Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 19-02-2017
Gestart door Pat (Beheerder) op PAT-PC (21-02-2017 15:50:09)
Gestart vanaf C:\Users\Pat\Desktop
Geladen Profielen: Pat & postgres & UpdatusUser (Beschikbare Profielen: Pat & postgres & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
(Reprise Software Inc.) C:\Program Files\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
() C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Farbar) C:\Users\Pat\Desktop\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Register (gefilterd) ====================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-10-02] (Power Software Ltd)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-12-30] (Samsung Electronics)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3731728 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [SmileboxTray] => C:\Users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe [350152 2017-01-30] (Smilebox, Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [ExpressVPN4] => C:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exe [807928 2016-12-15] (ExpressVPN)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrictie - Windows Defender <======= AANDACHT
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
ProxyServer: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
AutoConfigURL: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
Tcpip\..\Interfaces\{64A09E13-98C1-4260-AA80-1641DF14C1A3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66A104D6-A509-4ADE-9538-069138875F96}: [DhcpNameServer] 10.16.0.1
Tcpip\..\Interfaces\{FF9AC627-4C0F-4D7F-AED8-D6BCB97B6EC2}: [DhcpNameServer] 195.130.131.5 195.130.130.5
Internet Explorer:
==================
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3375664254-514751222-1770273801-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649 [2017-02-21]
FF Extension: (MEGA) - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\Extensions\firefox@mega.co.nz.xpi [2016-08-19]
FF Extension: (Belgium eID) - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-04-27] [niet getekend]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [Geen bestand]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.be/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=INCOH2&PC=IC03&PTAG=ICO-ca195f9e&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by bing.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Presentaties) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
CHR Extension: (Google Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
CHR Extension: (Google Drive) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
CHR Extension: () - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Spreadsheets) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
CHR Extension: (Offline Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (TradingView Free Quotes and Chat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommjfbdmijjlbhlhnnnfkmbnkpnjpipj [2016-03-29]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-08] (Adobe Systems) [Bestand niet getekend]
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2541248 2016-12-28] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-27] (Disc Soft Ltd)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2016-12-15] () [Bestand niet getekend]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-10-28] (Flexera Software, Inc.)
S2 Foundry FLEXlm Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [1392016 2012-10-30] (Acresso Software Inc.)
R2 Foundry License Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [1474560 2015-04-17] (Reprise Software Inc.) [Bestand niet getekend]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 mi-raysat_3dsmax2010_32; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [86016 2009-03-12] () [Bestand niet getekend]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Bestand niet getekend]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996336 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17304 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2017-01-05] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [65344 2016-09-24] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 cpuz140; C:\Users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [44352 2017-02-21] (CPUID) <==== AANDACHT
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [25104 2015-04-27] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [123968 2016-10-02] (Power Software Ltd)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [23040 2016-12-15] (The OpenVPN Project)
S3 catchme; \??\C:\Users\Pat\AppData\Local\Temp\catchme.sys [X] <==== AANDACHT
S3 eapihdrv; \??\C:\Users\Pat\AppData\Local\Temp\ehdrv.sys [X] <==== AANDACHT
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Gemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-02-21 15:50 - 2017-02-21 15:52 - 00025154 _____ C:\Users\Pat\Desktop\FRST.txt
2017-02-21 14:49 - 2017-02-21 14:49 - 01764864 _____ (Farbar) C:\Users\Pat\Desktop\FRST (1).exe
2017-02-21 13:20 - 2017-02-21 13:20 - 00333526 _____ C:\Users\Pat\Documents\Scan0014.pdf
2017-02-21 13:19 - 2017-02-21 13:19 - 00326104 _____ C:\Users\Pat\Documents\Scan0003.pdf
2017-02-21 12:10 - 2017-02-21 12:11 - 00049561 _____ C:\Users\Pat\Desktop\MTB.txt
2017-02-21 11:29 - 2017-02-21 11:29 - 00000897 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-02-21 11:28 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files\Speccy
2017-02-21 11:26 - 2017-02-21 11:26 - 06293184 _____ (Piriform Ltd) C:\Users\Pat\Downloads\spsetup130.exe
2017-02-21 11:26 - 2017-02-21 11:26 - 00892416 _____ (Farbar) C:\Users\Pat\Desktop\MiniToolBox.exe
2017-02-21 09:57 - 2017-02-21 09:59 - 00080682 _____ C:\Users\Pat\Downloads\fxr_sr_zones_ver2.9.2.ex4
2017-02-21 09:39 - 2017-02-21 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ___RD C:\Program Files\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-20 13:38 - 2014-11-29 09:45 - 03984152 _____ C:\Users\Pat\Desktop\154940729-80-Percenter-Handbook (1).pdf
2017-02-20 12:42 - 2017-02-20 10:18 - 00196384 _____ C:\Users\Pat\Desktop\Robbie's Reversals.ex4
2017-02-20 10:18 - 2017-02-20 10:18 - 00000000 ____D C:\Users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-20 10:14 - 2017-02-20 10:15 - 40019859 _____ (Fx1 Inc) C:\Users\Pat\Downloads\RobbiesReversalsSetup-1-7.exe
2017-02-16 14:09 - 2017-02-16 14:10 - 00000000 ____D C:\Users\Pat\Desktop\trendreversalpoint
2017-02-16 14:05 - 2017-02-16 14:06 - 00014056 _____ C:\Users\Pat\Downloads\trendreversalpoints (1).zip
2017-02-16 11:24 - 2017-02-16 11:24 - 00000000 ____D C:\Users\Pat\Desktop\crack
2017-02-16 11:23 - 2017-02-16 11:23 - 00611294 _____ C:\Users\Pat\Downloads\crack.zip
2017-02-16 11:22 - 2017-02-16 11:22 - 00002177 _____ C:\Users\Public\Desktop\Soccer Match Predictor Demo.lnk
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuralBet
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\Program Files\NeuralBet
2017-02-16 11:20 - 2017-02-16 11:20 - 24157020 _____ (NeuralBet) C:\Users\Pat\Downloads\smp.exe
2017-02-16 10:40 - 2017-02-16 10:40 - 20522250 _____ (CgmBet ) C:\Users\Pat\Downloads\CgmBetSetup (1).exe
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTID
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\Program Files\HTID
2017-02-15 11:24 - 2017-02-15 11:24 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-02-13 01:51 - 2017-02-13 01:51 - 00044473 _____ C:\Users\Pat\Downloads\RSI_Extreme_Binary_System.rar
2017-02-09 16:20 - 2017-02-09 16:21 - 00177394 _____ C:\Users\Pat\Downloads\2be064a0-9b6b-4423-a482-072346dd78b8.pkpass
2017-02-08 23:29 - 2017-02-08 23:29 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f (1).pkpass
2017-02-08 22:29 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Desktop\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:13 - 2017-02-08 22:13 - 00161854 _____ C:\Users\Pat\Desktop\Confirmation.pdf
