[SOLVED] Pop-ups blocked stuff

axe0

Administrator,
BSOD Academy Instructor,
Security Analyst
Staff member
Joined
May 21, 2015
Posts
3,509
Location
Holland
Today I started to run some scans, because even though I am watching what I do on the internet there is no garantee to stay infection free.
I started with ESET online scanner which found some things, 1 of them was an extension Video Downloader Professional (removed), 2 were pixillion (no idea) and 2 were bittorrent files.
I have removed Bittorrent, because the file was an update file and tried to install Bittorrent again (I sometimes need Bittorrent) but Malwarebytes blocked some things. I sincerely would like to have Bittorrent installed again.
Malwarebytes log:
Protection, 21-1-2016 13:00, SYSTEM, MARTIJN, Protection, Malicious Website Protection, Started, Detection, 21-1-2016 15:46, SYSTEM, MARTIJN, Protection, Malware Protection, File, PUP.Optional.OpenCandy, C:\Users\martijn\AppData\Local\Temp\HYDEBC3.tmp.1453387576\HTA\3rdparty\OCComSDK.dll, Quarantine, [3016af8d4d4c092d2e0188a857abd927]
Detection, 21-1-2016 16:10, SYSTEM, MARTIJN, Protection, Malware Protection, File, PUP.Optional.OpenCandy, C:\Users\martijn\AppData\Local\Temp\HYD9B04.tmp.1453388998\HTA\3rdparty\OCComSDK.dll, Quarantine, [ec5a75c759406acc939c75bb5ca6c040]
Detection, 21-1-2016 16:11, SYSTEM, MARTIJN, Protection, Malware Protection, File, PUP.Optional.OpenCandy, C:\Users\martijn\AppData\Local\Temp\HYDB722.tmp.1453389071\HTA\3rdparty\OCComSDK.dll, Quarantine, [8db978c477220e285ad54ce481811fe1]
Detection, 21-1-2016 16:21, SYSTEM, MARTIJN, Protection, Malware Protection, File, PUP.Optional.Conduit, C:\Users\martijn\AppData\Local\Temp\dlLogic.exe, Quarantine, [be88b3890198a09654dd999343bdda26]
Detection, 21-1-2016 16:21, SYSTEM, MARTIJN, Protection, Malware Protection, File, PUP.Optional.Conduit, C:\Users\martijn\AppData\Local\Temp\spstub.exe, Quarantine, [222439036d2cd85eececa52de11fa25e]
When I checked the logs of Bitdefender, I saw several blocks of different things.
I also ran Adwcleaner which found 2 registry keys.
# AdwCleaner v5.030 - Logfile created 21/01/2016 at 15:48:52# Updated 17/01/2016 by Xplode
# Database : 2016-01-19.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : martijn - MARTIJN
# Running from : E:\Download\Toepassing\adwcleaner_5.030.exe
# Option : Scan
# Support : Forum - ToolsLib


***** [ Services ] *****




***** [ Folders ] *****




***** [ Files ] *****




***** [ DLL ] *****




***** [ Shortcuts ] *****




***** [ Scheduled tasks ] *****




***** [ Registry ] *****


Key Found : HKLM\SOFTWARE\Classes\.bdcm
Key Found : HKLM\SOFTWARE\Classes\.bdcr


***** [ Web browsers ] *****




########## EOF - C:\AdwCleaner\AdwCleaner[S22].txt - [646 bytes] ##########

Other logs:
Results of screen317's Security Check version 1.014 --- 12/23/15
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Bitdefender Antivirus
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 66
Mozilla Firefox (43.0.4)
Google Chrome (47.0.2526.106)
Google Chrome (47.0.2526.111)
````````Process Check: objlist.exe by Laurent````````
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Exploit mbae-svc.exe
Malwarebytes Anti-Malware mbamscheduler.exe
Malwarebytes Anti-Exploit mbae64.exe
Malwarebytes Anti-Exploit mbae.exe
Bitdefender Bitdefender 2015 vsserv.exe
Bitdefender Bitdefender 2015 updatesrv.exe
Bitdefender Bitdefender SafeBox safeboxservice.exe
Bitdefender Bitdefender 2015 bdagent.exe
Bitdefender Bitdefender 2015 seccenter.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````


Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:18-01-2016
Gestart door martijn (Beheerder) op MARTIJN (21-01-2016 16:44:27)
Gestart vanaf C:\Users\martijn\Desktop
Geladen Profielen: martijn (Beschikbare Profielen: martijn)
Platform: Windows 8.1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: IE)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


==================== Processen (gefilterd) =================


(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)


(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender Safebox\safeboxservice.exe
(VMware, Inc.) E:\Installaties\VMware\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
() E:\Installaties\VMware\vmware-hostd.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
() C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe




==================== Register (gefilterd) ===========================


(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)


HKLM\...\Run: [DellWPF] => C:\Program Files\Synaptics\SynTP\DellTouchpad.exe [4875576 2012-09-20] ()
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2796272 2013-11-22] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7666392 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1391472 2014-12-11] (Realtek Semiconductor)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1689576 2015-02-06] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2621240 2015-11-18] (Malwarebytes Corporation)
HKLM-x32\...\Run: [Sound Blaster Tactic3D Control Panel] => C:\Program Files (x86)\Creative\Sound Blaster Tactic(3D)\Sound Blaster Tactic(3D) Control Panel\Tactic3D.exe [2091008 2014-07-03] (Creative Technology Ltd)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe [3333632 2012-08-16] ()
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [Google Update] => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-03-09] (Google Inc.)
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [MusicManager] => C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7643136 2015-11-17] (Google Inc.)
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Run: [AirDroid 3] => E:\Installaties\Airdroid\AirDroid.exe [7388672 2015-12-19] (Sand Studio)
HKU\S-1-5-18\...\Run: [KSS] => "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe" autorun
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [__SafeBox1] -> {152C96EB-288E-4EDC-B7C6-D21F8250ADF3} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox2] -> {342DAA0B-D796-460D-8566-901E08A1CCAD} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox3] -> {57595DAE-1AE1-4D97-A49E-67CBB53B52DF} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers: [__SafeBox4] -> {33816773-98AE-4723-ADE0-EBE54C8B5A67} => C:\Program Files\Bitdefender\Bitdefender SafeBox\SafeBoxShell.dll [2014-07-04] (Bitdefender)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2016-01-20]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)


==================== Internet (gefilterd) ====================


(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)


Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 88.159.1.200 88.159.1.201
Tcpip\..\Interfaces\{5CD58352-BC0C-4825-8119-0F5B32FB06D9}: [DhcpNameServer] 88.159.1.200 88.159.1.201


Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Bitdefender Wallet -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-08] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-08] (Oracle Corporation)
Toolbar: HKLM - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKLM-x32 - Bitdefender Wallet - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-01-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001 -> Geen Naam - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Geen bestand
DPF: HKLM-x32 {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} hxxp://quickscan.bitdefender.com/qsax/qsax.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-05-05] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)


FireFox:
========
FF ProfilePath: C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474
FF Session Restore: -> is ingeschakeld.
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-04] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-08] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [Geen bestand]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3463171804-1537994893-3906066650-1001: @tools.google.com/Google Update;version=3 -> C:\Users\martijn\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-31] (Google Inc.)
FF Plugin HKU\S-1-5-21-3463171804-1537994893-3906066650-1001: @tools.google.com/Google Update;version=9 -> C:\Users\martijn\AppData\Local\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-31] (Google Inc.)
FF SearchPlugin: C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474\searchplugins\firefox-add-ons.xml [2015-03-19]
FF Extension: Flashblock - C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a} [2016-01-03]
FF Extension: Battlefield Heroes Updater - C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474\Extensions\battlefieldheroespatcher@ea.com [2015-03-21] [ niet getekend]
FF Extension: Firebug - C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474\Extensions\firebug@software.joehewitt.com.xpi [2015-10-27]
FF Extension: Adblock Plus - C:\Users\martijn\AppData\Roaming\Mozilla\Firefox\Profiles\hdjgqaxx.default-1426707180474\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext [2015-03-24] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-03-24] [ niet getekend]
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdtbext


Chrome:
=======
CHR Session Restore: Default -> is ingeschakeld.
