Vanhonsebrouc\Desktop
Geladen Profielen: Thomas Vanhonsebrouc (Beschikbare Profielen: Thomas Vanhonsebrouc)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\...\Run: [EPSON Stylus DX4400 Series] => /FU "C:\WINDOWS\TEMP\E_S6868.tmp" /EF "HKCU" <===== AANDACHT
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.2.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.1.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 01048576 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.0.regtrans-ms
2016-12-19 17:47 - 2016-12-19 17:47 - 00065536 ___SH C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.blf

cmd: ipconfig /flushdns
cmd: netsh winsock reset
*****************

Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
HKU\S-1-5-21-2351850404-3369495712-1912687821-1001\Software\Microsoft\Windows\CurrentVersion\Run\\EPSON Stylus DX4400 Series => waarde is succesvol verwijderd.
Kon niet verplaatsen "C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.2.regtrans-ms" => Gepland te verplaatsen bij herstart.
Kon niet verplaatsen "C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.1.regtrans-ms" => Gepland te verplaatsen bij herstart.
Kon niet verplaatsen "C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.0.regtrans-ms" => Gepland te verplaatsen bij herstart.
Kon niet verplaatsen "C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.blf" => Gepland te verplaatsen bij herstart.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= Eind van CMD: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= Eind van CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 1134528 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 307069827 B
Java, Flash, Steam htmlcache => 337316851 B
Windows/system/drivers => 69050870 B
Edge => 125669046 B
Chrome => 486881735 B
Firefox => 7714507 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 432 B
LocalService => 5660 B
NetworkService => 17368 B
Thomas Vanhonsebrouc => 253497107 B

RecycleBin => 29787341760 B
EmptyTemp: => 29.2 GB tijdelijke gegevens verwijderd.

================================

Resultaat van geplande bestanden te verplaatsen (Boot Modus: Normal) (Datum&Tijd: 03-01-2017 20:50:30)

"C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.2.regtrans-ms" => Kon niet verplaatsen
"C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.1.regtrans-ms" => Kon niet verplaatsen
"C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.0.regtrans-ms" => Kon niet verplaatsen
"C:\Users\Thomas Vanhonsebrouc\NTUSER.DAT{69659eea-6d66-11e6-9509-97da7b338063}.TxR.blf" => Kon niet verplaatsen

==== Eind van Fixlog 20:50:32 ====
 
Download
51f51523a23a0-OTL_Canned_Nieuw.png
OTL.exe

Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Sluit voordat OTL.exe gaat scannen, eerst alle andere openstaande vensters!

OTL.exe gebruiken:
    • Windows 2000 en Windows XP: dubbelklik op OTL.exe.
    • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".


  • Zet een vinkje bij Scan All Users, LOP Check en bij PURITY Check.
  • Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder
    4f9111a6d2a6c-OTL-2.png


    Code:
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    msconfig
    safebootminimal
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    [createrestorepoint]
  • Klik vervolgens op de knop
    50cd93c69be5b-OTL_-_Run_Scan_knop.jpg
    .
  • Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
  • De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
    • Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.

In geval de inhoud van een van de logs of van beide logs te groot is om te posten, kijk dan hier: Hoe een bijlage toevoegen?
 
Hallo hierbij de link van OTL bestand. en het extra file

http://wikisend.com/download/408474/OTL.Txt

OTL Extras logfile created on: 3/01/2017 21:15:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas Vanhonsebrouc\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.14393.0)
Locale: 00000813 | Country: Belgi | Language: NLB | Date Format: d/MM/yyyy

7,92 Gb Total Physical Memory | 5,16 Gb Available Physical Memory | 65,20% Memory free
9,17 Gb Paging File | 6,16 Gb Available in Paging File | 67,17% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 447,38 Gb Total Space | 291,17 Gb Free Space | 65,08% Space Free | Partition Type: NTFS
Drive D: | 16,71 Gb Total Space | 1,68 Gb Free Space | 10,07% Space Free | Partition Type: NTFS