2017-02-08 22:08 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177393 _____ C:\Users\Pat\Downloads\e65581be-b978-438c-8211-9b8a70ddd4ef.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177392 _____ C:\Users\Pat\Downloads\b220a597-d6fe-4acc-a8ff-421258045cb6.pkpass
2017-02-01 19:23 - 2017-02-01 19:23 - 00002005 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-01 19:23 - 2017-02-01 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-31 23:50 - 2017-01-31 23:50 - 00050511 _____ C:\Users\Pat\Downloads\SYSTEMS 1 TO 5 (1).xlsx
2017-01-31 23:37 - 2017-02-06 09:05 - 00000000 ____D C:\Users\Pat\Desktop\bettingsoftware
2017-01-28 12:15 - 2017-01-28 12:15 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:15 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Desktop\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:12 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-27 22:46 - 2017-01-27 22:46 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-27 22:41 - 2017-01-27 22:41 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-25 23:32 - 2017-01-25 23:33 - 00041660 _____ C:\Users\Pat\Downloads\PZ_DoubleTopBottom.ex4
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-02-21 15:50 - 2015-12-23 17:41 - 00000000 ____D C:\FRST
2017-02-21 15:24 - 2014-12-07 17:27 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:43 - 2015-04-17 20:51 - 00000000 ____D C:\ProgramData\Reprise
2017-02-21 14:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-21 14:37 - 2013-10-13 14:13 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Skype
2017-02-21 13:20 - 2010-11-21 00:57 - 00745674 _____ C:\Windows\system32\perfh013.dat
2017-02-21 13:20 - 2010-11-21 00:57 - 00153594 _____ C:\Windows\system32\perfc013.dat
2017-02-21 13:20 - 2010-11-20 22:01 - 01669560 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 13:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-21 10:29 - 2014-06-01 16:35 - 00000000 ____D C:\Users\Pat\AppData\Local\Adobe
2017-02-21 09:41 - 2013-10-13 14:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-21 09:35 - 2014-10-11 18:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-20 13:41 - 2016-11-18 16:34 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Vantage FX Trader
2017-02-20 13:41 - 2015-10-27 14:37 - 00593920 _____ (Fx1 Inc) C:\Windows\Metasetup.dll
2017-02-20 11:35 - 2016-11-08 23:39 - 00000000 ____D C:\Program Files\FBS Trader 4
2017-02-20 11:35 - 2016-08-14 18:10 - 00000000 ____D C:\Program Files\Traders Way MetaTrader 4
2017-02-20 10:18 - 2016-03-16 19:28 - 00000000 ____D C:\Program Files\NoaFX Trader
2017-02-19 15:39 - 2016-03-28 08:43 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Kodi
2017-02-19 09:52 - 2016-03-28 09:08 - 00000000 ____D C:\Users\UpdatusUser
2017-02-19 09:47 - 2014-11-02 14:42 - 00000000 ____D C:\Users\postgres
2017-02-17 09:18 - 2016-10-17 19:46 - 00000000 ____D C:\Program Files\TrueKey
2017-02-16 18:06 - 2016-10-17 19:58 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-16 00:18 - 2015-12-24 15:37 - 00000000 ____D C:\Windows\rescache
2017-02-15 11:24 - 2014-09-09 22:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-02-15 11:24 - 2013-11-29 20:37 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-02-15 11:24 - 2013-11-29 20:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 13:24 - 2015-04-28 10:42 - 00000000 ____D C:\Program Files\Gyazo
2017-02-08 22:12 - 2013-10-16 09:21 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Adobe
2017-02-07 15:31 - 2016-03-19 19:36 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 15:31 - 2016-03-19 19:36 - 00002109 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 15:19 - 2016-12-24 10:11 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Smilebox
2017-02-01 19:23 - 2016-10-17 19:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Bestanden in de root van sommige mappen =======
2016-03-19 19:35 - 2016-03-19 19:35 - 6871040 _____ () C:\Program Files\GUT1CFF.tmp
2015-02-14 11:23 - 2015-02-14 11:23 - 0001222 _____ () C:\Program Files\suit.log
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 ____H () C:\Users\Pat\AppData\Local\BITE9B2.tmp
2015-02-14 22:16 - 2015-02-14 22:16 - 0007602 _____ () C:\Users\Pat\AppData\Local\Resmon.ResmonCfg
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 _____ () C:\Users\Pat\AppData\Local\{94A47416-2072-4DC4-87C8-333D4FF2E49F}
2014-12-27 18:34 - 2014-12-27 18:34 - 0000107 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-09-03 12:46 - 2016-09-03 12:46 - 0004970 _____ () C:\ProgramData\xgneqrwu.hrx
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-02-16 00:10
==================== Eind van FRST.txt ============================
Extra scanresultaten van Farbar Recovery Scan Tool (x86) Versie: 19-02-2017
Gestart door Pat (21-02-2017 15:53:26)
Gestart vanaf C:\Users\Pat\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2013-10-13 13:02:19)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3375664254-514751222-1770273801-500 - Administrator - Disabled)
Gast (S-1-5-21-3375664254-514751222-1770273801-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3375664254-514751222-1770273801-1002 - Limited - Enabled)
Pat (S-1-5-21-3375664254-514751222-1770273801-1000 - Administrator - Enabled) => C:\Users\Pat
postgres (S-1-5-21-3375664254-514751222-1770273801-1004 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-3375664254-514751222-1770273801-1005 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Microsoft Security Essentials (Disabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Disabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Genstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
5KPlayer 2.2 (HKLM\...\5KPlayer_is1) (Version: - DearMob, Inc.)
Adobe Acrobat DC (HKLM\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Nederlands (HKLM\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe After Effects 7.0 (HKLM\...\Adobe After Effects 7.0) (Version: 7.0.0.244 - Adobe Systems, Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Creative Cloud (HKLM\...\Adobe Creative Cloud) (Version: 2.8.1.451 - Adobe Systems Incorporated)
Adobe Flash Player 24 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)
AmericasCardroom (HKLM\...\296836EA-EF3A-4C36-8C13-3A6C1DB2D4BE) (Version: 16.6 - IGSoft)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Autodesk 3ds Max 2010 32-bit (HKLM\...\{317AC0C7-FEBF-0409-87A3-4FC70D0ED900}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 32-bit Components (HKLM\...\{60A08432-00DD-0409-AC2C-143C75460878}) (Version: 12.0 - Autodesk)
Autodesk 3ds Max 2010 Tutorials Files (HKLM\...\{E551D82D-4D56-4AF7-A2C9-8897D7A0CB00}) (Version: 12.0 - Autodesk)
Autodesk Backburner 2008.1 (HKLM\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2008.1.1 - Autodesk, Inc.)
Autodesk FBX Plugin 2009.4 - 3ds Max 2010 (HKLM\...\Autodesk FBX Plugin 2009.4 - 3ds Max 2010) (Version: - Autodesk)
Autodesk FBX Plug-in 2013.1 - Maya 2013 (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013) (Version: - Autodesk)
Autodesk Maya 2013 32-bit (HKLM\...\Autodesk Maya 2013 32-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 32-bit (Version: 15.0.0.0 - Autodesk) Hidden
Avast Free Antivirus (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
BackgammonMasters Client (HKLM\...\BackgammonMasters_is1) (Version: - )
Belgium e-ID middleware 4.1.10 (build 1698) (HKLM\...\{4DDF16AE-8D5D-4027-A2D1-8CBB498E1698}) (Version: 4.1.1698 - Belgian Government)
BGroom (HKLM\...\BGroom) (Version: - )
Binary Options Trader (HKLM\...\{2D38C785-05CE-4C1D-91DD-FC0AC07EE191}) (Version: 1.4.0 - TradeTools FX)
BlackChipPoker (HKLM\...\FE4D6F94-B3D5-484b-94F7-8BC45DEB7A82) (Version: 16.6 - IGSoft)
Blender (HKLM\...\{4DB84B5C-A382-43A3-AC58-320747DDA983}) (Version: 2.78.1 - Blender Foundation)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.69.1079 - AB Team, d.o.o.)