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.866\_platform_specific\win_x86\widevinecdmadapter.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-20]
CHR Extension: (YouTube) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Play Music) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2016-01-01]
CHR Extension: (AdBlock) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-01-20]
CHR Extension: (Google Play Music) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2015-08-31]
CHR Extension: (Video Blocker) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\jknkjnpcbbgcbdbaampbjlhkcghmgfhk [2015-08-31]
CHR Extension: (Ghostery) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Password Alert) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\noondiphcddnnabmjcihcjfbhfklnnep [2015-08-31]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-08-31]
CHR Extension: (Gmail) - C:\Users\martijn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-31]
CHR Extension: (Game Debate PC System Requirement Tool) - E:\Download\Game-Debate\GD-Anywhere-5.4.6 [2015-12-18]
CHR HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\martijn\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx <niet gevonden>
CHR HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - hxxps://clients2.google.com/service/update2/crx


Opera:
=======
StartMenuInternet: (HKLM) OperaStable - D:\Installaties\Opera\Launcher.exe


==================== Services (gefilterd) ========================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


S3 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2014-07-17] (Apache Software Foundation) [Bestand niet getekend]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S3 BdDesktopParental; C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe [78144 2014-12-09] (Bitdefender)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-03-15] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [423424 2011-10-19] (Creative Technology Ltd) [Bestand niet getekend]
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-18] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-18] (Dropbox, Inc.)
S4 FileZilla Server; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project) [Bestand niet getekend]
S4 FileZillaServer; C:\xampp\filezillaftp\filezillaserver.exe [632320 2012-02-26] (FileZilla Project) [Bestand niet getekend]
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-30] (Intel Corporation)
S4 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [125168 2014-12-03] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Bestand niet getekend]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-04] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [739640 2015-11-18] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S2 MSSQL$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [69964448 2015-04-03] (Microsoft Corporation)
S3 mysql; C:\xampp\mysql\bin\mysqld.exe [11021824 2014-09-11] () [Bestand niet getekend]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-21] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [75136 2015-11-19] ()
S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Bestand niet getekend]
S4 ReflectService.exe; E:\Installaties\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
S3 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [292568 2014-12-11] (Realtek Semiconductor)
R2 SafeBox; C:\Program Files\Bitdefender\Bitdefender SafeBox\safeboxservice.exe [94624 2013-07-08] (Bitdefender)
S4 SQLAgent$SQLEXPRESS; c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [441512 2015-04-03] (Microsoft Corporation)
S3 Tomcat7; C:\xampp\tomcat\bin\tomcat7.exe [86656 2014-09-26] (Apache Software Foundation)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2014-10-27] (Bitdefender)
R2 VMAuthdService; E:\Installaties\VMware\vmware-authd.exe [87744 2015-11-03] (VMware, Inc.)
R2 VMwareHostd; E:\Installaties\VMware\vmware-hostd.exe [12731584 2015-11-03] ()
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1547936 2015-02-12] (Bitdefender)
S3 wampapache; c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe [22016 2013-06-23] (Apache Software Foundation) [Bestand niet getekend]
S3 wampmysqld; c:\wamp\bin\mysql\mysql5.6.12\bin\mysqld.exe [10923520 2013-06-23] () [Bestand niet getekend]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)


===================== Drivers (gefilterd) ==========================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [35496 2012-07-09] (Advanced Micro Devices, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1306464 2015-01-14] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [262544 2015-01-23] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [677104 2015-01-14] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender)
R1 BdfNdisf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys [98768 2014-12-15] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [107008 2013-07-29] (BitDefender LLC)
S3 bdfwfpf_pc; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf_pc.sys [121928 2013-07-02] (Bitdefender SRL)
R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [79192 2013-07-30] (BitDefender)
S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-10-28] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1448248 2014-11-26] (Motorola Solutions, Inc.)
S3 DDDriver; C:\Windows\system32\drivers\DDDriver64Dcsa.sys [23760 2015-02-26] (Dell Computer Corporation)
S3 DellProf; C:\Windows\system32\drivers\DellProf.sys [24240 2015-05-22] (Dell Computer Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-11-18] ()
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [155912 2014-10-22] (BitDefender LLC)
R1 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [109272 2015-10-05] (Malwarebytes)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-04] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3345376 2013-08-31] (Intel Corporation)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [168968 2015-10-12] (Windows (R) Win 7 DDK provider)
S3 ptun0901; C:\Windows\system32\DRIVERS\ptun0901.sys [27136 2015-01-26] (The OpenVPN Project)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [376024 2015-03-11] (Realsil Semiconductor Corporation)
S3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-21] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2013-11-22] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.)
S3 UHSfiltv; C:\Windows\system32\drivers\UHSfiltv.sys [23552 2014-12-22] (Creative Technology Ltd.)
S1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102664 2014-10-17] ()
S1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25992 2014-10-17] ()
S1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [700680 2014-10-17] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Bestand niet getekend]
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2015-05-21] (VMware, Inc.)
S3 VSPerfDrv100; D:\Installatie\VisualStudio2010\Team Tools\Performance Tools\x64\VSPerfDrv100.sys [68440 2011-01-18] (Microsoft Corporation)
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-08-28] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 dtultrascsibus; \SystemRoot\System32\drivers\dtultrascsibus.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]


==================== NetSvcs (gefilterd) ===================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)




==================== Een Maand Aangemaakt bestanden en mappen ========


(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


2016-01-21 16:44 - 2016-01-21 16:44 - 02370560 _____ (Farbar) C:\Users\martijn\Desktop\FRST64.exe
2016-01-21 16:44 - 2016-01-21 16:44 - 00035378 _____ C:\Users\martijn\Desktop\FRST.txt
2016-01-21 16:22 - 2016-01-21 16:22 - 00481808 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-01-21 14:15 - 2016-01-21 14:15 - 00000000 ____D C:\Program Files (x86)\ESET
2016-01-17 14:17 - 2016-01-17 14:17 - 00002422 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002415 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002360 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-01-17 14:17 - 2016-01-17 14:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's
2016-01-17 14:08 - 2016-01-17 14:08 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-01-17 14:06 - 2016-01-17 14:06 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-01-14 09:53 - 2016-01-14 09:54 - 00000000 ____D C:\Users\martijn\AppData\Roaming\HD Tune Pro
2016-01-14 09:53 - 2016-01-14 09:53 - 00000689 _____ C:\Users\martijn\Desktop\HD Tune Pro.lnk
2016-01-14 09:53 - 2016-01-14 09:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune Pro