Computer Name: THOMAS | User Name: Thomas Vanhonsebrouc | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2351850404-3369495712-1912687821-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoshow] -- "C:\Program Files\Pixum\Pixum Fotoboek\Fotoshow.exe" "%1" ()
Directory [Kruidvat fotoservice] -- "C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe" "%1" ()
Directory [Kruidvat Fotoshow] -- "C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat Fotoshow.exe" "%1" ()
Directory [Pixum Fotoboek] -- "C:\Program Files\Pixum\Pixum Fotoboek\Pixum Fotoboek.exe" "%1" ()
Directory [Pixum Fotowereld] -- "C:\Program Files\Pixum\Pixum Fotoboek\Pixum Fotowereld.exe" "%1" ()
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Fotoshow] -- "C:\Program Files\Pixum\Pixum Fotoboek\Fotoshow.exe" "%1" ()
Directory [Kruidvat fotoservice] -- "C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe" "%1" ()
Directory [Kruidvat Fotoshow] -- "C:\Program Files\Fotoservice\Kruidvat fotoservice\Kruidvat Fotoshow.exe" "%1" ()
Directory [Pixum Fotoboek] -- "C:\Program Files\Pixum\Pixum Fotoboek\Pixum Fotoboek.exe" "%1" ()
Directory [Pixum Fotowereld] -- "C:\Program Files\Pixum\Pixum Fotoboek\Pixum Fotowereld.exe" "%1" ()
Directory [Powershell] -- powershell.exe -noexit -command Set-Location '%V' (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 67 30 CB A8 72 01 D2 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
"DontEnumerateCommonFilesUpgradeExe" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{3BC32652-372E-411E-9BF5-6BF3BA82EC8C}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3F252DB7-06C0-450D-9837-5B46325D6948}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{43658F4D-926F-42B7-BD0B-2E50428DAB78}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{46ED8B03-DAE0-4946-95A6-A931425FB822}" = lport=80 | protocol=6 | dir=in | name=promo |
"{4C3D23C3-3A98-469D-888E-DFF01C596E12}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{54D483F6-7687-4008-B335-A6F772C5FE4B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5BBDF74A-1849-4F8D-9EB9-1DE5250AC572}" = lport=53 | protocol=17 | dir=in | name=promo |
"{60A51387-6482-4A33-B3D6-31E4C552F45D}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{83E5AC3E-8BD4-4258-87B4-E0C20F45B0C6}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{90A3D661-E865-4E9B-B695-B5D7B2542828}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{95B25EC1-6F96-4910-93C0-EF362FA514FA}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{AF22F1C5-C413-4482-9052-7D3F95684FAB}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B0FC4511-07D1-4AE1-8B3E-33CC0F4B2887}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C4134ACA-8AB1-456B-A9E7-C8717B80FAE3}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{C49E359E-1452-48CD-83AF-112E5CFDB0E9}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{CE788966-9D87-47E7-B394-3FACC23B6963}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03079F55-E9F6-4C93-9B2E-110223827EC5}" = dir=out | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{0372E240-B339-4B47-B5C5-5F075662BCD9}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{03B47C15-664A-4E8B-A8E9-4BAD5148C368}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{04474FA6-B9D5-4912-88DB-0C73612B07B9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{0575FD01-3994-4048-B6DF-ED1B1A6D3F34}" = dir=out | name=@{microsoft.people_10.1.3160.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.people/resources/appstorename} |
"{058C377C-D302-4298-8831-1B6DE8B136A6}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{05F86790-0120-44F3-AE0E-842B75723A88}" = dir=out | name=box for windows 8 |
"{08615D57-D960-48A9-8E5E-87670FC9A156}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{0A57876E-EDB5-472D-8502-70EE7B6B99FD}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{0F37B7E9-CC63-46B3-AC33-83E5C973876C}" = dir=in | name=xbox |
"{10A34959-9086-4F4E-8EBE-132A55E08105}" = dir=out | name=snapfish |
"{11DA2FF1-15D5-47B2-A0C2-B47106E2A982}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe |
"{137C5565-E8E7-4DEA-932A-68549F765D0A}" = dir=out | name=@{microsoft.appconnector_1.3.3.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.appconnector/resources/connectorstubtitle} |
"{14CF4458-9935-4C56-9A5E-14FE54CDF202}" = dir=in | name=vlc for windows store |
"{18640C72-84B9-40EF-9F6D-B0F72A6CA7BB}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{1B82493C-212D-4703-B677-359563C93E8E}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{1B9DEEE2-5508-43B9-94C0-572FF2D18C42}" = dir=out | name=@{microsoft.getstarted_4.2.29.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.getstarted/resources/appstorename} |
"{1BA93229-EC8C-43F5-9C8B-DBC014BD4671}" = dir=out | name=@{microsoft.windows.apprep.chxapp_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.apprep.chxapp/resources/displayname} |
"{1C270D2E-399B-43A9-A302-18EA83219890}" = dir=out | name=@{microsoft.xboxgamecallableui_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.xboxgamecallableui/resources/pkgdisplayname} |
"{1DE472BE-D471-437F-BA8B-DF22552B9E75}" = dir=out | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{1FAD3FAF-F413-4508-AC85-35311F67E7F0}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\ios recorder.exe |
"{201E657F-B493-4E2B-AFC9-3B5C087FDD80}" = dir=out | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{25B90ABA-BC17-4A91-9058-EC401A3254B2}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{26F8B0BC-69E2-4190-B47C-C1E8A9857F41}" = dir=out | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{27668543-84AF-42E2-BFCC-1B0249412E79}" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{27856EF4-AD7C-447C-8178-F76E6C38F904}" = dir=in | name=@{microsoft.bingfinance_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/applicationtitlewithbranding} |
"{27B216D0-15C2-4799-ABF2-74E3D8A8CB3B}" = dir=out | name=xbox |
"{27BCA6E0-78E4-436E-AC4C-2CAB9BF60353}" = dir=in | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{2B4AA10D-686E-4B4F-9654-25CA6DDA4D8E}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{2DBB7B24-351C-4A67-9E78-16C7C5DB0004}" = dir=out | name=youcam for hp |
"{34750F26-6754-4B32-8F10-4A1315F39BA2}" = dir=out | name=@{microsoft.windows.contentdeliverymanager_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.contentdeliverymanager/resources/appdisplayname} |
"{360AD870-60CD-472B-BA3A-2574BFB52E15}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{36B67F4F-C177-4448-9544-2498F4C878AE}" = dir=in | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{371F9C4A-7041-4DD9-B365-7E96D9BDD126}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{3931353B-0DC3-400F-A866-136C1E93C107}" = dir=out | name=windows_ie_ac_001 |
"{397FFDF3-4EC2-469E-9C97-5C6B3A548628}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe |
"{3CAD0246-586B-49F8-AA95-DCFD449F800F}" = dir=out | name=vlc for windows store |
"{3DFEB7A9-85D8-46CF-8838-B47D9A8D74A8}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{3E3A9C9B-7B71-4865-83F5-524E1C9AD912}" = dir=out | name=sway |
"{40103FB4-686C-45EE-B51F-04075F2DD617}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoft phone manager.exe |
"{405EC798-0676-4108-AEFA-ED11A13214A3}" = dir=out | name=microsoft solitaire collection |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{42C1EE1C-FF24-4F66-A1B4-20251CCA119F}" = dir=out | name=@{microsoft.windows.parentalcontrols_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.parentalcontrols/resources/displayname} |
"{438C712B-82EA-474E-A6FA-78333035F123}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\updater.exe |
"{45A957FB-3B92-4FDE-9384-F41A0321CC7D}" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe |
"{4881435D-2588-4A1F-9900-FF6282A76870}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{495A9D76-813D-4CAB-8B98-80A658C1482F}" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe |
"{4A5C8A12-A51F-48B5-A2A0-8B7E7FBC5FA1}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{4A762850-3A89-4AA5-B008-8771BC8360B2}" = dir=out | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{4D19614C-616D-4AC3-9E69-90AE407F68A4}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{4DDDB3E8-8788-49BD-9DF2-8D283058C18C}" = dir=out | name=@{ad2f1837.gettingstartedwithwindows8_1.6.0.0_neutral__v10z8vjag6ke6?ms-resource://ad2f1837.gettingstartedwithwindows8/resources/id_app_title} |
"{5234B2DF-B70B-4076-A7B7-81F4B0AD946B}" = dir=out | name=@{microsoft.3dbuilder_12.0.3131.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.3dbuilder/resources/appstorename} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{54D91B5A-F3BD-4402-82A5-4ED1AD51A9B0}" = dir=out | name=windows_ie_ac_001 |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5696E4CE-0627-4B14-A15E-1BBC40551A31}" = dir=out | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{573F9BE1-DE66-4921-86A0-A5F3270A8C04}" = dir=in | name=@{microsoft.windowsfeedbackhub_1.1610.3143.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsfeedbackhub/resources/appstorename} |
"{5A92FEAF-4E80-422F-83D3-E4FFC3A9B3D2}" = dir=in | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{5ABAC495-7636-4389-9295-CE56C37B080D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe |
"{5B1C87A0-8D7E-4C6C-AA2E-8B422084BACD}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{5B4F13A2-BDA6-4835-B1FF-AAF83B402635}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{5CA5A212-164E-4CF7-8695-A98EA1D4FAA3}" = dir=out | name=@{microsoft.windowsphone_10.1609.2561.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphone/resources/appstorename} |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{612CCD7B-E7E8-4F02-B967-3E17A1807FAF}" = dir=out | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{614C31F5-C3A7-444E-A7A8-523404F4B8FB}" = dir=out | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{617C4F29-958E-4B20-B989-866E0FE4FB5D}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{62024C7B-C515-4722-9CA3-EDE523E96787}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{657EC68C-3594-48B0-92BB-D3EAB85AF1D5}" = protocol=17 | dir=in | app=c:\program files (x86)\kodi\kodi.exe |
"{661D4D56-FF63-46C7-AD59-4730B53969B8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{692CD795-E595-46E9-9EAF-3B216FD2413B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defiance\patcher.exe |
"{6BB33C2D-7DAA-4AF1-9410-3548C853EEA4}" = dir=out | name=@{microsoft.accountscontrol_10.0.14393.576_neutral__cw5n1h2txyewy?ms-resource://microsoft.accountscontrol/resources/displayname} |
"{6C140812-CAD7-49AD-8D6F-17F35CB622B5}" = dir=out | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{6DC70C9B-FAAB-4A46-A06B-56B472A99C9A}" = dir=out | name=@{microsoft.connectivitystore_1.1604.4.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.connectivitystore/mswifiresources/appstorename} |
"{71AB7C4D-41B2-415E-BB25-3DFB664B6513}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\updater.exe |
"{71B79F9C-B8B5-4D0B-AAD2-0C447DEF5D7C}" = dir=in | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{77D93D54-9809-4678-AC5A-26D833D98923}" = protocol=58 | dir=in | app=system |
"{784078DF-55E8-4FC1-ADB6-A2457F834808}" = dir=out | name=@{microsoft.bingweather_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/applicationtitlewithbranding} |
"{7A9937F7-66AF-4018-A619-804CCAEFD0CB}" = dir=in | name=microsoft solitaire collection |
"{7F5E5BD3-3712-4B26-8F7F-36658DF840B5}" = dir=out | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{83FA7B71-F565-420B-91B1-487E7D480FA1}" = dir=in | name=@{microsoft.windows.photos_16.1118.10000.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windows.photos/resources/appstorename} |
"{842D5B76-47B6-4A10-9C51-5A9E5DC20532}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{851B4EA3-E737-45BD-876F-22B769500A58}" = dir=out | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{896F082E-21D5-46B1-9F87-1390EB641DD5}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{8CBC617F-1A56-4B89-8DEE-6B14582116D8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{910FF467-C941-464D-B313-0A06CA74FF69}" = dir=in | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{92272637-F3F9-43D3-A509-75951988B1E2}" = dir=out | name=@{microsoft.bingtravel_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{92A58CC0-74AD-4E76-85CE-170552F8A016}" = dir=out | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{92C3EAD8-C560-4138-A71F-B2282F21538C}" = dir=out | name=@{microsoft.windowsmaps_5.1611.3342.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsmaps/resources/appstorename} |
"{94A9BE74-4DEE-41CA-BE90-A5DF1170CF06}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{94D55874-2562-4B85-A6B6-68FABA661128}" = dir=in | name=@{microsoft.oneconnect_1.1607.6.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.oneconnect/oneconnect/appstorename} |
"{9840BCA3-18A2-429B-9521-E7BEFC626945}" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\utorrent\utorrent.exe |
"{9880F924-03F9-4C8A-A4EA-4C42300C0B8E}" = dir=in | name=@{microsoft.zunemusic_10.16112.10211.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{993AA41C-AF06-4416-818B-94C3141879B1}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.7714.42037.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/hxoutlookintl/appmanifest_outlookdesktop_displayname} |
"{9A402401-788C-489F-881B-8B6E8ADEF183}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{9B0000F1-7BA6-423D-AEC6-72635B7F88DB}" = dir=out | name=@{microsoft.bingnews_4.18.41.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/applicationtitlewithbranding} |
"{9B211BBB-6222-4FF8-86B4-CC736DC8C2C8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\bin\steamwebhelper.exe |
"{9B97C63F-27B9-49EB-A501-1AD3293F0385}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |
"{9C71EA9A-ABD7-49A7-85D7-1AE12ADFC6C4}" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"{9C9F6C36-D50F-40F7-AECC-398F9F09C6FF}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{9D04B299-69C2-480D-AC20-F524F8160620}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\defiance\patcher.exe |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9F6321DB-B73E-4BFD-A80F-2C520377BE10}" = dir=out | name=onenote |
"{A041408D-097A-4201-A9A2-DF7134F18D5C}" = dir=out | name=@{microsoft.lockapp_10.0.14393.0_neutral__cw5n1h2txyewy?ms-resource://microsoft.lockapp/resources/appdisplayname} |
"{A473853E-CA67-408A-B123-DB182F04B740}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe |
"{A55FF530-73C8-4677-8ED2-647DA4CFFD32}" = dir=in | name=@{microsoft.microsoftedge_38.14393.0.0_neutral__8wekyb3d8bbwe?ms-resource://microsoft.microsoftedge/resources/appname} |
"{A5BE1946-8854-4288-9E8C-3540A9EB5899}" = dir=in | name=@{microsoft.commsphone_2.17.27003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.commsphone/resources/appstorename} |
"{A6067560-E883-40F1-8EF0-074FB2686F30}" = dir=out | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{AB3EB0E7-95D1-4C27-A297-88E4D51CEA08}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{AB59110E-82DC-49F5-ADBE-27A2A36B19B4}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{AC5F08D4-2241-4E36-97D0-A235E3D1DF26}" = dir=out | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{B3129BE3-2B46-4DB9-98E4-091256D90BFA}" = dir=out | name=store purchase app |
"{B4E859E3-3E9D-47C1-B6BE-AFA798D4CF83}" = dir=out | name=microsoft sticky notes |
"{B55804C1-D5E9-42CD-BA09-B4DFF4BBB7AA}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{B68B4C05-3ED6-4D04-8C01-DDB174A74985}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{B812D927-3D3C-4F61-9E45-4AE559D9A78B}" = dir=in | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoftandroiddaemon.exe |
"{B9358884-53C2-47F7-AACC-AD18B0F18A93}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{B954C1A9-3FEB-417E-93BE-9FD55280D53F}" = dir=in | name=@{microsoft.bingsports_4.18.37.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/applicationtitlewithbranding} |
"{BA9B7A13-15DF-4720-81DB-AC6B8BD74219}" = dir=out | name=twitter |
"{BB6D97AF-2457-403E-836A-7739D5C80E85}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{BC32788A-BA8A-4831-9BAD-15BE0C023109}" = dir=in | name=onenote |
"{C17A7BBA-7C84-4A22-8FA1-DB933C1B4A1D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd.exe |
"{C22A9D3E-3A5B-4D2E-80C6-7E7080EBE284}" = dir=in | name=@{microsoft.skypeapp_11.10.145.0_x64__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/skypevideo_productname} |
"{C2DE92A7-1258-46E3-8A03-2F1460811F7C}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\ios recorder.exe |
"{C33E993B-7B4B-46DE-9171-F2FC14BB7F60}" = dir=in | name=@{windows.contactsupport_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://windows.contactsupport/resources/appdisplayname} |
"{C421BD8B-2324-4AF0-AFD6-03A0B36B1687}" = protocol=6 | dir=in | app=c:\program files (x86)\thq\gas powered games\supreme commander - forged alliance\bin\forgedalliance.exe |
"{C65463BB-D26B-475B-8029-AEADCFCF6D26}" = protocol=6 | dir=in | app=c:\windows\temp\rdpclip.exe |
"{C8E54145-CEB7-4E60-B0DD-E1B27E54B748}" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\utorrent\utorrent.exe |
"{CA4B5404-0079-43CB-A1C4-0310089FA433}" = dir=out | name=@{microsoft.windows.shellexperiencehost_10.0.14393.576_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.shellexperiencehost/resources/pkgdisplayname} |
"{D07E9C74-ABBB-4708-B1C6-51C3DBFAF5AE}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D12D8FD0-FD43-4C6E-91AC-899F08ED4290}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{D4021841-6FF5-4301-8AE4-0250B1F1CEDD}" = dir=out | name=hp registration |
"{D4B95E81-493A-4DC4-ACE4-1BFA934EE774}" = dir=out | name=@{microsoft.messaging_3.19.1001.0_x86__8wekyb3d8bbwe?ms-resource://microsoft.messaging/resources/appstorename} |
"{D5DA88B0-A48C-43DA-9084-ED6D95671201}" = dir=out | app=c:\program files (x86)\apowersoft\apowersoft phone manager\apowersoftandroiddaemon.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D8205E93-0EC8-4503-9D6A-1FBD03643661}" = protocol=17 | dir=in | app=c:\windows\temp\rdpclip.exe |
"{D8C63447-7702-4552-B5D9-0587B1F620B1}" = dir=out | name=yelo play |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DB67B4E7-21CF-40F4-9029-6DE56487E294}" = dir=in | name=microsoft sticky notes |
"{DC2E0E9B-BE68-4E80-BA9C-11DFDD1D4FE8}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{DDCE0ACB-4BF8-4CD1-B2FA-88A6496A807B}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{DFA5F39D-C499-4AFB-891C-988FC44A2429}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.21234_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{DFFC4B41-B01E-4C86-A948-EB0B71ED4127}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{E15D6728-51BB-451C-9200-15C0036756C4}" = dir=in | name=@{microsoft.windows.cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cortana/resources/packagedisplayname} |
"{E2E8EA52-D24A-4746-A1FA-917AB85AFE73}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\team fortress 2\hl2.exe |
"{E63F33C7-227C-439D-A527-6304D9346308}" = dir=out | name=candy crush soda saga |
"{E756FD34-D839-4F8E-9097-E9D751BF5E0B}" = dir=in | name=@{microsoft.windowsstore_11610.1001.23.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsstore/resources/storetitle} |