CameraTracker 1.0v9-CC for AE (HKLM\...\CameraTracker 1.0v9-CC for AE_is1) (Version: - The Foundry)
CCleaner (HKLM\...\CCleaner) (Version: 5.08 - Piriform)
Click Install if prompted (Version: 1.0.0.0 - ExpressVpn) Hidden
Core FTP LE (HKLM\...\CoreFTP) (Version: - )
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 3.0.0.0310 - Disc Soft Ltd)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.7.0.64 - DivX, LLC)
Earth & Sky Forex System Installer 2014 Pierre Du Plessis (HKLM\...\Earth & Sky Forex System Installer 2014 Pierre Du Plessis) (Version: - )
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
EuroMillions Generator version 1.0.1 (HKLM\...\{7DB5DEDA-2533-496B-A544-5100828C6350}_is1) (Version: 1.0.1 - Dmitrijs Volkovs, Esmistudio.com)
ExpressVPN (Version: 6.0.5.1061 - ExpressVPN) Hidden
eXtreme Gammon 2 (HKLM\...\{2F5AF5E1-E021-4832-A423-EF480EC58A0B}_is1) (Version: 2.10 - GameSite 2000, Ltd.)
FBS Trader 4 (HKLM\...\FBS Trader 4) (Version: 4.00 - MetaQuotes Software Corp.)
File Association Helper (HKLM\...\{8975E3CB-A762-4B14-BD62-A3972A098E82}) (Version: 1.2.225.65451 - WinZip Computing International, LLC)
FLT 7.0v2 (HKLM\...\FLT 7.0v2_is1) (Version: - The Foundry)
Forex Income Boss SRT Profit System (HKLM\...\Forex Income Boss SRT Profit System) (Version: - )
Forex Lines 7 + Forex Lines EA (HKLM\...\Forex Lines 7 + Forex Lines EA) (Version: - )
ForexProfitBoost (HKLM\...\ForexProfitBoost) (Version: - )
FreshForex Terminal (HKLM\...\FreshForex Terminal) (Version: 6.00 - MetaQuotes Software Corp.)
FX Triple Profit (HKLM\...\FX Triple Profit) (Version: - )
FXNewsAlert v3.2 (HKLM\...\{6B910800-2D4E-4093-B6F1-A212BEAF1FB8}) (Version: 3.2 - FXNewsAlert)
GNU Backgammon (MAIN branch, 20121023 code) (HKLM\...\GNU Backgammon_is1) (Version: - Free Software Foundation)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Governor of Poker (HKLM\...\{6972FD5E-01D0-4742-8EB0-A0D351CF28FF}) (Version: 1.0.0 - Youdagames)
Governor of Poker 2 (HKLM\...\Governor of Poker 21.0) (Version: 1.0 - Foxy Games)
GoWin!The Football Forecaster Deluxe Edition 2016 (HKLM\...\GoWin!The Football Forecaster Deluxe Edition 2016) (Version: 2016 - GoWin! Software)
Gyazo 3.3.0 (HKLM\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Holdem Indicator 2.5.3 (HKLM\...\Holdem Indicator_is1) (Version: - hxxp://www.HoldemIndicator.com)
Holdem Manager 2 (HKLM\...\HoldemManager2) (Version: - )
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Photosmart 5510 series Basissoftware van het apparaat (HKLM\...\{499DF7DD-0CEB-40ED-AEEF-3C3F92DE2719}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Haelp (HKLM\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Productverbeteringsonderzoek (HKLM\...\{0406AD49-066E-4418-849C-1FFF3DA7D9DC}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Basissoftware van het apparaat (HKLM\...\{FA311D0D-EC05-44E7-82D5-FAC9887AB960}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5510d series Haelp (HKLM\...\{E59ADA18-03DB-44F5-9EF5-0FA25E4D4384}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510d series Productverbeteringsonderzoek (HKLM\...\{2164CC25-F6FA-4F5A-9F68-BDDBCBEF1F4B}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HTID (HKLM\...\HTID) (Version: - )
InertiaTrader EURUSD M5 (HKLM\...\{370C5EF8-FBDB-679C-F67B-090A54FDF685}) (Version: 1.0.0.0 - InertiaTrader.com)
Intel Security True Key (HKLM\...\TrueKey) (Version: 4.12.108.1 - Intel Security)
IQ Option (HKLM\...\IQ Option) (Version: 1.0 - IQOption)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kodi (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Kodi) (Version: - XBMC-Foundation)
Ladbrokes Poker (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Ladbrokes.be Poker) (Version: - )
Levelator (HKLM\...\Levelator) (Version: - )
Lynda.com Desktop App (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\6043ff57df569209) (Version: 1.3.1.87 - Lynda.com)
Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.500.3 - McAfee, Inc.)
MetaTrader 4 (HKLM\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 Admiral Markets AS (HKLM\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movavi Screen Capture Studio 4 (HKLM\...\Movavi Screen Capture Studio 4) (Version: 4.3.3 - MOVAVI)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 2015 (HKLM\...\{407A3427-28FA-4383-8472-972AE71E3262}) (Version: 16.0.03000 - Nero AG)
Nero Burning ROM_Nero Express (HKLM\...\Nero Burning ROM_Nero Express) (Version: - )
Nero BurningROM 2015 (HKLM\...\{0F450417-F5B1-4D9C-B93B-4DC81F3EA954}) (Version: 16.0.01600 - Nero AG)
NoaFX Trader (HKLM\...\NoaFX Trader) (Version: 4.00 - MetaQuotes Software Corp.)
Nuke 8.0v1 (HKLM\...\Nuke 8.0v1_is1) (Version: - The Foundry)
NVIDIA Grafisch stuurprogramma 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Update 1.14.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.14.17 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
OpenOffice 4.1.0 (HKLM\...\{E8A54536-FC41-45AB-9E24-114A0127118C}) (Version: 4.10.9764 - Apache Software Foundation)
PokerStars.be (HKLM\...\PokerStars.be) (Version: - PokerStars.be)
PokerTracker 4 (remove only) (HKLM\...\PokerTracker4) (Version: - )
PostgreSQL 8.4 (HKLM\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
PowerISO (HKLM\...\PowerISO) (Version: 6.7 - Power Software Ltd)
Prerequisite installer (Version: 16.0.0000 - Nero AG) Hidden
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapid Dollar System (HKLM\...\Rapid Dollar System) (Version: - )
RARBG Player (remove only) (HKLM\...\RARBG Player) (Version: - )
RealFlow 2014 (HKLM\...\RealFlow 2014) (Version: - )
Robbie's Reversals (HKLM\...\{37170A7A-651E-E83E-1A73-721CAA81EB4B}) (Version: 1.7.0.0 - Trade with Robbie)
ROULETTE INTERCEPTOR (HKLM\...\ROULETTE INTERCEPTOR) (Version: - )
ROULETTE INTERCEPTOR 3.0 (HKLM\...\ROULETTE INTERCEPTOR 3.0) (Version: - )
Roulette Sniper Version 2.0 (HKLM\...\{91FA5123-41A2-401D-9A60-7A0E075A9A5E}) (Version: 2.00.0000 - Roulette Sniper)
Roulette Xtreme 2.0 (HKLM\...\{27BB3F5D-CC40-5B41-DCF2-C759CFD38A8D}) (Version: 2.4.3.52 - UX Software)
SafeZone Stable 1.51.2220.62 (Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scalper Mastery X (HKLM\...\Scalper Mastery X) (Version: - )
ScalpTraderPRO 2.70 (HKLM\...\ScalpTraderPRO) (Version: 2.70 - ScalpraderPRO.com)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype 7.33 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.104 - Skype Technologies S.A.)
Smilebox (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Smilebox) (Version: 1.0.0.31276 - Smilebox, Inc.)
Soccer Match Predictor 1.6.7 (Demo Version) (HKLM\...\Soccer_0) (Version: 1.6.7 (Demo Version) - NeuralBet)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Stuurprogrammapakket voor Windows - Fedict SmartCard (08/08/2015 4.1.5) (HKLM\...\9F46F7AB1E3B1B5F5482EA8D97F401B04FBF7958) (Version: 08/08/2015 4.1.5 - Fedict)
Swing Trader PRO (HKLM\...\Swing Trader PRO) (Version: - )
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TC2000 v16 (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\TC2000 v16 1.0.0) (Version: 1.0.0 - Worden Brothers, Inc.)