2016-01-13 17:19 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 17:19 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 17:19 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 17:19 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 17:19 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 17:19 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 17:19 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 17:19 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 17:19 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 17:19 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 17:19 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 17:19 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 17:19 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 17:19 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 17:19 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 17:19 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 17:19 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 17:19 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 17:19 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 17:19 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 17:19 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 17:18 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 17:18 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 17:18 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 17:18 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 17:18 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 17:18 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 17:18 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 17:18 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 17:18 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 17:18 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 17:18 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 17:18 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 17:18 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 17:18 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 17:18 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 17:18 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 17:18 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 17:18 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 17:18 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 17:18 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 17:18 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 17:18 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 17:18 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 17:18 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 17:18 - 2015-12-03 18:58 - 00378880 ____C (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 17:18 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 17:18 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 17:18 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 17:18 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 17:18 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 17:18 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 17:18 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 17:18 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 17:18 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 17:18 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 17:18 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 17:18 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 17:18 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 17:18 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 17:18 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 17:18 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 17:18 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 17:18 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-10 11:39 - 2016-01-10 11:39 - 00000767 _____ C:\Users\martijn\Desktop\Start Tor Browser.lnk
2016-01-10 11:39 - 2016-01-10 11:39 - 00000767 _____ C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-07 23:29 - 2016-01-07 23:29 - 00001039 _____ C:\Users\martijn\Desktop\Crucial Storage Executive Client.lnk
2016-01-07 23:29 - 2016-01-07 23:29 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Crucial Storage Executive
2016-01-07 10:25 - 2016-01-09 00:58 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-06 18:09 - 2016-01-11 18:14 - 01721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2016-01-06 18:09 - 2016-01-11 18:14 - 01002728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller2.dll
2016-01-05 21:57 - 2016-01-05 21:57 - 00000701 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-01-02 22:17 - 2016-01-02 22:17 - 00000000 ____D C:\Users\martijn\AppData\Roaming\dvdcss
2016-01-01 11:17 - 2016-01-01 11:17 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2015-12-31 13:23 - 2015-12-31 13:23 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2015-12-31 13:22 - 2015-12-31 13:22 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d143c5e19d2f3d.job
2015-12-30 18:54 - 2016-01-18 13:40 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Skype
2015-12-30 18:54 - 2015-12-30 18:54 - 00002707 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-30 18:54 - 2015-12-30 18:54 - 00000000 ____D C:\ProgramData\Skype
2015-12-30 18:54 - 2015-12-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-30 12:49 - 2015-12-30 12:49 - 00000000 _SHDL C:\Users\martijn\SysnativeBSODApps
2015-12-30 12:49 - 2015-12-30 12:49 - 00000000 _SHDL C:\Users\Default.migrated\SysnativeBSODApps
2015-12-30 10:20 - 2015-12-30 10:20 - 00466520 _____ (Creative Labs) C:\WINDOWS\system32\wrap_oal.dll
2015-12-30 10:20 - 2015-12-30 10:20 - 00445016 _____ (Creative Labs) C:\WINDOWS\SysWOW64\wrap_oal.dll
2015-12-30 10:20 - 2015-12-30 10:20 - 00123480 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\system32\OpenAL32.dll
2015-12-30 10:20 - 2015-12-30 10:20 - 00109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\WINDOWS\SysWOW64\OpenAL32.dll
2015-12-30 10:20 - 2015-12-30 10:20 - 00000000 ___HD C:\Program Files (x86)\Creative Installation Information
2015-12-30 10:20 - 2014-06-03 16:15 - 00033735 _____ C:\WINDOWS\system32\UHS.ini
2015-12-30 10:20 - 2014-04-25 16:33 - 01898496 ____N (Creative) C:\WINDOWS\system32\Sens_oal.dll
2015-12-30 10:20 - 2014-04-25 16:29 - 01609728 ____N (Creative) C:\WINDOWS\SysWOW64\Sens_oal.dll
2015-12-30 10:20 - 2014-03-24 10:38 - 00089600 _____ C:\WINDOWS\system32\CmdRtr64.DLL
2015-12-30 10:20 - 2014-03-24 10:37 - 00074240 _____ C:\WINDOWS\SysWOW64\CmdRtr.DLL
2015-12-30 10:20 - 2014-03-24 10:36 - 00366080 _____ C:\WINDOWS\system32\APOMgr64.DLL
2015-12-30 10:20 - 2014-03-24 10:33 - 00274944 _____ C:\WINDOWS\SysWOW64\APOMngr.DLL
2015-12-25 10:01 - 2015-12-25 10:13 - 00000000 ____D C:\ProgramData\AMD
2015-12-25 00:19 - 2015-12-30 18:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-24 22:31 - 2015-12-24 22:31 - 00000000 ____D C:\WINDOWS\{30550AA4-121E-4E1D-BBD0-5E6B21819F1C}
2015-12-23 21:57 - 2015-12-31 23:48 - 00003826 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1450904227
2015-12-23 21:57 - 2015-12-23 21:57 - 00000809 _____ C:\Users\Public\Desktop\Opera.lnk
2015-12-23 21:57 - 2015-12-23 21:57 - 00000809 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-23 21:57 - 2015-12-23 21:57 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Opera Software
2015-12-23 21:57 - 2015-12-23 21:57 - 00000000 ____D C:\Users\martijn\AppData\Local\Opera Software


==================== Een Maand Gewijzigd bestanden en mappen ========


(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


2016-01-21 16:44 - 2015-08-31 21:15 - 00001080 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-21 16:44 - 2015-06-17 08:37 - 00000000 ____D C:\FRST
2016-01-21 16:42 - 2015-03-17 14:05 - 00003818 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BDE848ED-70B0-40F7-A357-1C3D152D3DB4}
2016-01-21 16:39 - 2015-03-13 09:47 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2016-01-21 16:29 - 2015-11-18 13:24 - 00001032 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-01-21 16:28 - 2014-11-21 09:44 - 02232902 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-21 16:28 - 2014-11-21 09:05 - 00954722 _____ C:\WINDOWS\system32\perfh013.dat
2016-01-21 16:28 - 2014-11-21 09:05 - 00224192 _____ C:\WINDOWS\system32\perfc013.dat
2016-01-21 16:28 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-21 16:27 - 2015-03-09 19:22 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3463171804-1537994893-3906066650-1001
2016-01-21 16:22 - 2015-11-18 13:24 - 00001028 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-01-21 16:22 - 2015-08-31 21:15 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-21 16:22 - 2015-08-12 08:47 - 00000000 ___DO C:\Users\martijn\Onedrive
2016-01-21 16:22 - 2015-03-31 11:50 - 00000000 ____D C:\ProgramData\VMware
2016-01-21 16:22 - 2015-03-09 20:36 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-21 16:22 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-21 16:22 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-21 16:21 - 2015-09-12 11:34 - 00148765 _____ C:\bdlog.txt
2016-01-21 16:21 - 2013-08-22 14:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-01-21 16:07 - 2015-03-27 15:00 - 00000000 ____D C:\Users\martijn\AppData\Local\CrashDumps
2016-01-21 15:56 - 2015-08-16 21:58 - 00000000 ____D C:\AdwCleaner
2016-01-21 15:47 - 2015-03-09 20:13 - 00000000 ____D C:\Users\martijn\AppData\Roaming\MusicBee
2016-01-21 15:10 - 2015-03-09 21:06 - 00000000 ____D C:\ProgramData\Origin
2016-01-21 12:02 - 2015-09-03 12:03 - 00000000 ____D C:\Users\martijn\AppData\Local\VMware
2016-01-21 12:02 - 2015-03-31 12:02 - 00000000 ____D C:\Users\martijn\AppData\Roaming\VMware
2016-01-21 11:16 - 2015-03-09 19:39 - 00000000 ____D C:\Users\martijn\AppData\Roaming\vlc
2016-01-21 10:30 - 2015-10-26 23:01 - 00000000 ____D C:\Users\martijn\SysnativeResults
2016-01-19 14:02 - 2015-03-09 19:12 - 00000000 ____D C:\Users\martijn\AppData\Local\Packages
2016-01-18 21:29 - 2012-07-26 09:12 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-17 14:36 - 2015-08-13 09:50 - 00000000 ____D C:\Program Files\Microsoft Office
2016-01-17 14:35 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-17 14:12 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-01-17 10:06 - 2014-08-26 14:27 - 00000000 ____D C:\temp
2016-01-17 00:41 - 2015-10-15 09:09 - 00000262 __RSH C:\ProgramData\ntuser.pol
2016-01-17 00:33 - 2015-07-16 09:29 - 00001002 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-01-16 19:05 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-01-16 18:51 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-16 15:05 - 2015-03-09 19:38 - 00000699 _____ C:\Users\martijn\Desktop\MusicBee.lnk