"{EB165697-23A4-4897-A8E6-9D44383B63DB}" = dir=in | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{EB556AE9-5705-449A-824F-798D4BC9DEAB}" = dir=in | name=@{microsoft.windows.cloudexperiencehost_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.windows.cloudexperiencehost/resources/appdescription} |
"{EB8B83AB-FF1C-4CA6-8AAD-C86B70750153}" = dir=out | name=@{microsoft.zunevideo_10.16112.10221.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{EBFAC843-7963-4AD0-A7CC-8DA3282B0EC6}" = dir=in | name=box for windows 8 |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EE988E49-860D-4DBB-992D-1A0138AD88E7}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{EEE8880E-62E2-4A09-964E-36ACC391DA30}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{EFD3F7D3-0DD0-4222-97BF-DD8C5E069F00}" = dir=out | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{F065AB2F-418B-401E-9739-D8B413022629}" = dir=in | name=sway |
"{F0C4670D-207C-4D5F-8E01-B8C44472C8AA}" = dir=in | name=@{microsoft.microsoftofficehub_17.7608.23501.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftofficehub/officehubintl/appmanifest_getoffice_displayname} |
"{F2F7EB6F-88C6-46B4-A9AF-DCB5083E8F53}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe |
"{F41F3451-A0FB-408C-A7CF-E1BE1B94D80C}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe |
"{F5498215-65BF-4BBC-AE35-F29ADD4E076A}" = dir=out | name=youtube- |
"{F5A45E79-9F8F-4265-A190-142612EAD40E}" = dir=out | name=facebook |
"{F633154F-4B2D-420B-8632-F0FCA417AF97}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F6DA72CD-4C98-48A1-9417-048E6B344B79}" = protocol=17 | dir=in | app=c:\program files (x86)\thq\gas powered games\gpgnet\gpg.multiplayer.client.exe |
"{F6ED4362-9AEB-4D08-935A-79E0E6CEC4EA}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.336_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FD9F5F91-B1E7-4B68-8F7E-FBFC1FA48788}" = dir=in | name=@{microsoft.ppiprojection_10.0.14393.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.ppiprojection/resources/productname} |
"{FE6F05C4-DA8E-4AA9-B3D5-502B7FD7768A}" = dir=out | name=@{microsoft.aad.brokerplugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://microsoft.aad.brokerplugin/resources/packagedisplayname} |
"{FF13B3A0-042B-4A03-ABA5-A5B797D103B4}" = protocol=6 | dir=in | app=c:\program files (x86)\kodi\kodi.exe |
"{FFD9087A-B895-4A79-878B-DF31EE0AC05F}" = dir=out | name=@{microsoft.xboxidentityprovider_11.19.19003.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxidentityprovider/resources/displayname} |
"TCP Query User{09338060-6551-40FC-9AE5-10DEB6CE7F5A}C:\program files (x86)\smart view\smart view.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smart view\smart view.exe |
"TCP Query User{543837A2-E1FB-4CE4-A854-9DFE4E2E567D}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{6BB91627-61DA-464E-ADB0-E72E865B5957}C:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe |
"TCP Query User{A97FF6FE-C8F6-4D9B-AA30-F8EA42BA5D02}C:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe |
"TCP Query User{BA710528-207A-47FF-8081-095EC136CE5E}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"TCP Query User{C1AF2901-66BA-4B73-BA25-74E2EF05176F}C:\program files (x86)\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"TCP Query User{CA9A5DB7-C34D-4CF3-AE75-9EBF1B82472B}C:\program files (x86)\smart view\smart view.exe" = protocol=6 | dir=in | app=c:\program files (x86)\smart view\smart view.exe |
"TCP Query User{DAD16AB9-6BC8-490E-8861-E334A67FFEC7}C:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe |
"TCP Query User{EC84BA53-4B31-429E-9BC5-8319D7A55A60}C:\users\thomas vanhonsebrouc\downloads\battlefield 2 - multiplayer and singleplayer\1. install\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\battlefield 2 - multiplayer and singleplayer\1. install\battlefield 2\bf2.exe |
"TCP Query User{FC1ACCDB-B88E-4571-BF32-D26B9AAE726A}C:\program files (x86)\kodi\kodi.exe" = protocol=6 | dir=in | app=c:\program files (x86)\kodi\kodi.exe |
"UDP Query User{19988480-C6BE-4A20-9EDA-2218C18C1D86}C:\program files (x86)\smart view\smart view.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smart view\smart view.exe |
"UDP Query User{40729143-9F11-4C8A-9EF6-2DE8E6472DCC}C:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe |
"UDP Query User{602ADBAC-F9D1-4107-A23C-4D1E93C69968}C:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\appdata\roaming\spotify\spotify.exe |
"UDP Query User{6B154F9F-6521-45EB-B2BA-FB9E5684C043}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"UDP Query User{6BC5572D-33F6-4D14-86F2-D678D7069406}C:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\medal of honor\binaries\moh.exe |
"UDP Query User{760AD5D1-716D-4EE6-A663-AB664EF4B5BD}C:\program files (x86)\smart view\smart view.exe" = protocol=17 | dir=in | app=c:\program files (x86)\smart view\smart view.exe |
"UDP Query User{9368968B-F4CA-403F-B167-FCD8C3769F35}C:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\train.simulator.2016\railworks\railworks.exe |
"UDP Query User{96707DE7-4D89-444D-BF17-2B622B4DDC96}C:\users\thomas vanhonsebrouc\downloads\battlefield 2 - multiplayer and singleplayer\1. install\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\users\thomas vanhonsebrouc\downloads\battlefield 2 - multiplayer and singleplayer\1. install\battlefield 2\bf2.exe |
"UDP Query User{BBB1325B-3D80-47B6-8198-8388D1FB23D8}C:\program files (x86)\kodi\kodi.exe" = protocol=17 | dir=in | app=c:\program files (x86)\kodi\kodi.exe |
"UDP Query User{FA0971CB-BACE-4FB5-95D0-B38B81776ACE}C:\program files (x86)\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{0B3DFE3F-FAFA-6E3C-F76A-A269AF4386F6}" = ccc-utility64
"{11F6087F-2114-45B5-9EB3-F80E1368CBE9}" = ANT Drivers Installer x64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{23D2AFC7-C01E-4413-9D9A-0BABF52569BF}" = Microsoft Mouse and Keyboard Center
"{2DE6247C-7077-451B-8BA7-FFD1A2ABBB47}" = Inst5675
"{314FAD12-F785-4471-BCE8-AB506642B9A1}" = HP SimplePass
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{3FF59A46-2208-3A7A-BC8E-5DC0BBBA1A87}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD
"{409CB30E-E457-4008-9B1A-ED1B9EA21140}" = Intel(R) Rapid Storage Technology
"{5A3BF213-01BC-E5A1-1D1B-EDE3167852AB}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{70A381F1-C161-4D61-A20C-BE12FC6777DF}" = Garmin Communicator Plugin x64
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{824563DE-75AD-4166-9DC0-B6482F207453}" = Belgium e-ID middleware 4.0.7 (build 7453)
"{878F6913-7421-4713-97F7-0A736EE2A188}" = Inst5676
"{89AFB053-A343-46EF-97E4-D593AD7184E6}" = Intel Trusted Connect Service Client
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A2E2A41-B814-407E-2F96-4E433C42AB78}" = Ralink Bluetooth Stack64
"{90150000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2013
"{90150000-0015-0409-1000-0000000FF1CE}" = Microsoft Access MUI (English) 2013
"{90150000-0016-0409-1000-0000000FF1CE}" = Microsoft Excel MUI (English) 2013
"{90150000-0018-0409-1000-0000000FF1CE}" = Microsoft PowerPoint MUI (English) 2013
"{90150000-0019-0409-1000-0000000FF1CE}" = Microsoft Publisher MUI (English) 2013
"{90150000-001A-0409-1000-0000000FF1CE}" = Microsoft Outlook MUI (English) 2013
"{90150000-001B-0409-1000-0000000FF1CE}" = Microsoft Word MUI (English) 2013
"{90150000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - English
"{90150000-001F-040C-1000-0000000FF1CE}" = Outils de vrification linguistique 2013 de Microsoft Office*- Franais
"{90150000-001F-0413-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Nederlands
"{90150000-001F-0C0A-1000-0000000FF1CE}" = Microsoft Office Proofing Tools 2013 - Espaol
"{90150000-002C-0409-1000-0000000FF1CE}" = Microsoft Office Proofing (English) 2013
"{90150000-0044-0409-1000-0000000FF1CE}" = Microsoft InfoPath MUI (English) 2013
"{90150000-006E-0409-1000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2013
"{90150000-0090-0409-1000-0000000FF1CE}" = Microsoft DCF MUI (English) 2013
"{90150000-00A1-0409-1000-0000000FF1CE}" = Microsoft OneNote MUI (English) 2013
"{90150000-00BA-0409-1000-0000000FF1CE}" = Microsoft Groove MUI (English) 2013
"{90150000-00C1-0000-1000-0000000FF1CE}" = Microsoft Office 32-bit Components 2013
"{90150000-00C1-0409-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (English) 2013
"{90150000-00E1-0409-1000-0000000FF1CE}" = Microsoft Office OSM MUI (English) 2013
"{90150000-00E2-0409-1000-0000000FF1CE}" = Microsoft Office OSM UX MUI (English) 2013
"{90150000-0115-0409-1000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2013
"{90150000-0117-0409-1000-0000000FF1CE}" = Microsoft Access Setup Metadata MUI (English) 2013
"{90150000-012B-0409-1000-0000000FF1CE}" = Microsoft Lync MUI (English) 2013
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AED1C141-3AFC-47FE-AE90-C820AA60B103}" = HP Utility Center
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{DC7720F2-98BE-41C1-B0A8-E391362E86B8}" = Garmin USB Drivers
"{E5FAF48A-145F-4B33-A062-DCFAAFAE5D41}" = Intel(R) Rapid Storage Technology
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"B02255EDA75F867B4D85C5A5D23E13D9EF71E8AE" = Stuurprogrammapakket voor Windows - Fedict SmartCard (03/25/2014 4.0.7.4)
"CCleaner" = CCleaner
"D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2" = Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1)
"EPSON Printer and Utilities" = EPSON-printersoftware
"F9D2A789F9CFF8CEC36B544F53877C80F1F73C46" = Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)
"Microsoft Mouse and Keyboard Center" = Microsoft Mouse and Keyboard Center