TC2000 v16 (Version: 1.0.0 - Worden Brothers, Inc.) Hidden
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Tickmill MT4 Client Terminal (HKLM\...\Tickmill MT4 Client Terminal) (Version: 4.00 - MetaQuotes Software Corp.)
Todbot version 2.21 (HKLM\...\{6A07C805-00FF-437E-A7E9-283BB1A6FA8C}_is1) (Version: 2.21 - Cardinal)
Tournament Indicator 2.2.4 (HKLM\...\Tournament Indicator_is1) (Version: - hxxp://www.TournamentIndicator.com)
Traders Way MetaTrader 4 (HKLM\...\Traders Way MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
Unity Web Player (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Vicon boujou 5.0.2 (HKLM\...\{C071157F-AB34-4D3F-A0DF-9AC544B3732E}) (Version: 5.0.2 - Vicon Motion Systems)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
VT Trader (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\VT Trader) (Version: - VT Systems, LLC)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.6.0.0 - Azureus Software, Inc.)
Win@Baccarat Online with the Predictor System 6.2.10 (HKLM\...\Win@Baccarat Online with the Predictor System fo~A847703F_is1) (Version: 6.2.10 - Smart Casino Player, Inc.)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Winner Poker (HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\winnerpoker) (Version: - )
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 19.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E6}) (Version: 19.0.11294 - WinZip Computing, S.L. )
WSOP.com (HKLM\...\WSOP.com) (Version: - )
XM MT4 (HKLM\...\XM MT4) (Version: 4.00 - MetaQuotes Software Corp.)
ZBrush 4R7 (HKLM\...\ZBrush 4R7 4R7) (Version: 4R7 - Pixologic)
ZHPDiag 2015 (HKLM\...\ZHPDiag_is1) (Version: 2015 - Nicolas Coolman)
ZHPFix 2015 (HKLM\...\ZHPFix_is1) (Version: 2015 - Nicolas Coolman)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{0F130AC8-CDF1-4DAA-AA9B-7B4083F49EA4}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuthLib.dll ()
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{40D7C9AD-E126-4D66-A5FE-B9D589DC3C84}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\widgets\minigames\minigamesctrl.ocx (Playtech Ltd. All rights reserved.)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx (Unity Technologies ApS)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{492042A2-4432-44A1-9A39-85B2D3C0119E}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PtContainerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{876FA801-2B5E-4201-9E6B-2EF2C05A5C6B}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{89425F5E-A2BD-44CD-9E4F-F1498522F0E5}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarManagerUI.dll (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{9642D229-6B2E-49FD-B6BB-43B37BD97B6B}\localserver32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\PTContainerOle.exe (Playtech Ltd)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1000_Classes\CLSID\{F6F8856F-374D-4397-BB1C-80AB57E60529}\InprocServer32 -> C:\Users\Pat\AppData\Local\Ladbrokes Poker\widgetbar\WidgetbarAPI.dll (Playtech)
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{2D6BD2F0-5F84-4a06-924F-AEE0598B6272}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\postgres\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{79b4acff-94d2-58c5-baf6-23df99c7fcba}\InprocServer32 -> C:\Program Files\thinkorswim\npthinkorswim.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{97836AB9-12C5-4C30-A128-B75196DD1787}\InprocServer32 -> geen bestandpad
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\Pat\AppData\Local\Chrome\Application\41.0.2231.0\delegate_execute.exe" => Geen bestand
CustomCLSID: HKU\S-1-5-21-3375664254-514751222-1770273801-1004_Classes\CLSID\{dcc9a6f3-492c-5f51-a65d-3dd92b26c165}\InprocServer32 -> C:\Program Files\thinkorswim\nptossc.dll => Geen bestand
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {0443B391-AB6C-4C52-8263-7B368F0DAFA5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {1755773A-6DE5-4894-BABD-E670FA6B0C73} - System32\Tasks\{907F642C-DB53-4DA9-967D-031C9AA6A748} => Chrome.exe hxxp://ui.skype.com/ui/0/7.10.85.101/nl/abandoninstall?page=tsProgressBar
Task: {19003073-8E5D-432B-A587-1E899132303D} - \Upload Installer Service -> Geen bestand <==== AANDACHT
Task: {1CAD3E39-C408-4BF9-A929-22BE6A6E3DC5} - System32\Tasks\{8441BC88-55CB-4B73-8EBA-0BA79D560AF8} => Chrome.exe hxxp://ui.skype.com/ui/0/7.3.59.101/nl/abandoninstall?page=tsProgressBar
Task: {1E0CC3AF-09FC-4E07-9088-3A96A66ABD34} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {220C838E-FD90-46C6-A231-8581E4AB2C15} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2E6D9F1B-A763-451E-91E8-90EBD2DEFDDE} - System32\Tasks\{8E55F1B7-DA14-4A0F-B0A0-554E3A7B135C} => Chrome.exe hxxp://ui.skype.com/ui/0/6.18.0.106/nl/abandoninstall?page=tsProgressBar
Task: {31F0863A-CA26-43EC-9AE5-682501B2F665} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {378DD419-4FC9-42E4-9DF3-7ED38261706E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-12-29] (Microsoft Corporation)
Task: {420915A0-A8FB-48EB-BAD0-1DAB0F305A4A} - System32\Tasks\{62128EE0-21CD-423F-A80E-BB2C9AAC6E17} => pcalua.exe -a C:\Users\Pat\Videos\area51\areafx51\areafx51.exe -d C:\Users\Pat\Videos\area51\areafx51
Task: {4CECF071-785D-46D5-950A-D515C74A4FFC} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {54DC2DAB-F71F-4518-8BB2-27DF9AB56948} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {54E20AD0-F8C3-424E-972B-46BBF82AF172} - System32\Tasks\FreeSomeSpace => c:\programdata\{8f2084c4-7349-992d-8f20-084c47341311}\5342187705976337630e.exe <==== AANDACHT
Task: {5CBA8B03-40CE-4C29-BF7B-222811661F5A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-15] (Adobe Systems Incorporated)
Task: {5FB2DD2E-2237-4ACF-8E40-6E5541FAC8C2} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files\Gyazo\GyazoUpdate.exe [2017-02-03] ()
Task: {64B501A6-62D0-4839-B099-9F4C9264BD7C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-03-19] (Google Inc.)