2016-01-16 14:17 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2016-01-16 12:57 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-16 11:26 - 2015-08-11 19:50 - 00000502 _____ C:\WINDOWS\Tasks\Macrium-Backup-{0B8D3648-2BF9-4B8E-BDEF-0C647A52448E}.job
2016-01-16 11:25 - 2015-08-10 13:41 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-16 11:25 - 2015-08-10 13:41 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-16 11:25 - 2015-06-05 06:46 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-15 21:49 - 2015-07-13 09:35 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-15 21:49 - 2015-05-14 09:25 - 00003886 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-15 18:49 - 2015-03-09 19:31 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Dropbox
2016-01-15 15:51 - 2015-03-13 22:51 - 00000000 ____D C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-01-15 10:45 - 2015-09-17 23:28 - 00002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-15 00:08 - 2015-03-10 10:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SDKs
2016-01-13 23:49 - 2015-12-09 23:48 - 00000510 _____ C:\WINDOWS\Tasks\Macrium-Backup-{6981B61A-A82C-47D0-B09D-E6BB85A2E6CF}.job
2016-01-13 21:52 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-13 20:52 - 2015-03-11 19:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 20:52 - 2015-03-11 19:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 20:51 - 2015-03-11 19:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 20:47 - 2015-08-13 09:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-01-13 20:47 - 2015-03-24 14:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 20:42 - 2015-03-11 20:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 20:37 - 2015-03-11 20:28 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-10 20:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-09 00:58 - 2015-08-10 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-07 14:28 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-01-05 21:57 - 2015-10-07 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-01-05 21:04 - 2014-11-21 14:11 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-05 21:04 - 2014-11-21 14:11 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-04 13:57 - 2015-09-12 08:15 - 00000852 _____ C:\Users\martijn\Desktop\Speccy.lnk
2016-01-03 23:05 - 2015-03-15 13:49 - 00000000 ____D C:\Users\martijn
2016-01-03 15:26 - 2015-08-16 10:20 - 00000502 _____ C:\WINDOWS\Tasks\Macrium-Backup-{4FD59CAF-DB68-45B9-8086-E5B9E29A38DD}.job
2016-01-03 09:48 - 2015-07-16 09:29 - 00003968 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-01-01 11:50 - 2013-09-25 16:27 - 00000000 ____D C:\sources
2015-12-31 13:23 - 2015-03-09 19:20 - 00000000 ____D C:\Users\martijn\AppData\Local\Google
2015-12-31 13:22 - 2015-08-10 22:43 - 00000880 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d0d3b5984627ee.job
2015-12-30 18:43 - 2015-03-09 20:14 - 00003162 _____ C:\WINDOWS\System32\Tasks\{EC4D7012-3B8E-4A13-841C-7115FAF8E30F}
2015-12-30 18:43 - 2015-03-09 19:26 - 00003138 _____ C:\WINDOWS\System32\Tasks\{D9B11445-E57C-44FA-8151-8D092D5E0F68}
2015-12-30 12:49 - 2012-07-26 06:37 - 00000000 ____D C:\Users\Default.migrated
2015-12-30 10:28 - 2015-03-10 06:15 - 00000000 ____D C:\ProgramData\Creative
2015-12-30 10:28 - 2015-03-09 21:39 - 00025222 _____ C:\Users\martijn\AppData\Local\sh20120914.dat
2015-12-30 10:20 - 2015-03-09 22:09 - 00000414 ___RH C:\WINDOWS\ctfile.rfc
2015-12-30 10:20 - 2015-03-09 22:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
2015-12-30 10:20 - 2015-03-09 22:08 - 00000000 ____D C:\Program Files\Creative
2015-12-30 10:20 - 2015-03-09 22:07 - 00000000 ____D C:\Program Files (x86)\Creative
2015-12-30 10:19 - 2015-03-09 22:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-25 08:57 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\registration
2015-12-24 22:42 - 2015-03-10 21:23 - 00000000 ____D C:\ProgramData\Dell
2015-12-22 22:04 - 2015-03-09 20:15 - 00000000 ____D C:\Program Files\CCleaner


==================== Bestanden in de root van sommige mappen =======


2015-12-07 19:05 - 2015-12-07 19:05 - 0000000 _____ () C:\Users\martijn\AppData\Local\debuggee.mdmp
2015-07-22 22:41 - 2015-07-22 22:41 - 0041775 _____ () C:\Users\martijn\AppData\Local\Perfmon.PerfmonCfg
2015-03-24 15:39 - 2015-05-10 11:11 - 0007605 _____ () C:\Users\martijn\AppData\Local\resmon.resmoncfg
2015-03-09 21:39 - 2015-12-30 10:28 - 0025222 _____ () C:\Users\martijn\AppData\Local\sh20120914.dat
2015-08-17 15:14 - 2015-06-01 20:50 - 0010240 _____ () C:\Users\martijn\AppData\Local\Z@!-c97732d1-e3f8-4d26-a766-5204038c6f32.tmp
2015-08-17 15:14 - 2015-06-01 20:50 - 0009216 _____ () C:\Users\martijn\AppData\Local\Z@S!-967c823d-ec56-428f-a177-f80eea410a07.tmp
2015-12-21 17:22 - 2015-12-21 17:22 - 0103850 _____ () C:\ProgramData\1450714938.bdinstall.bin
2015-03-20 18:28 - 2015-03-20 18:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl


==================== Bamital & volsnap =================


(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend




LastRegBack: 2016-01-21 13:46


==================== Eind van FRST.txt ============================
 
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:18-01-2016
Gestart door martijn (2016-01-21 16:45:02)
Gestart vanaf C:\Users\martijn\Desktop
Windows 8.1 (X64) (2015-03-15 13:33:47)
Boot Modus: Normal
==========================================================




==================== Accounts: =============================


Administrator (S-1-5-21-3463171804-1537994893-3906066650-500 - Administrator - Disabled)
Gast (S-1-5-21-3463171804-1537994893-3906066650-501 - Limited - Disabled)
martijn (S-1-5-21-3463171804-1537994893-3906066650-1001 - Administrator - Enabled) => C:\Users\martijn


==================== Security Center ========================


(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)


AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D}
AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Bitdefender Antispyware (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46}


==================== Geïnstalleerde programma's ======================


(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)


Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AirDroid 3.0.4.0 (HKLM-x32\...\AirDroid) (Version: 3.0.4.0 - Sand Studio)
Apple Application Support (32-bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Auslogics Disk Defrag Professional (HKLM-x32\...\{ADE1535C-C836-4F2E-BDA1-1C7C304743E3}_is1) (Version: 4.6.0.0 - Auslogics Software Pty Ltd)
Bitdefender Total Security 2015 (HKLM\...\Bitdefender) (Version: 18.21.0.1497 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
ClPhpEd(remove only) (HKLM-x32\...\ClPhpEd) (Version: - )
CPUID CPU-Z 1.74 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Creative-systeeminformatie (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Crucial Storage Executive (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Crucial Storage Executive 3.24.082015.05) (Version: 3.24.082015.05 - Crucial)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 18.0.1.0 - Synaptics Incorporated)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FileZilla Client 3.14.1 (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
GDR 5520 for SQL Server 2008 (KB2977321) (64-bit) (HKLM\...\KB2977321) (Version: 10.3.5520.0 - Microsoft Corporation)
GDR 5538 for SQL Server 2008 (KB3045305) (64-bit) (HKLM\...\KB3045305) (Version: 10.3.5538.0 - Microsoft Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
HD Tune Pro 5.60 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1449.356) (HKLM\...\{302600C1-6BDF-4FD1-1411-148929CC1385}) (Version: 17.1.1411.0506 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{89a03d4c-5e14-4180-984e-6932893138fc}) (Version: 17.14.0 - Intel Corporation)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Home Edition (Version: 6.1.871 - Paramount Software (UK) Ltd.) Hidden
Malwarebytes Anti-Exploit version 1.8.1.1045 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.8.1.1045 - Malwarebytes)
Malwarebytes Anti-Malware versie 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{2738C4AA-420E-4E13-ADEF-B5AB250E3EF1}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{F43ADE73-2880-4A95-B995-4FE386ECF667}) (Version: 10.3.5538.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{1E6ED082-E32D-4B2B-8B6A-70B094815135}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.3.5500.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mouse Editor (HKLM-x32\...\InstallShield_{3A4218DE-B9DB-4AD5-9DB2-5853D3AA0335}) (Version: 12.08.0006 - Uw bedrijfsnaam)
MOUSE Editor (x32 Version: 12.08.0006 - Uw bedrijfsnaam) Hidden
Mozilla Firefox 43.0.4 (x86 nl) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 nl)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\MusicManager) (Version: - Google, Inc.)
MusicBee 2.5 (HKLM-x32\...\MusicBee) (Version: 2.5 - Steven Mayall)
MySQL Workbench 6.2 CE (HKLM\...\{916D6512-97A8-470D-AEC8-53A1654E74BF}) (Version: 6.2.3 - Oracle Corporation)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
Opera Stable 34.0.2036.42 (HKLM-x32\...\Opera 34.0.2036.42) (Version: 34.0.2036.42 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.5.5.2850 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Popcorn Time (HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\Popcorn Time) (Version: - Popcorn Official)
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.370.71 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7404 - Realtek Semiconductor Corp.)
Realtek PC Camera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10252 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Revo Uninstaller Pro 3.1.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.5 - VS Revo Group, Ltd.)