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD" = Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD
"Office15.PROPLUS" = Microsoft Office Professional Plus 2013
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00bf033c-5ade-400f-a174-be74932eebc6}" = Garmin Express
"{01B3689E-1900-44F1-9B14-63F2121E51CB}" = Garmin Express Tray
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03D562B5-C4E2-4846-A920-33178788BE00}" = Windows Live Communications Platform
"{0540E7F7-CD30-4ECB-7175-7B7066A0D4C1}" = CCC Help Finnish
"{062E32F6-116E-F6C8-478A-1D4338C13F9A}" = Catalyst Control Center Graphics Previews Common
"{06E0A5C8-124E-5FF0-9FAB-ADE03AFE2CE7}" = CCC Help Spanish
"{07F6DC37-0857-4B68-A675-4E35989E85E3}" = HP 3D DriveGuard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0F929651-F516-4956-90F2-FFBD2CD5D30E}" = Photo Gallery
"{0FD2B9C6-DB91-48EA-9518-AB5B68CA1E28}" = Movie Maker
"{0FD66C6F-4023-4C74-AF8E-9B8B2053868E}" = Fotogalerie
"{0FF9CC94-EF23-401E-BDBD-37403D1A2B38}" = Windows Live SOXE Definitions
"{10640F6D-6AB0-401E-9FC6-A94D19C580BC}" = Windows Live UX Platform Language Pack
"{110B183E-0D44-49D6-B4C0-33D3296DAE84}" = Smart View
"{119A44B5-6237-4D56-8424-5DAE70ED3F4E}" = Windows Live UX Platform Language Pack
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1405C722-9B3A-2B2B-C8C6-76B715EDB10F}" = Catalyst Control Center Localization All
"{147FBA18-A6BB-4AD5-8F0A-37380AAABD76}" = Photo Common
"{152E0B21-19D5-4772-9EF8-8E76074B0C0A}" = BlueStacks Notification Center
"{169AC19B-53CD-54C4-5B2D-56AC666BE37F}" = CCC Help Thai
"{188ED43E-3E2C-487C-9982-AB350745C4A5}" = Catalyst Control Center - Branding
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FAE2A2B-4F8C-C865-6180-C0AED0215474}" = CCC Help Japanese
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2020C08E-74F5-4E9F-BD2A-41F8CB6EBA10}" = Photo Gallery
"{23B93929-FAD4-40E5-96C6-0E977BB87204}" = Windows Live Essentials
"{23EF407B-E7D0-4CB6-8916-43E5B9EEFDED}" = HP System Event Utility
"{26A24AE4-039D-4CA4-87B4-2F83218091F0}" = Java 8 Update 91
"{276A11C7-F530-24C1-86E0-82DE8C6DA339}" = AMD Catalyst Control Center
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{31D95937-B237-405D-920C-A3EF4E482395}" = Supreme Commander - Forged Alliance
"{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
"{340065C9-3B91-38C3-7C9F-E7F102E7D6C4}" = CCC Help Italian
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{3AF15EEA-8EDF-4393-BB6C-CF8A9986486A}" = HP Support Assistant
"{3C5F91EF-5C0B-4D13-BCBE-0FC6FC3ED7F9}" = Movie Maker
"{441BFB76-DB0D-4A1D-BC5E-9198FC90402C}" = Minecraft
"{45898170-E68C-4F02-AA35-C2186BF347A3}" = Movie Maker
"{49DC9658-D26A-4AAB-A83A-2655B8033056}" = Photo Common
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CD0D725-9352-06D3-94F5-55D1B889C943}" = CCC Help Polish
"{54194F60-988C-4D03-B922-C2B00EFDA39A}" = NVIDIA PhysX
"{59F8C5AA-91BD-423D-BF05-09A80F39898F}" = HP CoolSense
"{5A0EE0F0-E909-4F3B-B437-AAD9252427CB}" = Windows Live Installer
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5C601EA8-D519-4010-8CD0-BD3B94A6DD58}" = Photo Common
"{6066D3FE-3692-4449-A3C8-D1EAA2C0E9E7}" = Movie Maker
"{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}" = Google Update Helper
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65C73C88-9363-0756-3508-78F20B5DBCAD}" = CCC Help Norwegian
"{66C06459-2087-81F2-89A9-B37FF8E90E53}" = PX Profile Update
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6B6923B9-8719-425B-916C-CD2908F31AAF}" = Windows Live SOXE
"{6BA68C11-0B63-4192-B880-0B5E3F7949F9}" = Windows Live UX Platform Language Pack
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{707e8edf-9482-4417-ae39-c9b5fe605e87}" = Avira Connect
"{70C5591A-A98F-9A2F-DDE4-0D3DAAB160BA}" = CCC Help Turkish
"{70D5F822-F4C4-33D9-7EEC-2A4AF4EA7BDC}" = OEM Application Profile
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71DBFBF2-F7EB-4268-8485-9471D83C4E66}" = Garmin Communicator Plugin
"{736D169A-DF14-85B9-6C0A-B0226EA920B1}" = CCC Help Portuguese
"{7393995C-4AF1-B50C-D58E-14E619C74B2C}" = CCC Help Chinese Standard
"{74d0e5db-b326-4dae-a6b2-445b9de1836e}" = Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026
"{7DB6895D-7CB9-8E46-3A16-0D4E663D3D30}" = CCC Help Czech
"{8199679E-8BDF-865E-2DEA-1130AFF7FB98}" = CCC Help Danish
"{827F31DC-A307-4A62-B640-840D1A5D2698}" = Avira Connect
"{82CE7E2E-D51D-005C-F67C-F3DC35B77E20}" = CCC Help Swedish
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C6CDE1-69B3-8262-E21F-245FDB1840A4}" = CCC Help Russian
"{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}" = Skype Click to Call
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}" = Ralink RT3290 802.11bgn Wi-Fi Adapter
"{91B5DF26-717A-4A5F-AB10-CD450FAD428C}" = LogMeIn Hamachi
"{936D4074-6A57-45ED-AF5A-F7CF5A56DE6F}" = Windows Live Essentials
"{98DB6EB4-7A3C-BD8E-D9A5-B28ECC159904}" = CCC Help French
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C03CF00-D505-0EE1-6EC4-42956FDB877E}" = CCC Help Korean
"{A2563E55-3BEC-3828-8D67-E5E8B9E8B675}" = Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.23026
"{A52DB080-D445-49EB-90D2-03B9CD794511}" = Photo Common
"{A783CD32-02BD-4DF0-A0C3-C7F7EBC9D688}" = LogMeIn
"{AA806DB1-E882-4834-8102-B5F256BE9A2F}" = Windows Live Essentials
"{AC76BA86-0804-1033-1959-001824205020}" = Adobe Refresh Manager
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.18)
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BE960C1C-7BAD-3DE6-8B1A-2616FE532845}" = Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.23026
"{C0018D63-C33C-4515-9CE8-3BC8830F79A1}" = Photo Gallery
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C6B0EE9E-2128-4448-B7AE-5E2B46E0F0E7}" = Windows Live Photo Common
"{C6CB71D5-63A9-8B0A-C101-47BD10BDC79E}" = CCC Help Chinese Traditional
"{CA49099B-D84C-433C-9D94-B60A991BE323}" = Garmin Express
"{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
"{CC2BEE66-17C4-6B45-6A61-DA4E968B1803}" = CCC Help Dutch
"{CC87D72E-A122-AA4D-ACD2-1DF1BDEB2BF2}" = CCC Help German
"{CCC7C18E-1BEA-409F-B7A9-6C9740B99119}" = Windows Live UX Platform Language Pack
"{D571BFC5-6237-7763-4183-4CB18D911B35}" = CCC Help Hungarian
"{D7CFD48A-A060-BFF9-9DE3-7AB212FDF90A}" = Catalyst Control Center InstallProxy
"{DE7D8CF9-9C52-4BE0-B3E0-D4F116C524A8}" = Windows Live
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E120A45C-6680-E75C-4F30-BBE8AC2EBD67}" = Catalyst Control Center Profiles Mobile
"{E169436E-49D8-419B-A5C0-D245EAF99611}" = Movie Maker
"{E3445598-4424-4EE2-B71C-C23325F7FB71}" = Windows Live PIMT Platform
"{E4612F14-2D8D-4A1A-B8F9-B4DEDA68473F}" = Elevated Installer
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed Undercover
"{E849965E-4771-440C-936F-AF5BFD144416}" = HP Recovery Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0E58739-2B4C-498F-9B0D-FF0F2FD52B61}" = Windows Live UX Platform
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3B39B84-8D64-1561-625E-A0D573FB65AF}" = CCC Help English
"{F4D99A13-F63A-4FC1-8799-CFFDB78DDFB3}" = Galerie de photos
"{F5120027-B9BF-4A48-86E9-63F7F79A5263}" = HP Documentation
"{f65db027-aff3-4070-886a-0d87064aabb1}" = Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FB7852F2-CB00-E2C7-666E-E4AECD1072E6}" = CCC Help Greek
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FC965A47-4839-40CA-B618-18F486F042C6}" = Skype 7.17
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"Avira Antivirus" = Avira Antivirus
"BlueStacks App Player" = BlueStacks App Player
"DAEMON Tools Lite" = DAEMON Tools Lite
"eID Chrome Middleware 1.1.5" = eID Chrome Middleware 1.1.5
"EPSON Scanner" = EPSON Scan
"Google Chrome" = Google Chrome
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}" = HP SimplePass
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Kruidvat fotoservice" = Kruidvat fotoservice
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware versie 2.2.1.1043
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Minecraft 1.0.0" = Minecraft
"Mozilla Firefox 38.0.1 (x86 nl)" = Mozilla Firefox 38.0.1 (x86 nl)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Picasa 3" = Picasa 3
"Pixum Fotoboek" = Pixum Fotoboek
"Pixum Fotowereld" = Pixum Fotowereld
"PrimoPDF" = PrimoPDF -- brought to you by Nitro PDF Software
"PunkBusterSvc" = PunkBuster Services
"Steam" = Steam
"Steam App 224600" = Defiance
"Steam App 440" = Team Fortress 2
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2351850404-3369495712-1912687821-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"32bce9526e87661e" = Emulator Starter
"HPConnectedMusic" = HP Connected Music (Meridian - player)
"OneDriveSetup.exe" = Microsoft OneDrive
"Spotify" = Spotify
"uTorrent" = Torrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 31/12/2016 13:23:04 | Computer Name = Thomas | Source = ESENT | ID = 494
Description = taskhostw (5716) WebCacheLocal: Tijdens het herstellen van de database
treedt fout -1216 op, omdat er verwijzingen zijn gevonden naar een database, C:\Users\Thomas
Vanhonsebrouc\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat, die niet
meer bestaat. De database is niet in een geldige afsluitingsstaat gebracht voordat
deze is verwijderd (of verplaatst of hernoemd). De database-engine staat niet toe
dat de herstelbewerking voor deze sessie wordt voltooid, voordat de ontbrekende
database opnieuw is genstalleerd. Als de database echt niet meer beschikbaar is
en niet meer vereist is, zijn er procedures voor het corrigeren van deze fout beschikbaar
in de Microsoft Knowledge Base of via de koppeling 'meer informatie' onder aan
dit bericht.