Task: {703625B2-C8F5-476D-82A6-6CEDFE453F0E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {7D0C928F-8753-4C7E-A753-C83932C94D48} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {8A0FCC73-E42E-4481-B230-E48515DDEF55} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {9DF534C3-CA2C-470C-9245-4AD348336507} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2014-07-21] (Nero AG)
Task: {9E90B722-B7AC-45B4-BD40-023953E63FE1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-08] (AVAST Software)
Task: {A325EFC6-DC31-47A1-A225-57E9C9D0893E} - \LuckyTab -> Geen bestand <==== AANDACHT
Task: {A566FE49-BF9A-4CD5-A0E0-183A87F35939} - System32\Tasks\{2682A35E-8F6B-490D-80B4-9C0B75786039} => pcalua.exe -a C:\Users\uninstall.exe
Task: {A9EBE2C7-DC51-47A1-BA9B-29D2DE981852} - System32\Tasks\{30CEF4AB-41AA-4367-9AD2-224E33DAF752} => C:\Program Files\Nuke8.0v1\Nuke8.0.exe [2013-12-02] ()
Task: {AFCC8D2C-18DB-4408-BD8D-2863986684E7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {B097DBE6-B545-47BB-96B3-A7F5343C9605} - System32\Tasks\HPCustParticipation HP Photosmart 5510d series => C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {B0E77B7C-85CC-4AEE-87DD-FCBDC6E6A7C8} - System32\Tasks\{347AD8E2-392C-4915-A277-436370805DF9} => pcalua.exe -a "C:\Program Files\salEprIzeeS\oNQkZgyP71EtVK.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {B4A392F2-AB7C-48F8-BBEF-585241012289} - System32\Tasks\{2DA241DA-602E-4ADC-8BF5-FFBE1A34641F} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.0.101/nl/abandoninstall?page=tsProgressBar
Task: {B7222754-C90C-4484-B66E-287ED863601D} - System32\Tasks\SafeZone scheduled Autoupdate 1466093125 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {C59E7673-C9DD-4DEC-9D2C-8398988114D4} - System32\Tasks\{2B4CD43E-96FB-4E8B-9906-A17C4A6AC4E1} => pcalua.exe -a "C:\Users\Pat\Pictures\goldeneye profit\GoldenEye.exe" -d "C:\Users\Pat\Pictures\goldeneye profit"
Task: {D172CC70-969C-4064-8225-7DC6E5C77829} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-07-17] (Piriform Ltd)
Task: {D4DC79F8-635E-4F1C-BFAF-EFF758ABC162} - \SmartWeb Upgrade Trigger Task -> Geen bestand <==== AANDACHT
Task: {DE9D2595-8981-43C7-A979-CCC216A85E30} - \DNSMOHAWK -> Geen bestand <==== AANDACHT
Task: {F6F42581-D0C7-40AC-8AF6-29617DA245D4} - System32\Tasks\Admin Checker => C:\Users\Pat\AppData\Roaming\Admin Checker\Admin Checker.exe <==== AANDACHT
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2016-03-28 09:08 - 2013-08-30 00:08 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2016-09-08 20:54 - 2016-09-08 20:54 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-21 10:32 - 2017-02-21 10:32 - 05876224 _____ () C:\Program Files\AVAST Software\Avast\defs\17022100\algo.dll
2016-09-08 20:54 - 2016-09-08 20:54 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 36730032 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libcef.dll
2016-12-15 10:45 - 2016-12-15 10:45 - 00294912 _____ () C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
2016-12-15 10:48 - 2016-12-15 10:48 - 08913400 _____ () C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
2016-12-15 10:49 - 2016-12-15 10:49 - 00445944 _____ () C:\Program Files\ExpressVPN\xvpnd\windows\ExpressVPN.FilterManager.dll
2009-03-12 16:36 - 2009-03-12 16:36 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
2014-11-02 14:41 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2014-11-02 14:42 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2014-09-26 14:40 - 2014-09-26 14:40 - 06237856 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2014-09-26 14:40 - 2014-09-26 14:40 - 01029280 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll
2016-12-24 01:14 - 2016-12-24 01:14 - 00679624 _____ () C:\Users\Pat\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00746160 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libglesv2.dll
2014-09-28 21:01 - 2014-09-28 21:01 - 00136368 _____ () C:\Program Files\Adobe\Adobe Creative Cloud\CEF\libegl.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
==================== Hosts Inhoud: ==========================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2009-07-14 03:04 - 2017-02-01 19:23 - 00000064 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
0.0.0.1 mssplus.mcafee.com
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.130.131.5 - 195.130.130.5
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{3BEF0306-7EF1-4D3A-8B62-4CBAB110F087}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{8E07FB81-1AE4-4036-8697-E0E248F0B10A}C:\program files\vuze\azureus.exe] => (Allow) C:\program files\vuze\azureus.exe
FirewallRules: [{50F6B962-4BD0-4E60-B84B-2D176B63CAFD}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{5DECAF2E-A9F2-4BA6-850A-42EF27E005A4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{CB3825C7-2EFC-4C8A-8EAC-BC08EDC49F8D}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{64AC0C81-F5F5-4AB1-AD58-1857A3927D62}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{5128922B-120B-4CE1-9F05-BDC43E25DF1D}] => (Allow) C:\Program Files\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{75AA2D65-92F9-4EDD-9630-26755F71AE86}] => (Allow) C:\Program Files\Holdem Indicator\HoldemIndicator.exe
FirewallRules: [{4351F824-3E11-4D09-81E4-0031CE9AAF43}] => (Allow) LPort=5432
FirewallRules: [{BA080125-ED85-4D9F-938E-004CB76FCEA4}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{88B398CF-67C5-4609-AF06-349481437672}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{E63FED9C-A140-49CD-867A-7A6ECEAD25AD}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{3A00862E-73B5-4CD8-B2D5-5C3546568F2A}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AF9DD9F0-CCF9-4B3E-9ECE-E59F9AAAC0DF}] => (Allow) C:\Program Files\BurningRom\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{40963433-8FED-401A-A33A-F259FD52B8B6}] => (Allow) C:\Program Files\BurningRom\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{1DB72AAB-36F0-432D-AF9D-542E74E00F64}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\DeviceSetup.exe
FirewallRules: [{0D6B2F07-F861-4373-824F-B99E253B147F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{A6F730A6-A61E-46FB-9110-9C7908E6934F}] => (Allow) C:\Program Files\HP\HP Photosmart 5510d series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{6A47E66D-5037-40FE-9784-1BBC0ABA5F1A}] => (Allow) C:\Users\Pat\AppData\Local\Chrome\Application\chrome.exe
FirewallRules: [{E3608F0F-707F-4715-98D3-3735447D1B57}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3C18B6DB-8F2D-40CF-B055-9AC4C720369C}] => (Allow) LPort=2869
FirewallRules: [{A901A34D-021A-4310-9622-9AAEF5650112}] => (Allow) LPort=1900
FirewallRules: [{2C4B9989-44B3-48E7-B0C0-1BD615C03420}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [TCP Query User{20AB0669-F8F7-408F-9B32-5DCDBA99C7C1}C:\program files\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [UDP Query User{6CC611DE-B78E-4F61-A908-85BD3C8143B9}C:\program files\ninjatrader 7\bin\ninjatrader.exe] => (Allow) C:\program files\ninjatrader 7\bin\ninjatrader.exe
FirewallRules: [{14960B79-D08E-4DF4-8814-6059E8ECECBD}] => (Allow) C:\Program Files\MetaTrader 5\metatester.exe
FirewallRules: [{79103592-8059-48B0-83AF-3C77E631B823}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8641D7FC-B35C-4369-B796-52DD25CA7645}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\DeviceSetup.exe
FirewallRules: [{7F56CA8D-BB73-4ABB-A02C-2F98612FCF59}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D66B7586-DE05-41D9-BDE3-4B89206E31B7}] => (Allow) C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{7D959B0F-CE78-4EF4-B01C-98AF8C0891C1}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{DA01D585-D1DA-4D1E-90E8-EED3F392C94E}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{6B4844F5-EA3D-4C82-B4A2-A27B1A3E1BF0}] => (Allow) C:\Program Files\Autodesk\Backburner\monitor.exe
FirewallRules: [{A27253A0-21AC-4A48-AAC3-37BEA449EE1F}] => (Allow) C:\Program Files\Autodesk\Backburner\monitor.exe
FirewallRules: [{41E74B8D-5A09-40C2-A0B5-E4551BBB10AE}] => (Allow) C:\Program Files\Autodesk\Backburner\manager.exe
FirewallRules: [{A6469174-702D-42BF-B648-607F5553BCC7}] => (Allow) C:\Program Files\Autodesk\Backburner\manager.exe
FirewallRules: [{9B7E846F-9101-4A29-BD06-298A244D38D8}] => (Allow) C:\Program Files\Autodesk\Backburner\server.exe
FirewallRules: [{36B4E620-ABED-495D-B503-6576CAB9EC53}] => (Allow) C:\Program Files\Autodesk\Backburner\server.exe
FirewallRules: [{25091CB3-824B-4A8C-9A66-0DFF231B4852}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{E67DC9F7-DBA7-479D-9776-895236046B11}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\3dsmax.exe
FirewallRules: [{77C1BAC7-4080-4C5D-81E1-C255E7B6D2C4}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
FirewallRules: [{33F4B3A4-929D-45EF-A7C2-97695E154982}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
FirewallRules: [{6C23388A-E231-4232-8E1E-D7414D15ABF5}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe
FirewallRules: [{A787CFB9-44A0-4ABD-A74C-D2AB1E8F97C3}] => (Allow) C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32.exe