Savage Lands (HKLM-x32\...\Steam App 307880) (Version: - Signal Studios)
SDK Debuggers (x32 Version: 8.100.26936 - Microsoft Corporation) Hidden
SeaTools for Windows 1.4.0.2 (HKLM-x32\...\SeaTools for Windows) (Version: 1.4.0.2 - Seagate Technology)
Service Pack 3 for SQL Server 2008 (KB2546951) (64-bit) (HKLM\...\KB2546951) (Version: 10.3.5500.0 - Microsoft Corporation)
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{A608A8D3-E77C-4BEE-8F2A-F8124F5F0FE2}) (Version: 14.0.4900 - Trimble Navigation Limited)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Sound Blaster Tactic(3D) (HKLM-x32\...\{92000C16-939B-44CA-802F-0D552019D7C8}) (Version: 1.0 - Creative Technology Limited)
Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform)
Sql Server Customer Experience Improvement Program (Version: 10.3.5500.0 - Microsoft Corporation) Hidden
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version: - Crystal Dynamics)
TreeSize Free V3.4.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.2 - JAM Software)
Tune4Win M4V Converter Plus 5.1.5 (HKLM-x32\...\Tune4Win M4V Converter Plus_is1) (Version: - Tune4Win.com Inc.)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB3114502) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPROR_{6F47687A-78E9-41B1-8587-ED0CC2677A2A}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 13.0 - Ubisoft)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.40219 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 11.1.3 - VMware, Inc)
VMware Workstation (Version: 11.1.3 - VMware, Inc.) Hidden
WampServer 2.4 (HKLM-x32\...\WampServer 2_is1) (Version: - Hervé Leclerc (HeL))
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 5.6.3-0 - Bitnami)


==================== Aangepaste CLSID (gefilterd): ==========================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


CustomCLSID: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\martijn\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Geen bestand
CustomCLSID: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\martijn\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\martijn\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll (Google Inc.)


==================== Geplande Taken (gefilterd) =============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


Task: {11C0ECFF-5EB8-49B0-B4CE-F3040722B5D9} - System32\Tasks\Macrium-Backup-{6981B61A-A82C-47D0-B09D-E6BB85A2E6CF} => E:\Installaties\Macrium\Reflect\reflect.exe [2016-01-11] (Paramount Software UK Ltd)
Task: {138DD604-9712-4803-8431-59188A4B0F18} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {1B7FF0A3-75E0-4259-A430-E3DD88A76567} - System32\Tasks\{857E9CDF-E1F6-4272-BD5D-DAA43D226559} => pcalua.exe -a D:\Downloads\Toepassing\jdk-8u31-windows-x64.exe -d D:\Downloads\Toepassing
Task: {1FFB2A58-C71D-4B12-B350-21382469DA27} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {267EFEAF-D2B7-4769-97FB-A75FFD24421B} - System32\Tasks\{EC4D7012-3B8E-4A13-841C-7115FAF8E30F} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.22.81.105&LastError=404
Task: {2BDA0DF3-BBD8-40F2-8A77-44CBA78A3BA4} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-18] (Dropbox, Inc.)
Task: {2FB2C272-A3C8-44A9-8D54-2AF2515E2AFA} - System32\Tasks\Macrium-Backup-{0B8D3648-2BF9-4B8E-BDEF-0C647A52448E} => e:\installaties\macrium\reflect\Reflect.exe [2016-01-11] (Paramount Software UK Ltd)
Task: {44212DF5-26DC-4943-AA77-C9B65109B921} - System32\Tasks\Macrium-Backup-{4FD59CAF-DB68-45B9-8086-E5B9E29A38DD} => e:\installaties\macrium\reflect\reflect.exe [2016-01-11] (Paramount Software UK Ltd)
Task: {4AE007FF-0334-4F59-96D1-EFAC0945087F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {56B4D871-9727-4540-87C2-F9B792ED5B73} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {582F45AC-7B11-4286-833F-0FF1DE254F47} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {5F98994A-BC13-49A3-8140-F4F02466E3EB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {672BC957-CBA0-42D2-BF06-C7FFCC0D9FC2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {6B3946DF-42C6-47F8-A81E-C42A8FCD1976} - System32\Tasks\{EA7E6C6C-DA09-49AF-B79A-BF4D72A6C0C5} => pcalua.exe -a "C:\Program Files (x86)\AirDroid\AirDroid.exe" -d "C:\Program Files (x86)\AirDroid"
Task: {79F9CE79-880E-4ECC-9E9C-FDA767EB6C9A} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe [2015-07-27] (Bitdefender)
Task: {7EC362D7-791E-41BB-83DE-A90F95708955} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {8DDDDC07-00A0-4FA1-8FA2-64B5C1F78E31} - System32\Tasks\{D9B11445-E57C-44FA-8151-8D092D5E0F68} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.22.81.105&LastError=404
Task: {8E99F6AD-E567-4BE0-8B97-5D7325049499} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3463171804-1537994893-3906066650-1001 => C:\Users\martijn\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-14] (Microsoft Corporation)
Task: {97BEF38D-7F8A-45F9-A44C-5884989BEB77} - System32\Tasks\Opera scheduled Autoupdate 1450904227 => D:\Installaties\Opera\launcher.exe [2015-12-15] (Opera Software)
Task: {9F6AF508-D030-40FF-A2B0-0B8A5082721C} - System32\Tasks\{38EC8780-A921-4536-8CDA-1A1B489C9BCF} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {A808E9FC-540C-4316-99FA-67DD49870DEB} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-01-17] (Microsoft Corporation)
Task: {AE44B85F-8675-4B08-9294-AE530EA36522} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BB2B2679-E4B6-41DF-9D54-F5BFEBFD5A0A} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-11-18] (Dropbox, Inc.)
Task: {BBA3B014-0700-4447-B5DD-6124EA9FB01F} - System32\Tasks\{A49F183D-1240-4733-9143-AE725868A6D5} => pcalua.exe -a "C:\Program Files (x86)\AirDroid\AirDroid.exe" -d "C:\Program Files (x86)\AirDroid"
Task: {BED8843A-F8A6-4288-BC2F-F8DFD41B7C5E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {C201F3C8-6092-40CB-A51B-E51CEE727A8C} - System32\Tasks\{B7A999A9-139A-421A-A243-4BE91EA08756} => pcalua.exe -a "C:\ProgramData\VMware\VMware Player\Uninstaller\uninstall.exe" -d "C:\ProgramData\VMware\VMware Player\Uninstaller"
Task: {C28959E7-4835-4A16-9A0A-788F23E4E326} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe [2016-01-03] (Adobe Systems Incorporated)
Task: {D30A50DD-7CDF-41BA-803D-A725C3FF6A25} - System32\Tasks\Opera scheduled Autoupdate 1450201543 => D:\Installaties\launcher.exe
Task: {D98F3842-9F6B-422D-94D8-84106DA107AC} - System32\Tasks\RtHDVBg_PushButton => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2014-12-11] (Realtek Semiconductor)
Task: {E02EB904-3D36-4380-96D7-568754731689} - System32\Tasks\{DDE65363-B324-4FE3-B301-E06F5CCE476A} => pcalua.exe -a C:\Users\martijn\AppData\Local\Apps\2.0\5MQAMOW2.QKG\6AN0W3TR.47G\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\Uninstaller.exe -c uninstall
Task: {E0F80DD0-FC75-4CB3-A428-C2AAA682D5DA} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {F0BD2B98-B597-446B-9D26-91DE215F2B2B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {FBC0E2B0-FE4B-45A7-84C4-00B3E26E6514} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)


(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_20_0_0_267_pepper.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core.job => C:\Users\martijn\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core.job => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d05a95ca784b00.job => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d08fa9a21ba7ea.job => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d0d3b5984627ee.job => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3463171804-1537994893-3906066650-1001Core1d143c5e19d2f3d.job => C:\Users\martijn\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Macrium-Backup-{0B8D3648-2BF9-4B8E-BDEF-0C647A52448E}.job => e:\installaties\macrium\reflect\Reflect.exeh-e -w E:\Documenten\Reflect\11-8-2015(SSD weekly).xml
Task: C:\WINDOWS\Tasks\Macrium-Backup-{4FD59CAF-DB68-45B9-8086-E5B9E29A38DD}.job => e:\installaties\macrium\reflect\reflect.exeh-e -w E:\Documenten\Reflect\16-8-2015(HDD weekly).xml
Task: C:\WINDOWS\Tasks\Macrium-Backup-{6981B61A-A82C-47D0-B09D-E6BB85A2E6CF}.job => E:\Installaties\Macrium\Reflect\reflect.exel-e -w E:\Documenten\Reflect\9-12-2015(mid-weekly(ssd).xml
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe


==================== Snelkoppelingen =============================


(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


==================== Geladen Modules (gefilterd) ==============


2015-06-25 20:09 - 2014-08-27 15:31 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-06-25 20:09 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-06-25 20:09 - 2015-03-24 10:48 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-06-25 20:09 - 2012-10-29 13:22 - 00152816 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdfwcore.dll
2016-01-21 16:27 - 2016-01-21 16:27 - 01084416 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01651_010\ashttpbr.mdl
2016-01-21 16:27 - 2016-01-21 16:27 - 00764928 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01651_010\ashttpdsp.mdl
2016-01-21 16:27 - 2016-01-21 16:27 - 02975744 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01651_010\ashttpph.mdl
2016-01-21 16:27 - 2016-01-21 16:27 - 01606144 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_01651_010\ashttprbl.mdl
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () D:\Installaties\FZilla\fzshellext_64.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-17 14:08 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-11-19 11:54 - 2015-11-19 11:54 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2015-06-25 20:09 - 2013-03-25 14:16 - 01117920 _____ () C:\Program Files\Bitdefender\Bitdefender SafeBox\System.Data.SQLite.dll