Error - 31/12/2016 13:23:04 | Computer Name = Thomas | Source = ESENT | ID = 454
Description = taskhostw (5716) WebCacheLocal: Het herstellen/terugzetten van de
database is mislukt vanwege de onverwachte fout -1216.

Error - 31/12/2016 13:23:04 | Computer Name = Thomas | Source = ESENT | ID = 486
Description = taskhostw (5716) WebCacheLocal: Een poging het bestand C:\Users\Thomas
Vanhonsebrouc\AppData\Local\Microsoft\Windows\WebCache\V01tmp.log te verplaatsen
naar C:\Users\Thomas Vanhonsebrouc\AppData\Local\Microsoft\Windows\WebCache\V01.log
is mislukt. Systeemfout 183 (0x000000b7): Kan geen bestand maken dat al bestaat.
. Tijdens het verplaatsen van het bestand treedt fout -1814 (0xfffff8ea) op.

Error - 31/12/2016 13:23:04 | Computer Name = Thomas | Source = ESENT | ID = 413
Description = taskhostw (5716) WebCacheLocal: Kan geen nieuw logboekbestand maken,
omdat de database niet naar het logboekstation kan schrijven. Het station heeft
mogelijk te weinig schijfruimte of is alleen-lezen, is onjuist geconfigureerd of
beschadigd. Fout -1032.