FirewallRules: [{0EFCD9DD-410B-42D4-928C-8CD4FA7FFAA3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B2B73F11-755C-4D2F-BAEB-DA3CAA63C535}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{112CA5F4-7B17-48DA-A6E0-3A921B70A541}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6B8CC7C9-9E67-4E54-98B4-ABF09FD2A8B6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B2D2FD34-6EE6-4448-83CA-93EE52CC7098}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{6BF784E0-0D17-445C-85C9-5A05A2573E2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{800F994B-F934-40AD-B9C9-82553993E527}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{705C64B7-3A7D-4143-8878-93C8F7CCC743}] => (Allow) C:\Program Files\Tournament Indicator\Indicator.exe
FirewallRules: [{5CEB151E-BAE2-4C0F-BC7E-E60156294A88}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{94893AE0-5D08-43FE-AAC1-B9C01C8591DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{B6931E26-DA39-482D-A21B-29DAF81EF02C}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{45A10545-06BD-4148-8B87-C2DCE39F95DF}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{04A7BA3B-2FD6-4EEF-B9F1-030C2915422A}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BC75CF57-450D-41EE-BF0F-2C4B990E8369}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{59CAFA30-5EF0-4743-BEE2-9B7D01BA6186}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EE81BA39-A7D4-4675-8152-34943C01CF8C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Herstelpunten =========================
18-02-2017 21:29:19 Windows Update
21-02-2017 13:35:45 Removed Java 7 Update 55
21-02-2017 14:32:07 Removed Java 7 Update 55
==================== Defecte Apparaatbeheer Apparaten =============
Name: ExpressVPN Tap Adapter
Description: ExpressVPN Tap Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ExpressVPN
Service: tapexpressvpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling-adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: FingerPrinter Reader
Description: FingerPrinter Reader
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (02/21/2017 02:44:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma Explorer.EXE, versie 6.1.7601.23537 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.
Proces-id: 5fc
Starttijd: 01d28c481c803212
Eindtijd: 0
Toepassingspad: C:\Windows\Explorer.EXE
Rapport-id: e03d562e-f83b-11e6-9898-001f16afe9ed
Error: (02/21/2017 02:44:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.
Error: (02/21/2017 02:43:40 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2017-02-21 14:43:40 CETFATAL: the database system is starting up
Error: (02/21/2017 02:43:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: lmgrd.foundry.exe, versie: 10.8.7.0, tijdstempel: 0x47fe34e0
Naam van module met fout: unknown, versie: 0.0.0.0, tijdstempel: 0x00000000
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000
Id van proces met fout: 0xe74
Starttijd van toepassing met fout: 0x01d28c486e3bbfee
Pad naar toepassing met fout: C:\Program Files\The Foundry\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe
Pad naar module met fout: unknown
Rapport-id: b89d04c4-f83b-11e6-9898-001f16afe9ed
Error: (02/21/2017 02:43:10 PM) (Source: nssm) (EventID: 1018) (User: )
Description: Failed to read registry value AppDirectory:
De bewerking is voltooid.
Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2297318
Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2297318
Error: (02/21/2017 02:28:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/21/2017 02:28:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2296303
Error: (02/21/2017 02:28:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2296303
Systeemfouten:
=============
Error: (02/21/2017 02:44:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Intel Security True Key-service kan vanwege de volgende fout niet worden gestart:
De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (02/21/2017 02:44:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Intel Security True Key.
Error: (02/21/2017 02:43:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Service Installer TrueKey-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.
Error: (02/21/2017 02:42:18 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: De machtigingsinstellingen (toepassingsspecifiek) verlenen geen machtiging aan Starten (Lokaal) voor de COM-servertoepassing met CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
en APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerdershulpprogramma van Component Services.
Error: (02/21/2017 02:37:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.
Error: (02/21/2017 02:37:08 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: De server {F9717507-6651-4EDB-BFF7-AE615179BCCF} heeft zich binnen de vereiste termijn niet bij DCOM geregistreerd.
Error: (02/21/2017 01:49:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op een reactie op een transactie van deze service: TrueKeyScheduler.
Error: (02/21/2017 10:35:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Windows Update-service is bij het starten vastgelopen.
Error: (02/21/2017 10:27:37 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: De Internet Connection Sharing (ICS)-service is bij het starten vastgelopen.
Error: (02/21/2017 10:25:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Service Installer TrueKey-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.
CodeIntegrity:
===================================
Date: 2016-08-01 08:03:06.479
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-08-01 08:03:06.307
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-25 22:17:09.210
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-25 22:17:08.976
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-25 21:55:13.616
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-25 21:55:13.429
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-24 13:07:04.903
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-24 13:07:04.622
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-17 17:24:51.446
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
Date: 2016-07-17 17:24:51.321
Description: De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.
==================== Geheugen info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6400 @ 2.00GHz
Percentage geheugen in gebruik: 43%
Totaal fysiek RAM-geheugen: 3066.84 MB
Beschikbaar fysiek RAM-geheugen: 1719.3 MB
Totaal Virtueel geheugen: 6132 MB
Beschikbaar Virtual geheugen: 3885.61 MB
==================== Schijven ================================
Drive c: () (Fixed) (Total:461.67 GB) (Free:57.9 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00045FB4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=461.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4 GB) - (Type=05)
==================== Eind van Addition.txt ============================
--- Update ---
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x86) Versie: 19-02-2017
Gestart door Pat (Beheerder) op PAT-PC (21-02-2017 15:50:09)
Gestart vanaf C:\Users\Pat\Desktop
Geladen Profielen: Pat & postgres & UpdatusUser (Beschikbare Profielen: Pat & postgres & UpdatusUser)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Nico Mak Computing) C:\Program Files\File Association Helper\FAHWindow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems, Incorporated) C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe
(Reprise Software Inc.) C:\Program Files\The Foundry\LicensingTools7.0\bin\RLM\rlm.foundry.exe
() C:\Program Files\ExpressVPN\xvpnd\xvpnd.exe
() C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
() C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Nero AG) C:\Program Files\Nero\Update\NASvc.exe
(Farbar) C:\Users\Pat\Desktop\FRST (1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Register (gefilterd) ====================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-04-23] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [FAHConsole] => C:\Program Files\File Association Helper\FAHConsole.exe [616632 2014-01-28] (Nico Mak Computing)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Creative Cloud] => C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2694320 2014-10-15] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [448520 2015-04-08] (DivX, LLC)
HKLM\...\Run: [DivXUpdate] => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-10] ()
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-11-15] (AVAST Software)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1870928 2016-12-23] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [406664 2016-10-02] (Power Software Ltd)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1561968 2013-04-23] (Samsung)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe [578560 2013-12-30] (Samsung Electronics)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [3731728 2015-02-27] (Disc Soft Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [Gyazo] => C:\Program Files\Gyazo\GyStation.exe [5077792 2017-02-03] (Nota Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6453528 2015-07-17] (Piriform Ltd)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [SmileboxTray] => C:\Users\Pat\AppData\Roaming\Smilebox\SmileboxTray.exe [350152 2017-01-30] (Smilebox, Inc.)
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\...\Run: [ExpressVPN4] => C:\Program Files\ExpressVPN\xvpn-ui\ExpressVpn.exe [807928 2016-12-15] (ExpressVPN)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x86.dll [2014-09-26] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-09-08] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk [2017-02-01]
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.11.500\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Restrictie - Windows Defender <======= AANDACHT
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
ProxyServer: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
AutoConfigURL: [S-1-5-21-3375664254-514751222-1770273801-1000] => 127.0.0.1:8118
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Hosts: Er zijn meer dan n item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.130.131.5 195.130.130.5
Tcpip\..\Interfaces\{64A09E13-98C1-4260-AA80-1641DF14C1A3}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{66A104D6-A509-4ADE-9538-069138875F96}: [DhcpNameServer] 10.16.0.1
Tcpip\..\Interfaces\{FF9AC627-4C0F-4D7F-AED8-D6BCB97B6EC2}: [DhcpNameServer] 195.130.131.5 195.130.130.5
Internet Explorer:
==================
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3375664254-514751222-1770273801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3375664254-514751222-1770273801-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-10-24] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2016-12-28] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-01-10] (Intel Security)
Toolbar: HKU\S-1-5-21-3375664254-514751222-1770273801-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-06-30] (Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-01-01] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649 [2017-02-21]
FF Extension: (MEGA) - C:\Users\Pat\AppData\Roaming\Mozilla\Firefox\Profiles\zoz98h5j.default-1457083289649\Extensions\firefox@mega.co.nz.xpi [2016-08-19]
FF Extension: (Belgium eID) - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2016-04-27] [niet getekend]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-08]
FF HKLM\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
FF HKLM\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: (Adobe Acrobat DC - Create PDF) - C:\Program Files\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2017-01-13]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-15] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2014-10-15] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/thinkorswim -> C:\Program Files\thinkorswim\npthinkorswim.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-3375664254-514751222-1770273801-1000: tdameritrade.com/tossc -> C:\Program Files\thinkorswim\nptossc.dll [Geen bestand]
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.be/"
CHR DefaultSearchURL: Default -> hxxp://www.bing.com/search?FORM=INCOH2&PC=IC03&PTAG=ICO-ca195f9e&q={searchTerms}
CHR DefaultSearchKeyword: Default -> search provided by bing.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default [2017-02-21]
CHR Extension: (Google Presentaties) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-03-19]
CHR Extension: (Google Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-19]
CHR Extension: (Google Drive) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
CHR Extension: (YouTube) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-19]
CHR Extension: () - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2017-02-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-01-30]
CHR Extension: (Google Spreadsheets) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-03-19]
CHR Extension: (Offline Documenten) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-21]
CHR Extension: (Skype) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-10-28]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-20]
CHR Extension: (TradingView Free Quotes and Chat) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommjfbdmijjlbhlhnnnfkmbnkpnjpipj [2016-03-29]
CHR Extension: (Gmail) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-07]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ====================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2015-02-08] (Adobe Systems) [Bestand niet getekend]
R2 AGSService; C:\Program Files\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-01-19] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-08] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2541248 2016-12-28] (Microsoft Corporation)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1378576 2015-02-27] (Disc Soft Ltd)
R2 ExpressVpnService; C:\Program Files\ExpressVPN\bootstrap\x86\nssm.exe [294912 2016-12-15] () [Bestand niet getekend]
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [1044816 2015-10-28] (Flexera Software, Inc.)
S2 Foundry FLEXlm Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\FLEXlm\lmgrd.foundry.exe [1392016 2012-10-30] (Acresso Software Inc.)
R2 Foundry License Server; C:\Program Files\The Foundry\\LicensingTools7.0\bin\RLM\rlm.foundry.exe [1474560 2015-04-17] (Reprise Software Inc.) [Bestand niet getekend]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.500\McCHSvc.exe [272136 2017-01-19] (McAfee, Inc.)
R2 mi-raysat_3dsmax2010_32; C:\Program Files\Autodesk\3ds Max 2010\mentalray\satellite\raysat_3dsmax2010_32server.exe [86016 2009-03-12] () [Bestand niet getekend]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation)
R2 NAUpdate; C:\Program Files\Nero\Update\NASvc.exe [786256 2014-07-14] (Nero AG)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation)
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Bestand niet getekend]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [996336 2017-01-05] (McAfee, Inc.)
R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [17304 2017-01-05] (McAfee, Inc.)
S3 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [73968 2017-01-05] (McAfee, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Drivers (gefilterd) ======================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [65344 2016-09-24] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-09-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-09-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-09-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [91232 2016-09-08] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-09-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118664 2016-09-08] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-13] (AVAST Software)
S3 cpuz140; C:\Users\Pat\AppData\Local\Temp\cpuz140\cpuz140_x32.sys [44352 2017-02-21] (CPUID) <==== AANDACHT
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [25104 2015-04-27] (Disc Soft Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [123968 2016-10-02] (Power Software Ltd)
S3 tapexpressvpn; C:\Windows\System32\DRIVERS\tapexpressvpn.sys [23040 2016-12-15] (The OpenVPN Project)
S3 catchme; \??\C:\Users\Pat\AppData\Local\Temp\catchme.sys [X] <==== AANDACHT
S3 eapihdrv; \??\C:\Users\Pat\AppData\Local\Temp\ehdrv.sys [X] <==== AANDACHT
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Gemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-02-21 15:50 - 2017-02-21 15:52 - 00025154 _____ C:\Users\Pat\Desktop\FRST.txt
2017-02-21 14:49 - 2017-02-21 14:49 - 01764864 _____ (Farbar) C:\Users\Pat\Desktop\FRST (1).exe
2017-02-21 13:20 - 2017-02-21 13:20 - 00333526 _____ C:\Users\Pat\Documents\Scan0014.pdf
2017-02-21 13:19 - 2017-02-21 13:19 - 00326104 _____ C:\Users\Pat\Documents\Scan0003.pdf
2017-02-21 12:10 - 2017-02-21 12:11 - 00049561 _____ C:\Users\Pat\Desktop\MTB.txt
2017-02-21 11:29 - 2017-02-21 11:29 - 00000897 _____ C:\Users\Public\Desktop\Speccy.lnk
2017-02-21 11:29 - 2017-02-21 11:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-02-21 11:28 - 2017-02-21 11:29 - 00000000 ____D C:\Program Files\Speccy
2017-02-21 11:26 - 2017-02-21 11:26 - 06293184 _____ (Piriform Ltd) C:\Users\Pat\Downloads\spsetup130.exe
2017-02-21 11:26 - 2017-02-21 11:26 - 00892416 _____ (Farbar) C:\Users\Pat\Desktop\MiniToolBox.exe
2017-02-21 09:57 - 2017-02-21 09:59 - 00080682 _____ C:\Users\Pat\Downloads\fxr_sr_zones_ver2.9.2.ex4
2017-02-21 09:39 - 2017-02-21 09:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ___RD C:\Program Files\Skype
2017-02-21 09:39 - 2017-02-21 09:39 - 00000000 ____D C:\Program Files\Common Files\Skype
2017-02-20 13:38 - 2014-11-29 09:45 - 03984152 _____ C:\Users\Pat\Desktop\154940729-80-Percenter-Handbook (1).pdf
2017-02-20 12:42 - 2017-02-20 10:18 - 00196384 _____ C:\Users\Pat\Desktop\Robbie's Reversals.ex4
2017-02-20 10:18 - 2017-02-20 10:18 - 00000000 ____D C:\Users\Pat\AppData\Roaming\ROBBIE'S REVERSALS
2017-02-20 10:14 - 2017-02-20 10:15 - 40019859 _____ (Fx1 Inc) C:\Users\Pat\Downloads\RobbiesReversalsSetup-1-7.exe
2017-02-16 14:09 - 2017-02-16 14:10 - 00000000 ____D C:\Users\Pat\Desktop\trendreversalpoint
2017-02-16 14:05 - 2017-02-16 14:06 - 00014056 _____ C:\Users\Pat\Downloads\trendreversalpoints (1).zip
2017-02-16 11:24 - 2017-02-16 11:24 - 00000000 ____D C:\Users\Pat\Desktop\crack
2017-02-16 11:23 - 2017-02-16 11:23 - 00611294 _____ C:\Users\Pat\Downloads\crack.zip
2017-02-16 11:22 - 2017-02-16 11:22 - 00002177 _____ C:\Users\Public\Desktop\Soccer Match Predictor Demo.lnk
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeuralBet
2017-02-16 11:22 - 2017-02-16 11:22 - 00000000 ____D C:\Program Files\NeuralBet
2017-02-16 11:20 - 2017-02-16 11:20 - 24157020 _____ (NeuralBet) C:\Users\Pat\Downloads\smp.exe
2017-02-16 10:40 - 2017-02-16 10:40 - 20522250 _____ (CgmBet ) C:\Users\Pat\Downloads\CgmBetSetup (1).exe
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTID
2017-02-16 01:01 - 2017-02-16 01:01 - 00000000 ____D C:\Program Files\HTID
2017-02-15 11:24 - 2017-02-15 11:24 - 20359768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2017-02-13 01:51 - 2017-02-13 01:51 - 00044473 _____ C:\Users\Pat\Downloads\RSI_Extreme_Binary_System.rar
2017-02-09 16:20 - 2017-02-09 16:21 - 00177394 _____ C:\Users\Pat\Downloads\2be064a0-9b6b-4423-a482-072346dd78b8.pkpass
2017-02-08 23:29 - 2017-02-08 23:29 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f (1).pkpass
2017-02-08 22:29 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Desktop\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:13 - 2017-02-08 22:13 - 00161854 _____ C:\Users\Pat\Desktop\Confirmation.pdf
2017-02-08 22:08 - 2017-02-08 22:08 - 00177394 _____ C:\Users\Pat\Downloads\2d7815c2-021f-4cf5-bf72-c6ca5f919b8f.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177393 _____ C:\Users\Pat\Downloads\e65581be-b978-438c-8211-9b8a70ddd4ef.pkpass
2017-02-08 22:07 - 2017-02-08 22:07 - 00177392 _____ C:\Users\Pat\Downloads\b220a597-d6fe-4acc-a8ff-421258045cb6.pkpass
2017-02-01 19:23 - 2017-02-01 19:23 - 00002005 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2017-02-01 19:23 - 2017-02-01 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2017-01-31 23:50 - 2017-01-31 23:50 - 00050511 _____ C:\Users\Pat\Downloads\SYSTEMS 1 TO 5 (1).xlsx
2017-01-31 23:37 - 2017-02-06 09:05 - 00000000 ____D C:\Users\Pat\Desktop\bettingsoftware
2017-01-28 12:15 - 2017-01-28 12:15 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:15 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Desktop\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-28 12:12 - 2017-01-28 12:12 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1 (1).xlsx
2017-01-27 22:46 - 2017-01-27 22:46 - 00000165 ____H C:\Users\Pat\Downloads\~$Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-27 22:41 - 2017-01-27 22:41 - 22070814 _____ C:\Users\Pat\Downloads\Forecast Model - Sammy Eisen v17_Q1.xlsx
2017-01-25 23:32 - 2017-01-25 23:33 - 00041660 _____ C:\Users\Pat\Downloads\PZ_DoubleTopBottom.ex4
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2017-02-21 15:50 - 2015-12-23 17:41 - 00000000 ____D C:\FRST
2017-02-21 15:24 - 2014-12-07 17:27 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:55 - 2009-07-14 05:34 - 00031504 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-02-21 14:43 - 2015-04-17 20:51 - 00000000 ____D C:\ProgramData\Reprise
2017-02-21 14:40 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-21 14:37 - 2013-10-13 14:13 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Skype
2017-02-21 13:20 - 2010-11-21 00:57 - 00745674 _____ C:\Windows\system32\perfh013.dat
2017-02-21 13:20 - 2010-11-21 00:57 - 00153594 _____ C:\Windows\system32\perfc013.dat
2017-02-21 13:20 - 2010-11-20 22:01 - 01669560 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-21 13:20 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2017-02-21 10:29 - 2014-06-01 16:35 - 00000000 ____D C:\Users\Pat\AppData\Local\Adobe
2017-02-21 09:41 - 2013-10-13 14:13 - 00000000 ____D C:\ProgramData\Skype
2017-02-21 09:35 - 2014-10-11 18:16 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-20 13:41 - 2016-11-18 16:34 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Vantage FX Trader
2017-02-20 13:41 - 2015-10-27 14:37 - 00593920 _____ (Fx1 Inc) C:\Windows\Metasetup.dll
2017-02-20 11:35 - 2016-11-08 23:39 - 00000000 ____D C:\Program Files\FBS Trader 4
2017-02-20 11:35 - 2016-08-14 18:10 - 00000000 ____D C:\Program Files\Traders Way MetaTrader 4
2017-02-20 10:18 - 2016-03-16 19:28 - 00000000 ____D C:\Program Files\NoaFX Trader
2017-02-19 15:39 - 2016-03-28 08:43 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Kodi
2017-02-19 09:52 - 2016-03-28 09:08 - 00000000 ____D C:\Users\UpdatusUser
2017-02-19 09:47 - 2014-11-02 14:42 - 00000000 ____D C:\Users\postgres
2017-02-17 09:18 - 2016-10-17 19:46 - 00000000 ____D C:\Program Files\TrueKey
2017-02-16 18:06 - 2016-10-17 19:58 - 00001231 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\True Key.lnk
2017-02-16 00:18 - 2015-12-24 15:37 - 00000000 ____D C:\Windows\rescache
2017-02-15 11:24 - 2014-09-09 22:46 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-02-15 11:24 - 2013-11-29 20:37 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-02-15 11:24 - 2013-11-29 20:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-13 13:24 - 2015-04-28 10:42 - 00000000 ____D C:\Program Files\Gyazo
2017-02-08 22:12 - 2013-10-16 09:21 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Adobe
2017-02-07 15:31 - 2016-03-19 19:36 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 15:31 - 2016-03-19 19:36 - 00002109 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-02 15:19 - 2016-12-24 10:11 - 00000000 ____D C:\Users\Pat\AppData\Roaming\Smilebox
2017-02-01 19:23 - 2016-10-17 19:47 - 00000000 ____D C:\Program Files\McAfee Security Scan
==================== Bestanden in de root van sommige mappen =======
2016-03-19 19:35 - 2016-03-19 19:35 - 6871040 _____ () C:\Program Files\GUT1CFF.tmp
2015-02-14 11:23 - 2015-02-14 11:23 - 0001222 _____ () C:\Program Files\suit.log
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 ____H () C:\Users\Pat\AppData\Local\BITE9B2.tmp
2015-02-14 22:16 - 2015-02-14 22:16 - 0007602 _____ () C:\Users\Pat\AppData\Local\Resmon.ResmonCfg
2017-01-06 12:44 - 2017-01-06 12:44 - 0000000 _____ () C:\Users\Pat\AppData\Local\{94A47416-2072-4DC4-87C8-333D4FF2E49F}
2014-12-27 18:34 - 2014-12-27 18:34 - 0000107 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-09-03 12:46 - 2016-09-03 12:46 - 0004970 _____ () C:\ProgramData\xgneqrwu.hrx
==================== Bamital & volsnap ======================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2017-02-16 00:10
==================== Eind van FRST.txt ============================
--- Update ---
IK krijg de addition hier niet geplakt omdat het te lang is krijg ik als melding
--- Update ---
IK krijg de addition hier niet geplakt omdat het te lang is krijg ik als melding