2015-11-03 19:13 - 2015-11-03 19:13 - 12731584 _____ () E:\Installaties\VMware\vmware-hostd.exe
2015-07-09 13:41 - 2015-07-09 13:41 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2013-09-26 14:42 - 2012-09-20 16:40 - 04875576 _____ () C:\Program Files\Synaptics\SynTP\DellTouchpad.exe
2012-08-16 04:11 - 2012-08-16 04:11 - 03333632 _____ () C:\Program Files (x86)\MOUSE Editor\MouseEditor.exe
2015-11-03 19:50 - 2015-11-03 19:50 - 01301696 _____ () E:\Installaties\VMware\libxml2.dll
2015-11-03 19:13 - 2015-11-03 19:13 - 00194752 _____ () E:\Installaties\VMware\nfc-types.dll
2015-11-03 19:13 - 2015-11-03 19:13 - 00191680 _____ () E:\Installaties\VMware\LIBEXPAT.dll
2015-11-03 19:13 - 2015-11-03 19:13 - 00388288 _____ () E:\Installaties\VMware\ssoClient.dll
2010-12-02 10:56 - 2010-12-02 10:56 - 00815104 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\OSD_Text\OSD_Text.dll
2011-01-09 13:45 - 2011-01-09 13:45 - 00088064 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_MouseDeviceManager.dll
2012-06-14 08:59 - 2012-06-14 08:59 - 02414080 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\ScreenCapture\ScreenCapture.dll
2012-05-17 04:17 - 2012-05-17 04:17 - 01000448 _____ () C:\Program Files (x86)\MOUSE Editor\Data\MouseEditor\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 07:18 - 2010-09-20 07:18 - 00085504 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ZoomControl.dll
2010-09-20 07:18 - 2010-09-20 07:18 - 00054272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_ScrollbarControl.dll
2011-04-12 08:14 - 2011-04-12 08:14 - 00063488 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 13:16 - 2010-11-01 13:16 - 00062976 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_AnalyzeGesturesInOne.dll
2012-04-27 04:40 - 2012-04-27 04:40 - 00118272 _____ () C:\Program Files (x86)\MOUSE Editor\DLL\DLL_Wheel4D.dll
2015-11-17 18:44 - 2015-11-17 18:44 - 00117248 _____ () C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2015-11-17 18:45 - 2015-11-17 18:45 - 00234496 _____ () C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2015-11-17 18:45 - 2015-11-17 18:45 - 00253440 _____ () C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2015-11-17 18:44 - 2015-11-17 18:44 - 00344064 _____ () C:\Users\martijn\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () D:\Installaties\FZilla\fzshellext.dll
2016-01-15 10:45 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll
2016-01-15 10:45 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll


==================== Alternate Data Streams (gefilterd) =========


(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


AlternateDataStreams: C:\Users\martijn\Desktop\FRST64.exe:BDU


==================== Veilige Modus (gefilterd) ===================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PAexec => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PAexec => ""="Service"


==================== EXE Bestandskoppeling (gefilterd) ===============


(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)




==================== Internet Explorer vertrouwde/beperkte toegang ===============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


IE trusted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\skype.com -> hxxps://apps.skype.com


==================== Hosts inhoud: ==========================


(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)


2012-07-26 06:26 - 2015-06-25 19:30 - 00001202 ____A C:\WINDOWS\system32\Drivers\etc\hosts


127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost
127.0.0.1 localhost


==================== Andere gebieden ============================


(Momenteel is er geen automatische fix voor dit onderdeel.)


HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\martijn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 88.159.1.200 - 88.159.1.201
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is uitgeschakeld.


==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


(Momenteel is er geen automatische fix voor dit onderdeel.)


MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Bluetooth Device Monitor => 3
MSCONFIG\Services: Bluetooth OBEX Service => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: CTAudSvcService => 3
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: Dell Customer Connect => 3
MSCONFIG\Services: DellUpdate => 2
MSCONFIG\Services: FileZilla Server => 3
MSCONFIG\Services: FileZillaServer => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iBtSiva => 3
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: Motorola Device Manager => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: PST Service => 2
MSCONFIG\Services: ReflectService.exe => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 3
MSCONFIG\Services: TurboBoost => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VMAuthdService => 3
MSCONFIG\Services: VMnetDHCP => 3
MSCONFIG\Services: VMUSBArbService => 3
MSCONFIG\Services: VMware NAT Service => 3
MSCONFIG\Services: VMwareHostd => 3
HKLM\...\StartupApproved\Run: => "QuickSet"
HKLM\...\StartupApproved\Run: => "ResetTouch"
HKLM\...\StartupApproved\Run: => "IAStorIcon"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "IAStorIcon"
HKLM\...\StartupApproved\Run32: => "amd_dc_opt"
HKLM\...\StartupApproved\Run32: => "Sound Blaster Tactic3D Control Panel"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Dropbox.lnk"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_24E28FD03CD6B1A79BA3F98A485A5A6D"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "WinSweep"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DAEMON Tools Ultra Agent"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "DellSystemDetect"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "MusicManager"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Bitdefender Wallet Agent"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "puush"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3463171804-1537994893-3906066650-1001\...\StartupApproved\Run: => "AirDroid 3"


==================== Firewall regels (gefilterd) ===============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{175F368C-49FE-4D21-A365-DCAC84C4176A}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [TCP Query User{8BEBA473-1D76-4084-AD43-3F61D81467B9}C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe] => (Allow) C:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
FirewallRules: [UDP Query User{1496C4A2-D3FD-41B5-8B79-1C317C2F8335}C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe] => (Allow) C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe
FirewallRules: [TCP Query User{E5C92458-3224-4170-8E4D-A9659EF1FB36}C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe] => (Allow) C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe
FirewallRules: [UDP Query User{0A4E8CBE-B822-464B-9F70-5C8447BE243E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{AA047249-0952-45CB-8EE3-68AD803A360A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{ECF92490-3919-4EED-A705-3129889CAC98}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{01093F2A-5DAB-4570-B155-2EE68612EF17}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2D295151-FAF2-4C80-AE5E-8AA875AEC837}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B21B04A1-6A9C-4D48-A55C-D31AC6847B72}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{48CB5192-3C88-4362-A410-FF3AD3ED0BDE}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe
FirewallRules: [{F9CF7121-097A-4378-81B8-8B03AF3F051D}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe
FirewallRules: [{27946028-9BBB-4A29-85B2-B30DB6083777}] => (Allow) C:\Users\martijn\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{76D8F323-7A37-48F0-A15C-13A01B4F2EB3}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{3260BA18-3583-473B-84CB-12DB8BA6C745}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Dead Island\DeadIslandGame.exe
FirewallRules: [{AAE860A7-5685-45B8-B188-926E1744EA2B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7B0EC43-8FB5-4B5A-9090-097B502C6FD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3EF7AF-F87A-4FB7-B465-94D6C44DB0FB}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{AF7B28A2-20DD-4E8F-B11D-9A06711954D9}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{D7E37620-5110-4F1A-9B0F-0B85A2513D98}] => (Allow) E:\Installaties\OriginLibrary\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{07156493-4625-4268-B52C-C737544AAFC9}] => (Allow) E:\Installaties\OriginLibrary\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [TCP Query User{2EF5BD26-EC3E-4DB5-B015-16ADED7B0EDE}C:\users\martijn\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\martijn\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{FD6157E6-3A62-4946-831A-797D735BCB9C}C:\users\martijn\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\martijn\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{7B8381D8-289A-4945-A84F-E14D8EB2FE44}C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe] => (Block) C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe
FirewallRules: [UDP Query User{C27C4F6E-A246-468A-9D7B-E8E54384C4AE}C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe] => (Block) C:\program files (x86)\codelobster software\codelobsterphpedition\clphped.exe