Error - 1/01/2017 10:25:30 | Computer Name = Thomas | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 1/01/2017 11:50:48 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 1/01/2017 11:50:48 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 1/01/2017 11:50:49 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 2/01/2017 4:02:03 | Computer Name = Thomas | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 3/01/2017 5:00:48 | Computer Name = Thomas | Source = Office 2013 Licensing Service | ID = 0
Description =

Error - 3/01/2017 5:15:51 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 3/01/2017 5:15:51 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 3/01/2017 5:15:51 | Computer Name = Thomas | Source = Perflib | ID = 1008
Description =

Error - 3/01/2017 14:15:26 | Computer Name = Thomas | Source = Application Hang | ID = 1002
Description = Het programma explorer.exe, versie 10.0.14393.479 reageert niet meer
op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem
beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging
en onderhoud van het Configuratiescherm. Proces-id: 1490 Starttijd: 01d25a1734d88478

Eindtijd:
3105 Toepassingspad: C:\Windows\explorer.exe Rapport-id: 97706d96-d1e0-11e6-8317-142d27264e46

Volledige
pakketnaam met fout: Relatieve toepassings-id van pakket met fout:

Error - 3/01/2017 15:45:00 | Computer Name = Thomas | Source = VSS | ID = 8194
Description =

Error - 3/01/2017 15:45:23 | Computer Name = Thomas | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: Toegang geweigerd. .

Error - 3/01/2017 15:46:19 | Computer Name = Thomas | Source = VSS | ID = 8193
Description =

Error - 3/01/2017 16:19:22 | Computer Name = Thomas | Source = Microsoft-Windows-CAPI2 | ID = 513
Description = De service Cryptografische services is mislukt tijdens het verwerken
van aanroep OnIdentity() op het object System Writer. Details: AddLegacyDriverFiles:
Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System
Error: Toegang geweigerd. .

Error - 3/01/2017 16:19:45 | Computer Name = Thomas | Source = VSS | ID = 8193
Description =

[ System Events ]
Error - 3/01/2017 15:50:01 | Computer Name = Thomas | Source = Service Control Manager | ID = 7000
Description = De Garmin Device Interaction Service-service kan vanwege de volgende
fout niet worden gestart: %%1053

Error - 3/01/2017 15:50:11 | Computer Name = Thomas | Source = DCOM | ID = 10016
Description =

Error - 3/01/2017 15:50:11 | Computer Name = Thomas | Source = DCOM | ID = 10016
Description =

Error - 3/01/2017 15:50:11 | Computer Name = Thomas | Source = DCOM | ID = 10016
Description =

Error - 3/01/2017 15:50:11 | Computer Name = Thomas | Source = DCOM | ID = 10016
Description =

Error - 3/01/2017 15:50:37 | Computer Name = Thomas | Source = Service Control Manager | ID = 7009
Description = Time-out (30000 seconden) tijdens het wachten op het verbinden van
deze service: FontCache3.0.0.0.

Error - 3/01/2017 15:51:14 | Computer Name = Thomas | Source = Service Control Manager | ID = 7022
Description = De Avira Real-Time Protection-service is bij het starten vastgelopen.

Error - 3/01/2017 15:52:33 | Computer Name = Thomas | Source = Service Control Manager | ID = 7000
Description = De Windows Presentation Foundation Font Cache 3.0.0.0-service kan
vanwege de volgende fout niet worden gestart: %%1053

Error - 3/01/2017 15:52:33 | Computer Name = Thomas | Source = Service Control Manager | ID = 7001
Description = De Avira Mail Protection-service is afhankelijk van de Avira Real-Time
Protection-service, die vanwege de volgende fout niet kan worden gestart: %%1070

Error - 3/01/2017 15:52:54 | Computer Name = Thomas | Source = DCOM | ID = 10016
Description =


< End of report >
 
Herhaal de scan met OTL en let er nu op dat je doet conform mijn opdracht.
Het tweede log zal nu niet meer aangemaakt worden!


OTL.exe gebruiken:
    • Windows 2000 en Windows XP: dubbelklik op OTL.exe.
    • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op OTL.exe en kies voor "Als Administrator uitvoeren".


  • Zet een vinkje bij Scan All Users, LOP Check en bij PURITY Check.
  • Kopieer onderstaande in de Code-kader staande tekst en plak deze in het kader onder
    4f9111a6d2a6c-OTL-2.png


    Code:
    services.*
    explorer.exe
    winlogon.exe
    Userinit.exe
    msconfig
    safebootminimal
    drivers32
    netsvcs
    %SYSTEMDRIVE%\*.exe
    %systemroot%\*. /mp /s
    hklm\software\clients\startmenuinternet|command /rs
    hklm\software\clients\startmenuinternet|command /64 /rs
    %systemroot%\*. /mp /s
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\System32\config\*.sav
    %systemroot%\system32\drivers\*.sys /90
    [createrestorepoint]
  • Klik vervolgens op de knop
    50cd93c69be5b-OTL_-_Run_Scan_knop.jpg
    .
  • Verander verder geen andere instellingen in OTL, alleen tenzij ik hiervoor specifiek instructies geef.
  • De scan zal niet heel erg lang duren.
    • Er zullen twee Kladblok-vensters geopend worden wanneer de scan klaar is: OTL.Txt en Extras.txt.
    • Kopieer vervolgens de inhoud van zowel OTL.txt alsmede Extras.txt en plak die gegevens in je volgende bericht.

In geval de inhoud van een van de logs of van beide logs te groot is om te posten, kijk dan hier: Hoe een bijlage toevoegen?
 
Dat ziet er allemaal prima uit.

Nu het volgende: download SystemLook.exe voor 32-bit-Windows
of
download SystemLook.exe voor 64-bit-Windows
  • Download het bestand naar het Bureaublad of verplaats het bestand daar naar toe.

SystemLook.exe opstarten:
  • Windows 2000 en Windows XP: start SystemLook.exe middels dubbelklik op de snelkoppeling.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: start SystemLook.exe middels rechtsklik op de snelkoppeling en dan kiezen voor "Als Administrator uitvoeren".
In het venster dat opent kopieer je onderstaande code:
Code:
[color=#0000FF][SIZE="4"]:filefind
browserchoice[/SIZE][/color]
  • Klik op de knop "Look" om de scan te activeren.
  • Als de scan klaar is opent een tekstbestand (SystemLook.txt).
  • Post de inhoud van dit logbestand.
 