FirewallRules: [TCP Query User{F115CF30-0B75-455B-9349-4229115794BA}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{F61CCC26-8E0E-48BD-A8C1-9ACD8C116518}C:\xampp\mercurymail\mercury.exe] => (Allow) C:\xampp\mercurymail\mercury.exe
FirewallRules: [UDP Query User{08698617-22DC-48BB-A6D6-F71621471B43}E:\installaties\testmail\testmailservertool.exe] => (Allow) E:\installaties\testmail\testmailservertool.exe
FirewallRules: [{B9F77D66-B0EC-474B-80F4-857B363D2A24}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8F02E804-8FFB-41CC-9A19-16637C2FAA14}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5CAEE255-508A-415A-BFBA-82FA5CB50315}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4E373720-DD65-469E-809D-12882ACAD47F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{83F79D85-F1F4-4F8B-B599-34E269D235DA}] => (Allow) D:\Installatie\Steam\Steam.exe
FirewallRules: [{5AF72D4D-E900-4CA9-ACA0-D713E0539465}] => (Allow) D:\Installatie\Steam\Steam.exe
FirewallRules: [TCP Query User{2C078835-85B1-4A55-A93E-73664A13A940}E:\download\smtpfakeservermetvoorbeeldsln\smtpfakeserver\papercut.exe] => (Allow) E:\download\smtpfakeservermetvoorbeeldsln\smtpfakeserver\papercut.exe
FirewallRules: [UDP Query User{2A55F0C7-EAF4-4050-B838-DE310BE39041}E:\download\smtpfakeservermetvoorbeeldsln\smtpfakeserver\papercut.exe] => (Allow) E:\download\smtpfakeservermetvoorbeeldsln\smtpfakeserver\papercut.exe
FirewallRules: [{456B1EA7-5077-4ABF-918E-B5B12BC5D2DD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{40659C0B-76A1-4C05-8BF7-B98DB12CEF56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{32371216-98B7-4709-8B1D-7AC91D88B967}] => (Allow) D:\Installatie\Steam\bin\steamwebhelper.exe
FirewallRules: [{61D70928-39EE-4629-835E-8A2D48A14DFE}] => (Allow) D:\Installatie\Steam\bin\steamwebhelper.exe
FirewallRules: [{0B89ED42-F254-4C71-83A2-A4464F2D5ECF}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{35AE7E77-50AC-422A-B623-A44562C9862D}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Tomb Raider\TombRaider.exe
FirewallRules: [{26A9EC64-8A44-4508-B6CB-FFBD5C00E4A0}] => (Allow) E:\Installaties\VMware\vmware-authd.exe
FirewallRules: [{CBF4B9C7-C5B1-4ADE-9455-C265E123CB53}] => (Allow) E:\Installaties\VMware\vmware-authd.exe
FirewallRules: [{F4EAC1F4-A914-4987-897E-0F3E03E7B998}] => (Allow) E:\Installaties\VMware\vmware-hostd.exe
FirewallRules: [{85D003F8-270E-45CC-8C29-D197B58C183C}] => (Allow) E:\Installaties\VMware\vmware-hostd.exe
FirewallRules: [{F49800ED-0F58-4CC6-AFC8-8FEE572D9F50}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{112DDC38-CA82-436C-9C3D-358DF53CC6CD}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{D99324BF-71DD-47C0-8A1D-73B773E34F10}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{2204806C-3656-4783-B9D9-57FEE3674761}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{74C936B0-C9BE-418B-860B-7D65BE389FFC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33521A1C-D5B8-4DAE-9279-9FDA2AA1E78E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{428224BC-A3AE-4587-B619-72275FE5F760}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AB45747D-154A-45F4-817F-967096EEE389}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C0E43C0E-BEDC-4FD2-A17B-B0660CD52BE8}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{5DDB1CE0-94F7-45ED-9ACF-3A7764E02FFC}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe
FirewallRules: [{5FA3E9B6-B5AC-450B-8308-C25D919121C2}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{F49BD6A4-C49A-4EFE-8F4E-4E91E7404608}] => (Allow) E:\Installaties\SteamLibrary\SteamApps\common\Savage Lands\SavageLands.exe
FirewallRules: [{3390EDFD-C759-4C02-8BC3-56F64AFF0507}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{ABCBCFDB-4615-4E16-B27E-5BC458EFD0EF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B15DC0B7-8964-4DAB-B71A-F41FE1D448F3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{CDC28FE5-715F-4D52-AC3E-3E35BD2BE825}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F7D5D72D-D0EE-45A7-8BB1-2AE58517DDEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{06B56E51-C6AF-4E91-9675-B62E99AF8F93}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{B5386D93-ED65-4333-9E4F-FD8B3CB49C57}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{04FF4EAD-2ECC-4BEB-A5E4-338014F2E9D6}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{BD86119E-21DD-49CE-A74E-97BEA7532AD2}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{729F9BD6-1013-4511-B596-A05E019AA6EB}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{478D57DB-9713-4417-ACBF-FECC8E1426B3}] => (Allow) C:\Users\martijn\AppData\Roaming\BitTorrent\BitTorrent.exe


==================== Herstelpunten =========================


AANDACHT: Systeemherstel is uitgeschakeld


==================== Defecte Apparaatbeheer Apparaten =============




==================== Eventlog fouten: =========================


Applicatiefouten:
==================
Error: (01/21/2016 04:22:31 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Het systeem kan het opgegeven bestand niet vinden.) occurred while creating or opening file 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnose and correct the operating system error, and retry the operation.


Error: (01/21/2016 04:22:31 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Het systeem kan het opgegeven bestand niet vinden.) occurred while creating or opening file 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose and correct the operating system error, and retry the operation.


Error: (01/21/2016 04:22:31 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1. OS error: 3(Het systeem kan het opgegeven pad niet vinden.).


Error: (01/21/2016 04:22:31 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\model.mdf for file number 1. OS error: 3(Het systeem kan het opgegeven pad niet vinden.).


Error: (01/21/2016 04:16:41 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Kan activeringscontext voor C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 niet maken. Fout in manifest of beleidsbestand C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 op regel C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Error: (01/21/2016 04:09:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Kan activeringscontext voor C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 niet maken. Fout in manifest of beleidsbestand C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 op regel C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Error: (01/21/2016 04:01:51 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Kan activeringscontext voor C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1 niet maken. Fout in manifest of beleidsbestand C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2 op regel C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Een onderdeelversie die nodig is voor de toepassing, conflicteert met een andere onderdeelversie die reeds actief is.
Conflicterende onderdelen zijn:
Onderdeel 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Onderdeel 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.


Error: (01/21/2016 03:54:21 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Het systeem kan het opgegeven bestand niet vinden.) occurred while creating or opening file 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\modellog.ldf'. Diagnose and correct the operating system error, and retry the operation.


Error: (01/21/2016 03:54:21 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17207) (User: )
Description: FileMgr::StartLogFiles: Operating system error 2(Het systeem kan het opgegeven bestand niet vinden.) occurred while creating or opening file 'e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBLog.ldf'. Diagnose and correct the operating system error, and retry the operation.


Error: (01/21/2016 03:54:21 PM) (Source: MSSQL$SQLEXPRESS) (EventID: 17204) (User: )
Description: FCB::Open failed: Could not open file e:\sql10_main_t\sql\mkmastr\databases\objfre\i386\MSDBData.mdf for file number 1. OS error: 3(Het systeem kan het opgegeven pad niet vinden.).




Systeemfouten:
=============
Error: (01/21/2016 04:23:22 PM) (Source: DCOM) (EventID: 10000) (User: MARTIJN)
Description: "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding2{14286318-B6CF-49A1-81FC-D74AD94902F9}


Error: (01/21/2016 04:22:31 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service SQL Server (SQLEXPRESS) is gestopt met de volgende specifieke servicefout:
%%1814


Error: (01/21/2016 04:22:27 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als
lid van een domein. De NetLogon-service hoeft niet te worden gestart in
deze configuratie.


Error: (01/21/2016 04:21:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De VMware Workstation Server-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.


Error: (01/21/2016 04:21:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalActiveren{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar


Error: (01/21/2016 03:55:52 PM) (Source: DCOM) (EventID: 10000) (User: MARTIJN)
Description: "C:\Program Files\Microsoft Office\Root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE" -Embedding2{14286318-B6CF-49A1-81FC-D74AD94902F9}


Error: (01/21/2016 03:54:21 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service SQL Server (SQLEXPRESS) is gestopt met de volgende specifieke servicefout:
%%1814


Error: (01/21/2016 03:54:17 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als
lid van een domein. De NetLogon-service hoeft niet te worden gestart in
deze configuratie.


Error: (01/21/2016 03:53:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.


Error: (01/21/2016 03:53:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De VMware Workstation Server-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.




CodeIntegrity:
===================================
Date: 2015-09-28 14:41:51.283
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:51.150
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:51.027
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.816
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.688
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.579
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.450
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.194
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.


Date: 2015-09-28 14:41:50.068
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume4\Program Files\WindowsApps\DellInc.DellGettingStartedwithWindows8_1.0.0.35_neutral__htrsf667h5kn2\GalaSoft.MvvmLight.Win8.dll that did not meet the Store signing level requirements.




==================== Geheugen info ===========================


Processor: Intel(R) Core(TM) i7-3537U CPU @ 2.00GHz
Percentage geheugen in gebruik: 54%
Totaal fysiek RAM-geheugen: 8073.27 MB
Beschikbaar fysiek RAM-geheugen: 3672.94 MB
Totaal Virtueel geheugen: 16265.27 MB
Beschikbaar Virtual geheugen: 11063.01 MB


==================== Schijven ================================


Drive c: () (Fixed) (Total:155.58 GB) (Free:83.4 GB) NTFS
Drive d: (Schijf) (Fixed) (Total:76.35 GB) (Free:14.34 GB) NTFS
Drive e: () (Fixed) (Total:442.27 GB) (Free:115.93 GB) NTFS
Drive f: (Backup) (Fixed) (Total:488.28 GB) (Free:208.16 GB) NTFS


==================== MBR & Partitietabel ==================


========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 00000000)


Partition: GPT.


========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 12E812E8)


Partition: GPT.


==================== Eind van Addition.txt ============================
 
Hi, axe0.

1. You have an outdated, vulnerable version of Java on your computer. Minimally, install the latest quarterly security update: Java SE 8u71. At the same time the security update was released, Oracle also provided a "bug fix update", Java SE 8u72, which can be found here. Select the appropriate version for your operating system.

2. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code:
start
CreateRestorePoint:
CloseProcesses:
S3 dtultrascsibus; \SystemRoot\System32\drivers\dtultrascsibus.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
EmptyTemp:
end
  • Click Format and ensure Wordwrap is unchecked.
  • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.
3. A strong word of caution: P2P programs form a direct conduit on to your computer. They have always been a target of malware writers. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program. Use of Bittorrent is at your own risk.
 
Hi Corrine,

Thank you very much for your help :)

1. Very odd, yesterday I checked for the update settings which were to check daily for updates. Today they have been set back to the default settings which is why the update didn't come through until I forced it. Anyway Java is up to date.

2.
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:18-01-2016
Gestart door martijn (2016-01-21 20:11:37) Run:1
Gestart vanaf C:\Users\martijn\Desktop
Geladen Profielen: martijn (Beschikbare Profielen: martijn)
Boot Modus: Normal
==============================================


fixlist inhoud:
*****************
start
CreateRestorePoint:
CloseProcesses:
S3 dtultrascsibus; \SystemRoot\System32\drivers\dtultrascsibus.sys [X]
S3 iwdbus; \SystemRoot\System32\drivers\iwdbus.sys [X]
EmptyTemp:
end
*****************


Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
dtultrascsibus => dienst is succesvol verwijderd.
iwdbus => dienst is succesvol verwijderd.
EmptyTemp: => 201.4 MB tijdelijke gegevens verwijderd.




Het systeem moest herstart worden.


==== Eind van Fixlog 20:12:04 ====

3. Indeed, but then there are those that don't want to understand that and share the files I need P2P. Might sound very unbelievable
 
Hi, axe0.

After taking a second look at your logs, I noticed a couple of things I should have included in the original instructions. My apology. Nothing serious but please do the following to run FRST again:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Open Notepad (Start =>All Programs => Accessories => Notepad).
  • Copy/Paste the entire contents of the code box below into Notepad.
Code:
start
CreateRestorePoint:
CloseProcesses:
2015-08-17 15:14 - 2015-06-01 20:50 - 0010240 _____ () C:\Users\martijn\AppData\Local\Z@!-c97732d1-e3f8-4d26-a766-5204038c6f32.tmp
2015-08-17 15:14 - 2015-06-01 20:50 - 0009216 _____ () C:\Users\martijn\AppData\Local\Z@S!-967c823d-ec56-428f-a177-f80eea410a07.tmp
2015-03-20 18:28 - 2015-03-20 18:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
EmptyTemp:
end
  • Click Format and ensure Wordwrap is unchecked.
  • Important: Save the code to the same folder/directory that FRST.exe is located in, naming it as fixlist.txt
  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post the log in your next reply.
 
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:18-01-2016
Gestart door martijn (2016-01-21 23:47:06) Run:2
Gestart vanaf C:\Users\martijn\Desktop
Geladen Profielen: martijn (Beschikbare Profielen: martijn)
Boot Modus: Normal
==============================================


fixlist inhoud:
*****************
start
CreateRestorePoint:
CloseProcesses:
2015-08-17 15:14 - 2015-06-01 20:50 - 0010240 _____ () C:\Users\martijn\AppData\Local\Z@!-c97732d1-e3f8-4d26-a766-5204038c6f32.tmp
2015-08-17 15:14 - 2015-06-01 20:50 - 0009216 _____ () C:\Users\martijn\AppData\Local\Z@S!-967c823d-ec56-428f-a177-f80eea410a07.tmp
2015-03-20 18:28 - 2015-03-20 18:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
EmptyTemp:
end
*****************


Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
C:\Users\martijn\AppData\Local\Z@!-c97732d1-e3f8-4d26-a766-5204038c6f32.tmp => is succesvol verplaatst.
C:\Users\martijn\AppData\Local\Z@S!-967c823d-ec56-428f-a177-f80eea410a07.tmp => is succesvol verplaatst.
C:\ProgramData\DP45977C.lfl => is succesvol verplaatst.
EmptyTemp: => 253.3 MB tijdelijke gegevens verwijderd.




Het systeem moest herstart worden.


==== Eind van Fixlog 23:47:31 ====
 
Thank you.

Based on the preliminary cleanup you did with ESET, Malarebytes and AdwCleaner followed by the minor cleanup with FRST, please confirm that all is well now.
 
I'm currently running ESET again, Malwarebytes and Adwcleaner have come up clean.

Actually Malwarebytes came clean after 2 scans. I studied the installation of Bittorrent and it seemed that some kind of search engine malware was installed everytime when trying to install Bittorrent because the buttons for accepting and denying were empty of text, this caused the search engine temp files to be present which Malwarebytes found. A few files are in the malwarebytes log in the first post. I removed Bittorrent, rebooted and emptied the temp folder where after Malwarebytes has come up clean since.
This explains why Malwarebytes gave so many blocked file pop-ups when trying to install Bittorrent.

On a side note, do you know why when I followed your instructions and rebooted 3-4GB of free space went gone?
 
The FRST logs show 201.4 MB and then 253.3 MB temp files. Then there were the other files that were removed.

Something else you may want to consider is Unchecky. It automatically unchecks the boxes that allow companies to install promotional crapware on your computer, and issues warnings if you accidentally agree to install something you may not want. Unchecky - Keeps your checkboxes clear

Let's take care of removing the tools used:

Please download Delfix from here.

Ensure the following boxes are checked:
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
 
# DelFix v1.011 - Logfile created 22/01/2016 at 12:22:43
# Updated 18/08/2015 by Xplode
# Username : martijn - MARTIJN
# Operating System : Windows 8.1 (64 bits)


~ Removing disinfection tools ...


Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\martijn\Desktop\Addition.txt
Deleted : C:\Users\martijn\Desktop\Fixlog.txt
Deleted : C:\Users\martijn\Desktop\FRST.txt
Deleted : C:\Users\martijn\Desktop\FRST64.exe
Deleted : C:\Users\martijn\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\AdwCleaner


~ Creating registry backup ... OK


~ Cleaning system restore ...




New restore point created !


########## - EOF - ##########
 
Found out where the 3-4GB went, system restore took it with 2 restore points.
 
:thumbsup2: Clearing out old restore points after removing malware from a system prevents returning to an infected point. Do note two important points: (1) the first part of the process is "CreateRestorePoint" before any changes are made and (2) the last part of the process is to remove old, infected, restore points and create a fresh system restore.
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top