Hierbij het logje van systemlook.

SystemLook 30.07.11 by jpshortstuff
Log created at 09:37 on 04/01/2017 by Thomas Vanhonsebrouc
Administrator - Elevation successful




========== filefind ==========

Searching for "browserchoice"
No files found.

-= EOF =-
 
Jammer, hoe draait jouw Windows momenteel, ik vermoed al sneller - klopt dat?
 
Hallo,

Windows draait idd al heel wat beter.
Ik gebruik nu mbam om malware op tesporen is dit een goede scanner of hebt u nog andere (betere) suggesties.

Groetjes,
 
Een weetje: Malwarebytes MBAM is 's-werelds beste ondemand scanner.
Dat jouw Windows inmiddels sneller is: EmptyTemp: => 29.2 GB tijdelijke gegevens verwijderd (Farbar fix).


Ga naar de site van de
51a5de408905c-th_EsetLogo.png
ESET Online Scanner
  • Klik op de knop ESET Online Scanner
  • Zet een vinkje bij YES, I accept the Terms of Use
  • Klik op Start
  • Sta het ActiveX control toe om te installeren.
    • Zet een vinkje bij de volgende opties:
    • Enable detection of potentially unwanted applications
    • Indien verborgen, open vervolgens Advanced Settings en vink ondervermelde instellingen aan
    • Enable detection of potentially unsafe applications
    • Enable detection of potentially suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
    • Clean threats automatically

    • Notabene: deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Klik op Start
  • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
  • is de scan klaar, sluit het Eset venster dan nog niet.

57c6a6bf1840e-Eset_scanlog.png



  • Zet nu vervolgens in dat venster links onder een vinkje bij Select all en klik dan aansluitend rechtsonder op Save to text file...
  • Er zal nu een kladblok document openen met alle inhoud die ook ook in het Eset scanvenster staat vermeld.
  • Sla nu dit logbestand op als Esetscan - desnoods met datum erbij en kies bij opslaan als bij voorkeur het bureaublad.
  • Selekteer, kopieer en plak dan de inhoud van dit Eset-log in je volgende bericht.

Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
 
Hallo,

Van die scanner krijg ik geen log. Ik heb de scanner tot 3x toe laten lopen maar ik krijg niets van log.

Groetjes,
 
Vermoedelijk heb jij nu de nieuwste versie met de menu instelling niet meer bovenaan maar links in het MBAM-venster.

In die linkerkolom vind je de vermelding Rapporten - klik daarop en dan gaat het om het Scanlog.

Selekteer Scanlog; klik op de knop Rapport bekijken en in het nieuwe venster klik je op Exporteer.


De inhoud van dat scanlog verwacht ik dus in jouw nieuwe antwoord.
 
Hierbij het MBam logje


Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 6/01/2017
Scantijd: 9:47
Logboekbestand: mbamlog.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2017.01.05.08
Rootkit-database: v2016.11.20.01
Licentie: Proef
Malware-bescherming: Ingeschakeld
Bescherming tegen kwaadaardige websites: Ingeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 10
Processor: x64
Bestandssysteem: NTFS
Gebruiker: Thomas Vanhonsebrouc

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 341206
Verstreken tijd: 52 min, 29 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 
Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
Hier de 2 logjes.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 10 Home x64
Ran by Thomas Vanhonsebrouc (Administrator) on vr 13/01/2017 at 18:08:44,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\Thomas Vanhonsebrouc\AppData\Roaming\pdfforge (Folder)



Registry: 3

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Search\\SearchAssistant (Registry Value)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{92B0D2E2-FF96-4F94-8A2A-44E1E3F8D30A} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{92B0D2E2-FF96-4F94-8A2A-44E1E3F8D30A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on vr 13/01/2017 at 18:11:45,57
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





# AdwCleaner v6.042 - Logbestand aangemaakt 13/01/2017 op 18:24:35
# Bijgewerkt op 06/01/2017 door Malwarebytes
# Database : 2017-01-11.1 [Server]
# Besturingssysteem : Windows 10 Home (X64)
# Gebruikersnaam : Thomas Vanhonsebrouc - THOMAS
# Gestart vanuit : C:\Users\Thomas Vanhonsebrouc\Desktop\adwcleaner_6.042.exe
# Mode: Verwijderen
# Ondersteuning : https://www.malwarebytes.com/support



***** [ Services ] *****



***** [ Mappen ] *****



***** [ Bestanden ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Snelkoppelingen ] *****



***** [ Geplande Taken ] *****



***** [ Register ] *****

[-] Sleutel verwijderd: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nl/nct316533952/SQbfYfrmpUpAtuc/bZHWC7
[#] Sleutel verwijderd tijdens herstart: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.nl/nct316533952/SQbfYfrmpUpAtuc/bZHWC7


***** [ Browsers ] *****

[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: nl.search.yahoo.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: search.conduit.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: isearch.avg.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: babylon.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: slirsredirect.search.aol.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: ask.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: trovi.search
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: websearch.mocaflix.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: powerpoint-viewer.nl.softonic.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: logmein-hamachi.nl.softonic.com
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: booedmolknjekdopkepjjeckmjkdpfgl
[-] [C:\Users\Thomas Vanhonsebrouc\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: flpcjncodpafbgdpnkljologafpionhb


*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2810 bytes] - [13/01/2017 18:24:35]
C:\AdwCleaner\AdwCleaner[S0].txt - [3140 bytes] - [13/01/2017 18:23:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [2956 bytes] ##########
 
Ga naar de site van de
51a5de408905c-th_EsetLogo.png
ESET Online Scanner
  • Klik op de knop ESET Online Scanner
  • Zet een vinkje bij YES, I accept the Terms of Use
  • Klik op Start
  • Sta het ActiveX control toe om te installeren.
    • Zet een vinkje bij de volgende opties:
    • Enable detection of potentially unwanted applications
    • Indien verborgen, open vervolgens Advanced Settings en vink ondervermelde instellingen aan
    • Enable detection of potentially unsafe applications
    • Enable detection of potentially suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
    • Clean threats automatically

    • Notabene: deaktiveer tijdelijk de eigen antivirus tijdens de scan, dan is de onlinescan sneller!
  • Klik op Start
  • De computer wordt nu gescand. Dit kan best lang duren, heb dus geduld.
  • is de scan klaar, sluit het Eset venster dan nog niet.

57c6a6bf1840e-Eset_scanlog.png



  • Zet nu vervolgens in dat venster links onder een vinkje bij Select all en klik dan aansluitend rechtsonder op Save to text file...
  • Er zal nu een kladblok document openen met alle inhoud die ook ook in het Eset scanvenster staat vermeld.
  • Sla nu dit logbestand op als Esetscan - desnoods met datum erbij en kies bij opslaan als bij voorkeur het bureaublad.
  • Selekteer, kopieer en plak dan de inhoud van dit Eset-log in je volgende bericht.

Gebruik je een andere browser dan IE, dan download je een kleine webinstaller, esetsmartinstaller_enu.exe.
De Eset Online scanner zal vervolgens in een kleiner venster opstarten, je markeert dan eerst de instelling zoals hierboven aangegeven.
Klik daarna op de knop "Start" - vervolgens zal eerst de database worden gedownload en is dat gebeurd, start de scan.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan