[SOLVED] [Win7 x64, NO SP] redirecting to us.search.yahoo.com

R

raystef66

Well-known member
Joined
Aug 10, 2017
Posts
158
Hi,
I have encountered a redirecting problem since i had AVAST deactiveated for some update reasons (0n this forum).
I must have clicked a link yesterday, don't knnow when or where, but now , i'm being redirected to mostly yahoo when searching on google. Not always but mostly.

Even when i am on a webpage, sometimes letterfonts become having another colour and become 'links'.
So this virus can alter my webpages .... very annoying.
My helper softwaremaniac redirected me to this forum.
Hopefully someone can help.

I have tried several hours to clean with Malwarebytes, adw cleaner, Kaspersky, Hotman PRO....but no luck....

ANY HELP WOULD BE MUCH APPRECIATED !
 
Re: redirecting to us.search.yahoo.com

Result of Security Analysis by Rocket Grannie (x86) Updated: 28th August, 2017
Running from:C:\Users\stefan\Downloads (21:23:23 - 08/28/2017)
***---------------------------------------------------------***
Microsoft Windows 7 Home Premium X64 ==> Service Pack is out of Date
UAC is Disabled
Internet Explorer ==> is out of Date
Default Browser: Google Chrome
***------------Antivirus - Antispyware - Firewall-----------***
Microsoft Security Essentials (Disabled - up to Date)
Avast Antivirus (Disabled - up to Date)
Microsoft Security Essentials (Disabled - up to Date)
Windows Defender (Disabled - up to Date)
Avast Antivirus (Disabled - up to Date)
Windows Firewall (Enabled)
No other Firewall Installed
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player NPAPI (26.0.0.151)
CCleaner (4.19) ==> is out of Date
Defraggler (2.18) ==> is out of Date
Google Chrome (60.0.3112.101)
Java (8.0.250.18)
Malwarebytes (2.2.1.1043) ==> is out of Date
Microsoft Silverlight (5.1.40728.0)
Mozilla Firefox (31.0) ==> is out of Date
SUPERAntiSpyware (6.0.1212)
Windows Live Essentials (14.0.8089.726) ==> is out of Date


***----------------Analysis Complete-------------------------***
 
Re: redirecting to us.search.yahoo.com

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 20-08-2017
Gestart door stefan (Beheerder) op STEFAN-PC (28-08-2017 21:16:05)
Gestart vanaf C:\Users\stefan\Downloads
Geladen Profielen: stefan (Beschikbare Profielen: stefan & Administrator)
Platform: Windows 7 Home Premium (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 8 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials


==================== Processen (gefilterd) =================


(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)


(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\AESTSr64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Register (gefilterd) ====================


(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)


HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2017-08-12] (IDT, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [213832 2017-08-17] (AVAST Software)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2867952 2014-12-05] (Synaptics Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: G - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1158b302-d57e-11e6-9fd9-c80aa95a42da} - H:\AutoRun.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1158b325-d57e-11e6-9fd9-c80aa95a42da} - G:\windows\AutoRun.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {1c7f7c8c-9110-11e6-b64c-c80aa95a42da} - G:\windows\AutoRun.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {44485e97-6e84-11e5-8b91-c80aa95a42da} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {44485e9f-6e84-11e5-8b91-c80aa95a42da} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {491e5f76-ad34-11df-9e03-c80aa95a42da} - F:\SETUP.EXE
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {5e431590-8ab0-11e5-9ad7-c80aa95a42da} - G:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {8875dfa0-c261-11e4-92d0-c80aa95a42da} - G:\SETUP.EXE
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {ae6d8e9a-7496-11e5-9b62-c80aa95a42da} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {fbd3cea6-91ad-11e5-9c1c-c80aa95a42da} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\MountPoints2: {fbd3ceaa-91ad-11e5-9c1c-c80aa95a42da} - H:\HiSuiteDownLoader.exe
HKU\S-1-5-21-998262437-1437487422-401129983-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
GroupPolicy: Restrictie - Chrome <==== AANDACHT
GroupPolicyScripts\User: Restrictie <==== AANDACHT
GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT


==================== Internet (gefilterd) ====================


(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)


Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{EBF010CA-C373-433B-8C19-68A4E6863FD6}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{FDE24501-435B-4515-BCCA-0DA8EB360091}: [DhcpNameServer] 192.168.1.1


Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM -> {0404899E-FCB3-47A9-BC4F-74FF7A718B36} URL = hxxp://www.bing.com/search?q={searchTerms}&form=CPNTDF&pc=CPNTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-08] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-08-17] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-08] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated)
BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2017-08-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-08-17] (AVAST Software)
BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2017-08-12] (Oracle Corporation)
BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-08-24] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-08-24] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2012-08-24] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2012-08-24] (Microsoft Corporation)


FireFox:
========
FF ProfilePath: C:\Users\stefan\AppData\Roaming\TomTom\HOME\Profiles\9rhjvggm.default [2015-04-27]
FF Extension: (Map status indicator) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [2015-04-27] [ niet getekend]
FF ProfilePath: C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176 [2017-08-28]
FF Extension: (Avast SafePrice) - C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176\Extensions\sp@avast.com.xpi [2017-08-28]
FF Extension: (Avast Online Security) - C:\Users\stefan\AppData\Roaming\Mozilla\Firefox\Profiles\98gxzurk.default-1444044290176\Extensions\wrc@avast.com.xpi [2017-08-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_151.dll [2017-08-12] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-08-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-08] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-08-21] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_151.dll [2017-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google)
FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
FF Plugin-x32: @itstructures.com/ffactivex -> C:\Program Files\Firefox ActiveX Plugin\npffax.dll [2011-12-28] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2017-08-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2017-08-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2010-08-21] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-04-07] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\trademanager\npAliSSOLogin.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @squareclock.com/SQ3DPlayer_Production_HBMV1 -> C:\Users\stefan\AppData\Local\SquareClock.Production_HBMV1\NPSQ3D.dll [2016-02-05] (SquareClock SAS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll [2015-03-06] ( )
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll [2015-03-06] ( )


Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.be/
CHR StartupUrls: Profile 1 -> "hxxp://www.google.be/"
CHR DefaultSearchKeyword: Profile 1 -> t
CHR Profile: C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-08-28]
CHR Extension: (Google Presentaties) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-04]
CHR Extension: (Google Documenten) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-13]
CHR Extension: (Google Search) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Click to Tab) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ebicmkkcnhdiglneianohfjapmanjoek [2016-09-10]
CHR Extension: (Nice Translator) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\echdnikijbegadnenjfmhfjflclkjcbp [2014-11-04]
CHR Extension: (Google Spreadsheets) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-04]
CHR Extension: (Offline Documenten) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (MagicScroll eBook Reader) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghgnmgfdoiplfmhgghbmlphanpfmjble [2014-11-04]
CHR Extension: (AdBlock) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-05]
CHR Extension: (Denfllow) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hehdcdgdfhanbcbdkakahgpfinojokob [2017-08-24]
CHR Extension: (ActiveX hosting plugin) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlkjkojpmhmhcfdbeelefjdikpjeianb [2015-04-20]
CHR Extension: (mail.com MailCheck) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpebgcnlaohcgdfhbffjajlnpifdkllg [2017-08-03]
CHR Extension: (Right Inbox for Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mflnemhkomgploogccdmcloekbloobgb [2017-07-20]
CHR Extension: (Search Box) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mknehpjhljpfaghmicofickbkdagooni [2014-11-04]
CHR Extension: (Ghostery) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2017-08-09]
CHR Extension: (Bookmarks Button) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmkenpelbkmeamekejjokaldhmmdkkkk [2017-08-25]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
CHR Extension: (Audio Cutter) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\plimnkafgoiilijmlbnfoafihjjijbfp [2016-09-13]
CHR Extension: (Streak CRM voor Gmail) - C:\Users\stefan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pnnfemgpilpdaojpnkjdgfgbnnjojfik [2017-06-15]
CHR Profile: C:\Users\stefan\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hknpjpodmmapnfjhnblgmalmaanpajhc] - C:\ProgramData\VideoDownloaderUltimate\Chrome\VideoDownloaderUltimate.crx <niet gevonden>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pcnknkgiplafmoienldloaollebiklfl] - C:\Program Files (x86)\NBget\InternetDownload\VDE.crx [2013-04-26]


==================== Services (gefilterd) ====================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\AESTSr64.exe [89600 2017-08-12] (Andrea Electronics Corporation)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7430992 2017-08-17] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [263312 2017-08-17] (AVAST Software)
S4 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272592 2015-02-27] (Disc Soft Ltd)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezsvc7.dll [129584 2009-02-22] (EasyBits Sofware AS) [Bestand niet getekend]
S4 GCL Service; C:\Program Files\T1T\Trust1Connector\gcl-service.exe [3774296 2016-11-08] ()
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2009-08-20] (Hewlett-Packard Company) [Bestand niet getekend]
S4 lxdc_device; C:\Windows\system32\lxdccoms.exe [567216 2007-05-25] ( )
S4 lxdc_device; C:\Windows\SysWOW64\lxdccoms.exe [537520 2007-05-25] ( )
S4 NetcamStudioSvc64; C:\Program Files\Netcam Studio - 64-bit\NetcamStudio.Service.exe [3977024 2015-05-19] (Moonware Studios)
S4 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S4 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [301760 2012-09-25] ()
S4 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
S4 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S4 Secure Hunter Service; C:\Program Files (x86)\SecureHunter\AntiMalwarePro\bin\shrtsrv.exe [47416 2016-02-23] (SecureHunter LLC) [Bestand niet getekend]
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_46212ecee8bc70b6\STacSV64.exe [314880 2017-08-12] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]


===================== Drivers (gefilterd) ======================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [77832 2016-11-28] (Advanced Card Systems Ltd.)
S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [38424 2010-10-18] (Google Inc)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320008 2017-08-17] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-08-17] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343288 2017-08-17] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57728 2017-08-17] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys [104624 2017-08-17] (AVAST Software)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [46984 2017-08-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [146704 2017-08-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110352 2017-08-17] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84392 2017-08-17] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1015880 2017-08-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [585608 2017-08-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [198768 2017-08-17] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361336 2017-08-17] (AVAST Software)
S3 CH341SER_A64; C:\Windows\System32\Drivers\CH341S64.SYS [58368 2017-07-29] (??????????--??)
S3 cmnxusbser; C:\Windows\System32\DRIVERS\cmnxusbser.sys [146424 2015-11-24] (Wireless Data Device)
S3 DCamUSBSTK02N; C:\Windows\SysWOW64\DRIVERS\STK02NW2.sys [101520 2007-03-12] (Syntek Ltd.)
R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30352 2015-03-04] (Disc Soft Ltd)
S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [18528 2016-01-20] ()
S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [15968 2016-01-20] ()
S3 ETDSMBus; C:\Windows\System32\DRIVERS\ETDSMBus.sys [32840 2017-08-12] (ELAN Microelectronic Corp.)
S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-01-20] ()
S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-01-20] ()
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42840 2009-06-10] (Microsoft Corporation)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-12] (REALiX(tm))
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-24] (Huawei Technologies Co., Ltd.)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
S3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0081.sys [38432 2015-11-30] (SoftEther Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33520 2014-12-05] (Synaptics Incorporated)
S3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2014-09-11] (Windows (R) Win 7 DDK provider)
R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [90960 2012-06-04] (Windows (R) 2000 DDK provider)
R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [633296 2012-06-04] (Paragon)
R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [389968 2012-06-04] (Paragon)
S3 zghsser; C:\Windows\System32\DRIVERS\zghsser.sys [133960 2014-03-17] (ZTE Corporation)


==================== NetSvcs (gefilterd) ===================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)




==================== Een Maand Aangemaakt bestanden en mappen ========


(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


2017-08-28 21:16 - 2017-08-28 21:17 - 000027714 _____ C:\Users\stefan\Downloads\FRST.txt
2017-08-28 21:15 - 2017-08-28 21:16 - 000000000 ____D C:\FRST
2017-08-28 21:15 - 2017-08-28 21:15 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-08-28 21:14 - 2017-08-28 21:14 - 002395648 _____ (Farbar) C:\Users\stefan\Downloads\FRST64.exe
2017-08-28 16:18 - 2017-08-28 21:11 - 000043658 _____ C:\Windows\ntbtlog.txt
2017-08-28 14:38 - 2017-08-28 14:38 - 000021452 _____ C:\Users\stefan\Desktop\aroma slim rom.zip
2017-08-28 14:37 - 2017-08-27 16:19 - 000004121 _____ C:\Users\stefan\Desktop\aroma-config - kopie
2017-08-28 14:32 - 2017-08-27 16:16 - 000075686 _____ C:\Users\stefan\Desktop\updater-script - aroma
2017-08-28 14:04 - 2017-08-14 14:10 - 000066053 _____ C:\Users\stefan\Desktop\updater-script-original
2017-08-28 11:59 - 2017-08-28 11:59 - 048750920 _____ C:\Users\stefan\Downloads\BDPUARLauncher.exe
2017-08-28 11:57 - 2017-08-28 11:57 - 000290304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\subinacl.exe
2017-08-28 11:57 - 2017-08-28 11:57 - 000000000 ____D C:\Program Files (x86)\Adware Removal Tool by TSA
2017-08-28 11:56 - 2017-08-28 11:56 - 000752296 _____ C:\Users\stefan\Downloads\Adware Removal Tool by TSA.exe
2017-08-28 11:54 - 2017-08-28 11:55 - 000218058 _____ C:\TDSSKiller.3.1.0.15_28.08.2017_11.54.16_log.txt
2017-08-28 11:54 - 2017-08-28 11:54 - 004922400 _____ (AO Kaspersky Lab) C:\Users\stefan\Downloads\tdsskiller.exe
2017-08-28 10:37 - 2017-08-28 10:37 - 000012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2017-08-28 09:35 - 2017-08-28 10:38 - 000000000 ____D C:\ProgramData\HitmanPro
2017-08-28 09:34 - 2017-08-28 09:35 - 011584088 _____ (SurfRight B.V.) C:\Users\stefan\Downloads\HitmanPro_x64.exe
2017-08-28 08:56 - 2017-08-28 08:56 - 000440562 _____ C:\Users\stefan\Desktop\setupapi.dev.zip
2017-08-28 08:49 - 2017-08-28 08:49 - 000000000 ____D C:\Windows\system32\SPReview
2017-08-28 08:03 - 2017-08-28 08:50 - 000000000 ____D C:\444f310cfc15188bae837ebc78
2017-08-27 22:33 - 2017-08-27 22:33 - 008185288 _____ (Malwarebytes) C:\Users\stefan\Downloads\AdwCleaner.exe
2017-08-27 22:28 - 2017-08-28 16:18 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-08-27 22:28 - 2017-08-28 14:45 - 000064880 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-08-27 22:28 - 2017-08-28 11:09 - 000068916 _____ C:\Windows\ZAM.krnl.trace
2017-08-27 22:27 - 2017-08-27 22:27 - 006625600 _____ (Zemana Ltd. ) C:\Users\stefan\Downloads\Zemana.AntiMalware.Setup.exe
2017-08-27 22:27 - 2017-08-27 22:27 - 000000000 ____D C:\Users\stefan\AppData\Local\Zemana
2017-08-27 22:22 - 2017-08-27 22:22 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\iExplore.exe
2017-08-27 22:21 - 2017-08-27 22:21 - 000983168 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\rkill64.exe
2017-08-27 22:20 - 2017-08-27 22:20 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\stefan\Downloads\rkill.exe
2017-08-27 19:37 - 2017-08-27 20:23 - 000000000 ____D C:\655b4ca83bc64a86aeaf06582313
2017-08-27 17:55 - 2017-08-27 19:02 - 000000000 ____D C:\ac4c1fa8911b574875d7525245
2017-08-27 12:59 - 2017-04-13 06:09 - 000006255 _____ C:\Users\stefan\Downloads\aroma-config
2017-08-27 12:59 - 2017-04-13 06:05 - 000045376 _____ C:\Users\stefan\Downloads\updater-script
2017-08-27 11:08 - 2017-08-27 11:55 - 000000000 ____D C:\dc59eb761a5c80ac0e2d26c2ba
2017-08-26 11:29 - 2017-08-26 11:53 - 1938437221 _____ C:\Users\stefan\Downloads\Bad_Boyz_Axon_7_US_2017U_7.1.1_v2.1.zip
2017-08-25 15:15 - 2017-08-26 12:35 - 000000000 ____D C:\Users\stefan\Downloads\KITCHEN
2017-08-24 14:28 - 2017-08-24 14:28 - 000888624 _____ C:\Users\stefan\Downloads\Aroma-Tut.rar
2017-08-24 07:53 - 2017-08-24 07:54 - 000000000 ____D C:\9cae8c3de34a5a532af4711b8e
2017-08-23 17:52 - 2017-08-23 17:52 - 000535290 _____ C:\Users\stefan\Downloads\kulinarisk-combimagnetron-hetelucht__AA-1415083-5.pdf
2017-08-23 16:41 - 2017-08-23 16:42 - 000000000 ____D C:\80ed5da7469e630af8
2017-08-22 21:42 - 2017-08-25 08:17 - 000000196 _____ C:\Users\stefan\ACLFile
2017-08-22 17:38 - 2017-08-22 17:40 - 000000000 ____D C:\235d6ea06bf9600b48810d7f
2017-08-22 17:32 - 2017-08-22 17:32 - 002884096 _____ (niemiro) C:\Users\stefan\Desktop\SFCFix.exe
2017-08-22 16:57 - 2017-08-22 16:58 - 000000000 ____D C:\89cc7330450f265de9de
2017-08-22 15:14 - 2017-08-22 15:16 - 000000000 ____D C:\bdd7f804becdf8a002ee5269d9b2
2017-08-22 09:10 - 2017-08-22 09:12 - 000000000 ____D C:\ec61763e42b14a964258f3ebbb
2017-08-21 08:43 - 2017-08-21 08:43 - 000000000 ____D C:\Program Files\Advanced Card Systems Ltd
2017-08-21 08:38 - 2017-08-21 08:38 - 007066904 _____ (Belgian Government) C:\Users\stefan\Downloads\belgium_eid-quickinstaller_4.2.8.3252.exe
2017-08-20 11:10 - 2017-08-20 11:13 - 000000000 ____D C:\5825a1d52772cdb846
2017-08-19 10:52 - 2017-08-19 10:52 - 005289675 _____ C:\Users\stefan\Downloads\Magisk-v13.3.zip
2017-08-17 18:32 - 2017-08-17 18:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2017-08-17 18:28 - 2014-12-05 03:46 - 000212208 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo20.dll
2017-08-17 18:28 - 2014-12-05 03:45 - 000753392 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2017-08-17 18:28 - 2014-12-05 03:45 - 000409328 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCom.dll
2017-08-17 18:28 - 2014-12-05 03:45 - 000256240 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2017-08-17 18:28 - 2014-12-05 03:44 - 000584432 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2017-08-17 18:28 - 2014-12-05 03:44 - 000033520 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2017-08-17 18:28 - 2014-12-05 00:15 - 000195784 _____ C:\Windows\system32\pca-manta.bin
2017-08-17 18:28 - 2014-12-05 00:15 - 000000092 _____ C:\Windows\system32\calibration.bin
2017-08-17 18:28 - 2014-01-31 01:17 - 001795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll
2017-08-17 18:20 - 2017-08-17 18:20 - 000000000 ____D C:\Program Files\Synaptics
2017-08-17 18:04 - 2017-08-17 18:04 - 000104624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-08-17 18:03 - 2017-08-17 18:03 - 000000000 ____D C:\Users\stefan\AppData\Roaming\AVAST Software
2017-08-17 18:02 - 2017-08-17 18:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-08-17 18:01 - 2017-08-17 18:01 - 001015880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2017-08-17 18:01 - 2017-08-17 18:01 - 000146704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswmonflt.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000585608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000361336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000198768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000110352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000084392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-08-17 18:01 - 2017-08-17 18:00 - 000046984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-08-17 18:01 - 2017-08-17 17:58 - 000343288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-08-17 18:01 - 2017-08-17 17:58 - 000320008 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-08-17 18:01 - 2017-08-17 17:58 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-08-17 18:01 - 2017-08-17 17:58 - 000057728 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-08-17 18:00 - 2017-08-17 18:00 - 000400464 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-08-17 17:56 - 2017-08-17 17:56 - 000000000 ____D C:\Program Files\AVAST Software
2017-08-17 17:45 - 2017-08-17 17:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2017-08-17 17:45 - 2017-08-17 17:45 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Synaptics
2017-08-17 09:21 - 2017-08-17 09:23 - 000000000 ____D C:\990746c30ac77677f0e5
2017-08-12 10:55 - 2017-08-12 10:55 - 000001666 _____ C:\AiOLog.txt
2017-08-12 10:55 - 2013-02-11 09:35 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\ssleay32.dll
2017-08-12 10:55 - 2012-06-14 14:36 - 000107520 _____ C:\Windows\SysWOW64\zlib1.dll
2017-08-12 10:55 - 2011-10-01 08:16 - 000445016 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2017-08-12 10:55 - 2011-10-01 08:16 - 000109144 _____ (Portions (C) Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\openal32.dll
2017-08-12 10:55 - 2010-03-18 20:21 - 000799568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdia100.dll
2017-08-12 10:55 - 2006-08-26 00:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll
2017-08-12 10:55 - 2006-08-26 00:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll
2017-08-12 10:55 - 2005-01-20 19:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll
2017-08-12 10:55 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vb40032.dll
2017-08-12 10:54 - 2017-08-28 20:50 - 000000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-08-12 10:54 - 2017-08-12 12:50 - 000003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-08-12 10:54 - 2017-08-12 10:55 - 000010822 _____ C:\Windows\unins001.dat
2017-08-12 10:54 - 2017-08-12 10:54 - 001198049 _____ C:\Windows\unins001.exe
2017-08-12 10:54 - 2014-01-25 13:30 - 000131072 _____ (Sereby Corporation) C:\Windows\SysWOW64\AiORuntimes.dll
2017-08-12 10:54 - 2013-12-20 00:48 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx
2017-08-12 10:54 - 2013-12-20 00:48 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstkprp.dll
2017-08-12 10:54 - 2013-09-19 23:00 - 000269824 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libssl32.dll
2017-08-12 10:54 - 2013-09-11 09:55 - 000458608 _____ (AutoIt Team) C:\Windows\SysWOW64\autoitx3.dll
2017-08-12 10:54 - 2013-08-31 20:40 - 003115385 _____ (Red Hat) C:\Windows\SysWOW64\cygwin1.dll
2017-08-12 10:54 - 2013-02-11 09:35 - 001178624 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\SysWOW64\libeay32.dll
2017-08-12 10:54 - 2012-04-03 16:11 - 000138752 _____ C:\Windows\SysWOW64\libpng15.dll
2017-08-12 10:54 - 2011-10-12 03:09 - 004033440 _____ (Intel Corporation) C:\Windows\SysWOW64\libmmd.dll
2017-08-12 10:54 - 2010-06-27 17:44 - 000053248 _____ (Adobe Systems, Incorporated) C:\Windows\system\plugin.dll
2017-08-12 10:54 - 2008-08-26 06:40 - 000162304 _____ C:\Windows\SysWOW64\libpng13.dll
2017-08-12 10:54 - 2008-03-14 17:21 - 001008128 _____ (GnuWin32 <hxxp://gnuwin32.sourceforge.net>) C:\Windows\SysWOW64\libiconv2.dll
2017-08-12 10:54 - 2006-08-26 00:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll
2017-08-12 10:54 - 2006-08-25 23:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll
2017-08-12 10:54 - 2005-05-06 13:52 - 000103424 _____ (GNU <www.gnu.org>) C:\Windows\SysWOW64\libintl3.dll
2017-08-12 10:54 - 1996-01-12 03:00 - 000935632 _____ (Microsoft Corporation) C:\Windows\system\vb40016.dll
2017-08-12 10:54 - 1994-11-17 13:00 - 000210944 _____ C:\Windows\system\msvcrt10.dll
2017-08-12 10:54 - 1993-05-11 19:00 - 000398416 _____ (Microsoft Corporation) C:\Windows\system\vbrun300.dll
2017-08-12 10:54 - 1992-10-21 00:00 - 000356992 _____ (Microsoft Corporation) C:\Windows\system\vbrun200.dll
2017-08-12 10:54 - 1991-05-10 01:00 - 000271264 _____ C:\Windows\system\vbrun100.dll
2017-08-12 10:51 - 2017-08-12 10:51 - 000000000 ____D C:\Windows\SysWOW64\URTTEMP
2017-08-12 10:42 - 2017-08-08 16:38 - 000319552 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2017-08-12 10:41 - 2017-08-12 10:40 - 000264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2017-08-12 10:41 - 2017-08-12 10:40 - 000175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2017-08-12 10:41 - 2017-08-12 10:40 - 000174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2017-08-12 10:41 - 2017-08-08 16:38 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2017-08-12 10:41 - 2017-08-08 16:38 - 000206912 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2017-08-12 10:38 - 2017-08-12 10:55 - 000000000 ____D C:\AiO-Files
2017-08-12 10:14 - 2016-09-30 11:50 - 000023232 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-08-12 10:14 - 2016-08-10 17:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2017-08-12 09:54 - 2017-08-12 09:54 - 000000000 ____D C:\Users\stefan\Desktop\superrs-kitchen3
2017-08-12 08:49 - 2017-08-12 08:49 - 001049056 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2017-08-12 08:49 - 2017-08-12 08:49 - 000122848 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2017-08-12 08:47 - 2017-08-12 08:45 - 000655360 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2017-08-12 08:45 - 2017-08-12 08:45 - 001978880 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2017-08-12 08:45 - 2017-08-12 08:45 - 000536576 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2017-08-12 08:45 - 2017-08-12 08:45 - 000448512 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2017-08-12 08:45 - 2017-08-12 08:45 - 000255488 _____ (IDT, Inc.) C:\Windows\system32\staco64.dll
2017-08-12 08:45 - 2017-08-12 08:45 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-08-12 08:44 - 2017-08-12 08:44 - 000032840 _____ (ELAN Microelectronic Corp.) C:\Windows\system32\Drivers\ETDSMBus.sys
2017-08-12 08:32 - 2017-08-27 22:50 - 000000000 ____D C:\ProgramData\ProductData
2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
2017-08-12 08:32 - 2017-08-12 08:33 - 000000000 ____D C:\Users\stefan\AppData\LocalLow\IObit
2017-08-12 08:32 - 2017-08-12 08:32 - 000027552 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2017-08-12 08:32 - 2017-08-12 08:32 - 000000000 ____D C:\Windows\IObit
2017-08-12 08:25 - 2017-08-12 08:25 - 000003704 _____ C:\Windows\System32\Tasks\DriverMaxWelcome
2017-08-12 08:25 - 2017-08-12 08:25 - 000003400 _____ C:\Windows\System32\Tasks\DriverMax Notification
2017-08-12 08:25 - 2017-08-12 08:25 - 000003388 _____ C:\Windows\System32\Tasks\DriverMaxAgent
2017-08-12 08:17 - 2017-08-12 08:17 - 000000000 ____D C:\Users\stefan\My Drivers
2017-08-12 08:16 - 2017-08-12 08:16 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Innovative Solutions
2017-08-12 08:16 - 2017-08-12 08:16 - 000000000 ____D C:\My Drivers
2017-08-10 23:59 - 2017-08-11 00:01 - 000000000 ____D C:\a825dba740bd34582f
2017-08-10 23:07 - 2017-08-11 09:30 - 000000000 ____D C:\Users\stefan\Downloads\sfc
2017-08-10 21:18 - 2017-08-10 21:20 - 000000000 ____D C:\5c75ead3829f90f090ae2d4808
2017-08-10 18:39 - 2017-08-10 18:39 - 000130016 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2017-08-10 17:43 - 2017-08-10 17:43 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2017-08-10 16:17 - 2017-08-10 16:17 - 000002263 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-10 16:17 - 2017-08-10 16:17 - 000002233 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2017-08-10 16:17 - 2017-08-10 16:17 - 000001411 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-08-10 16:17 - 2017-08-10 16:17 - 000001377 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2017-08-10 16:17 - 2017-08-10 16:17 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Sjablonen
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Netwerkprinteromgeving
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Mijn documenten
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Menu Start
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn video's
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn muziek
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\Documents\Mijn afbeeldingen
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Geschiedenis
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2017-08-10 16:17 - 2017-08-10 16:17 - 000000000 ____D C:\Users\Administrator
2017-08-10 16:17 - 2013-06-28 15:37 - 000000000 ____D C:\Users\Administrator\AppData\LocalGoogle
2017-08-10 16:17 - 2012-06-09 16:45 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\IObit
2017-08-10 16:17 - 2010-12-31 17:41 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Media Center Programs
2017-08-10 15:32 - 2017-08-10 15:34 - 000000000 ____D C:\MGADiagToolOutput
2017-08-10 15:32 - 2017-08-10 15:32 - 000000000 ____D C:\ProgramData\Office Genuine Advantage
2017-08-10 13:39 - 2017-08-10 13:39 - 000313366 _____ C:\Users\stefan\Downloads\WindowsUpdateDiagnostic.diagcab
2017-08-10 13:37 - 2017-08-10 13:39 - 000000000 ____D C:\b864874f161274144f
2017-08-10 13:32 - 2015-02-18 09:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2017-08-10 13:32 - 2015-02-18 09:04 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-08-10 10:54 - 2017-08-12 09:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.5
2017-08-10 10:54 - 2017-08-12 09:40 - 000000000 ____D C:\Program Files\Python 3.5
2017-08-10 08:24 - 2017-08-24 07:51 - 000000000 ____D C:\SFCFix
2017-08-10 08:10 - 2017-08-24 07:51 - 000000000 ____D C:\Users\stefan\AppData\Local\niemiro
2017-08-09 21:49 - 2017-08-09 21:49 - 000000000 ____D C:\4f42d37172017005abdf90d4e4ae7f9b
2017-08-09 21:46 - 2017-08-10 21:29 - 000000000 ____D C:\Users\stefan\AppData\Roaming\GlarySoft
2017-08-09 21:45 - 2017-08-10 21:29 - 000000000 ____D C:\Program Files (x86)\Glarysoft
2017-08-09 21:37 - 2017-08-09 21:39 - 000000000 ____D C:\124259902c8503bf0cfceb
2017-08-09 21:04 - 2017-08-09 21:04 - 000000000 ____D C:\Users\stefan\AppData\Local\NVIDIA
2017-08-09 21:00 - 2017-08-09 21:00 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-08-09 21:00 - 2016-11-14 11:09 - 007513855 _____ C:\Windows\system32\nvcoproc.bin
2017-08-09 20:59 - 2017-08-09 20:59 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-08-09 20:59 - 2016-12-07 13:08 - 000091192 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2017-08-09 20:59 - 2016-12-07 13:08 - 000076216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2017-08-09 20:58 - 2017-08-09 21:00 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-08-09 20:47 - 2017-08-09 20:49 - 000000000 ____D C:\ce51e115a100e2640a0e39dd055add
2017-08-09 19:39 - 2017-08-09 19:44 - 000000000 ____D C:\2d61a63ce7f37211318de35760a1
2017-08-09 18:57 - 2017-08-09 19:01 - 564744309 _____ C:\Users\stefan\Downloads\Windows6.1-KB947821-v34-x64.msu
2017-08-09 18:20 - 2017-08-09 18:27 - 947070088 _____ (Microsoft Corporation) C:\Users\stefan\Downloads\windows6.1-KB976932-X64.exe
2017-08-09 14:55 - 2017-08-09 14:57 - 000000000 ____D C:\dc04300b40b4c7a2e68eaddff4
2017-08-09 11:48 - 2017-08-09 11:48 - 000000000 ____D C:\Users\stefan\Downloads\eicfg_removal_utility
2017-08-09 11:24 - 2017-08-09 15:59 - 000002648 _____ C:\Windows\diagwrn.xml
2017-08-09 11:24 - 2017-08-09 15:59 - 000001908 _____ C:\Windows\diagerr.xml
2017-08-09 10:06 - 2017-08-09 10:06 - 000000000 ____D C:\Program Files (x86)\Belarc
2017-08-09 09:51 - 2017-08-09 09:54 - 000000000 ____D C:\0b9632262526aafaa89609b1
2017-08-09 08:07 - 2017-08-09 08:09 - 000000000 ____D C:\d4a37d9541a41d9611e143c200
2017-08-09 07:35 - 2017-08-09 07:37 - 000000000 ____D C:\8a131cd49804b940bbfa84
2017-08-09 07:04 - 2017-08-09 07:04 - 000000000 ____D C:\Windows\CheckSur
2017-08-08 20:31 - 2017-08-08 20:32 - 000000000 ____D C:\ba6bbdcc354e83841a4d81
2017-08-08 16:39 - 2017-08-08 16:39 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Sun
2017-08-08 16:39 - 2017-08-08 16:38 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-08-08 16:34 - 2017-08-08 16:35 - 000000000 ____D C:\ProgramData\Git
2017-08-08 16:34 - 2017-08-08 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
2017-08-08 16:31 - 2017-08-08 16:35 - 000000000 ____D C:\Program Files\Git
2017-08-06 15:11 - 2017-08-06 15:11 - 000039872 _____ C:\Users\stefan\Downloads\100km dodentocht2017.zip
2017-08-02 19:28 - 2017-08-09 17:19 - 000000816 _____ C:\Users\Public\Desktop\PowerISO.lnk
2017-08-02 19:28 - 2017-08-02 19:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerISO
2017-08-02 19:28 - 2017-08-02 19:28 - 000000000 ____D C:\Program Files\PowerISO
2017-08-02 19:28 - 2017-06-07 02:36 - 000138296 _____ (Power Software Ltd) C:\Windows\system32\Drivers\scdemu.sys
2017-08-02 18:47 - 2017-08-02 18:47 - 000000000 ____D C:\Users\Public\Documents\DAEMON Tools Images
2017-08-02 17:36 - 2017-08-02 17:36 - 000000000 ___HD C:\$AV_ASW
2017-08-02 16:36 - 2017-08-02 16:36 - 000000000 ____D C:\Users\stefan\Documents\Add-in Express
2017-08-02 16:14 - 2017-08-02 16:37 - 000000000 ____D C:\ProgramData\WinZip
2017-08-02 16:14 - 2017-08-02 16:14 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-08-02 16:13 - 2017-08-02 16:13 - 000000000 ____D C:\ProgramData\UniqueId
2017-08-02 13:15 - 2017-08-09 16:13 - 000000000 ____D C:\Users\stefan\Downloads\klachten steen
2017-07-29 10:56 - 2017-07-29 10:57 - 000000000 ____D C:\Users\stefan\Downloads\arduino
2017-07-29 10:41 - 2017-07-29 10:41 - 000000000 ____D C:\Program Files (x86)\Silabs
2017-07-29 10:40 - 2017-07-29 10:40 - 000000000 ____D C:\SiLabs


==================== Een Maand Gewijzigd bestanden en mappen ========


(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)


2017-08-28 20:18 - 2017-07-02 15:03 - 000000000 ____D C:\Users\stefan\AppData\LocalLow\Mozilla
2017-08-28 20:04 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-08-28 20:04 - 2009-07-14 06:45 - 000026192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-08-28 19:57 - 2012-10-13 22:39 - 000000000 ____D C:\Windows\registration
2017-08-28 19:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-08-28 17:29 - 2010-08-19 21:41 - 000000000 ____D C:\Users\stefan\Documents\svb
2017-08-28 16:21 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2017-08-28 13:44 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-08-28 11:51 - 2010-08-29 13:31 - 000000000 ____D C:\Users\stefan\AppData\Roaming\BitTorrent
2017-08-28 11:39 - 2014-11-04 11:20 - 000000000 ____D C:\AdwCleaner
2017-08-28 09:32 - 2010-08-19 15:28 - 000000000 ____D C:\Users\stefan
2017-08-28 09:31 - 2016-07-15 15:22 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-27 23:07 - 2015-09-28 17:18 - 000000000 ____D C:\Program Files (x86)\Advanced Scan to PDF Free
2017-08-27 23:04 - 2014-09-09 09:16 - 000000000 ____D C:\Program Files (x86)\wanscam
2017-08-27 23:03 - 2017-07-10 15:43 - 000000000 ____D C:\IPCClient
2017-08-27 23:03 - 2016-08-29 12:01 - 000000000 ____D C:\Program Files\A-FF Find and Mount
2017-08-27 23:03 - 2014-12-11 17:46 - 000000000 ____D C:\Program Files (x86)\DVDStyler
2017-08-27 23:03 - 2014-08-17 16:28 - 000000000 ____D C:\Program Files (x86)\DVD Shrink
2017-08-27 23:02 - 2010-08-20 10:51 - 000000000 ____D C:\Program Files (x86)\DVD Decrypter
2017-08-27 23:01 - 2016-01-07 12:46 - 000000000 ____D C:\Program Files (x86)\Icecream PDF Converter
2017-08-27 22:59 - 2016-08-02 12:20 - 000000000 ____D C:\Program Files (x86)\AceThinker PDF Writer
2017-08-27 22:58 - 2016-08-29 12:13 - 000000000 ____D C:\Program Files\PowerDataRecovery
2017-08-27 22:58 - 2015-01-19 14:58 - 000000000 ____D C:\Program Files (x86)\MiniTool Partition Wizard Free 9.0
2017-08-27 22:56 - 2017-07-07 09:09 - 000000000 ____D C:\Users\stefan\AppData\Roaming\Acrylic Wi-Fi Home
2017-08-27 22:56 - 2017-07-07 09:09 - 000000000 ____D C:\Program Files\Acrylic Wi-Fi Home
2017-08-27 22:40 - 2010-08-20 10:09 - 000000000 ____D C:\Users\stefan\AppData\Roaming\IObit
2017-08-27 22:06 - 2010-12-11 12:44 - 000000000 ____D C:\Windows\Driver Cache
2017-08-27 22:05 - 2011-10-16 09:44 - 000000000 ____D C:\Users\stefan\AppData\Local\TempImages
2017-08-27 22:05 - 2010-08-29 13:32 - 000000000 ____D C:\Program Files (x86)\BitTorrent
2017-08-26 15:40 - 2012-10-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-08-25 15:09 - 2009-11-14 05:50 - 001496908 _____ C:\Windows\system32\perfh013.dat
2017-08-25 15:09 - 2009-11-14 05:50 - 000403654 _____ C:\Windows\system32\perfc013.dat
2017-08-25 15:09 - 2009-07-14 07:13 - 000006722 _____ C:\Windows\system32\PerfStringBackup.INI
2017-08-25 13:45 - 2017-01-08 18:24 - 000000262 __RSH C:\ProgramData\ntuser.pol
2017-08-23 08:04 - 2017-03-12 16:42 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-08-22 19:26 - 2013-11-18 17:47 - 000000000 ____D C:\Users\stefan\Downloads\films
2017-08-22 18:46 - 2013-12-02 20:45 - 000000000 ____D C:\Users\stefan\AppData\Roaming\vlc
2017-08-21 09:01 - 2013-03-05 13:55 - 000000000 ____D C:\Program Files (x86)\Belgium Identity Card
2017-08-19 14:12 - 2014-11-03 12:28 - 000000000 ____D C:\Users\stefan\Downloads\tijdelijk
2017-08-18 18:14 - 2009-07-14 01:54 - 001000960 _____ (Microsoft Corporation) C:\Windows\system32\gpedit.dll
2017-08-18 18:14 - 2009-07-14 01:50 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\gptext.dll
2017-08-18 18:14 - 2009-07-14 01:38 - 000951808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpedit.dll
2017-08-18 18:14 - 2009-07-14 01:34 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gptext.dll
2017-08-17 17:55 - 2011-04-17 12:49 - 000000000 ____D C:\ProgramData\AVAST Software
2017-08-12 12:50 - 2013-06-03 14:25 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-08-12 12:50 - 2013-06-03 14:25 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-08-12 12:50 - 2013-06-03 14:25 - 000000000 ____D C:\Windows\system32\Macromed
2017-08-12 12:50 - 2009-11-13 22:05 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-08-12 10:54 - 2009-11-13 22:05 - 000000000 ____D C:\Windows\SysWOW64\Adobe
2017-08-12 10:54 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system
2017-08-12 10:52 - 2010-12-22 18:59 - 000006714 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-08-12 10:44 - 2014-07-30 14:26 - 000000000 ____D C:\ProgramData\Package Cache
2017-08-12 10:41 - 2014-10-28 22:07 - 000000000 ____D C:\Program Files\Java
2017-08-12 10:41 - 2013-10-23 15:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-12 10:40 - 2014-10-28 22:16 - 000096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-08-12 09:05 - 2015-11-19 12:40 - 000000000 ____D C:\Users\stefan\AppData\Local\Package Cache
2017-08-12 08:49 - 2012-12-08 12:33 - 000118816 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2017-08-12 08:45 - 2009-12-05 02:27 - 014060544 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2017-08-12 08:45 - 2009-12-05 02:27 - 004640256 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2017-08-12 08:45 - 2009-12-05 02:27 - 001425408 _____ (IDT, Inc.) C:\Windows\sttray64.exe
2017-08-12 08:45 - 2009-12-05 02:27 - 000564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
2017-08-12 08:45 - 2009-12-05 02:27 - 000442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2017-08-12 08:45 - 2009-12-05 02:27 - 000162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2017-08-12 08:45 - 2009-12-05 02:27 - 000090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2017-08-12 08:45 - 2009-12-05 02:27 - 000068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2017-08-12 08:32 - 2011-09-18 11:02 - 000000000 ____D C:\ProgramData\IObit
2017-08-12 08:32 - 2010-08-20 10:09 - 000000000 ____D C:\Program Files (x86)\IObit
2017-08-12 08:16 - 2011-10-27 12:07 - 000000000 ____D C:\Users\stefan\AppData\Local\Innovative Solutions
2017-08-10 21:15 - 2015-12-03 15:26 - 000000000 ____D C:\Program Files\Common Files\AV
2017-08-10 18:31 - 2009-07-14 07:08 - 000032556 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-10 16:17 - 2010-12-31 17:42 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-08-09 21:03 - 2009-12-05 02:54 - 000000000 ____D C:\ProgramData\NVIDIA
2017-08-09 16:22 - 2016-09-26 13:23 - 000000000 ____D C:\Users\stefan\Downloads\Wienerberger
2017-08-09 14:08 - 2012-10-13 14:17 - 000000000 ___HD C:\Windows\Minidump
2017-08-09 14:08 - 2010-08-21 16:52 - 000000000 ____D C:\Users\stefan\AppData\Roaming\DAEMON Tools Lite
2017-08-09 07:39 - 2010-11-29 18:09 - 000000000 ____D C:\Users\stefan\AppData\Local\ElevatedDiagnostics
2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-08-08 21:14 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\migwiz
2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\manifeststore
2017-08-08 21:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2017-08-08 21:13 - 2009-07-14 07:32 - 000000000 ____D C:\Program Files\Windows Defender
2017-08-08 21:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\oobe
2017-08-08 21:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\AdvancedInstallers
2017-08-08 20:31 - 2013-08-20 15:53 - 000000000 ____D C:\Windows\system32\MRT
2017-08-08 20:24 - 2010-08-21 16:47 - 140394280 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-08-08 19:46 - 2017-07-02 19:28 - 000000000 ____D C:\Python27
2017-08-08 16:42 - 2013-10-23 15:35 - 000000000 ____D C:\ProgramData\Oracle
2017-08-08 16:39 - 2014-10-28 22:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-08-04 07:37 - 2015-06-23 09:52 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-08-02 16:18 - 2011-08-23 09:55 - 000000000 ____D C:\Download
2017-07-29 10:40 - 2009-11-13 21:09 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-07-29 10:32 - 2013-03-05 13:42 - 000000000 ____D C:\Program Files\DIFX
2017-07-29 10:25 - 2011-11-05 00:00 - 000058368 _____ (??????????--??) C:\Windows\system32\Drivers\CH341S64.SYS
2017-07-29 10:25 - 2005-07-30 00:00 - 000006712 _____ (??????????--??) C:\Windows\SysWOW64\CH341PT.DLL
2017-07-29 10:05 - 2014-08-17 16:47 - 000000000 ____D C:\Program Files (x86)\PowerISO


==================== Bestanden in de root van sommige mappen =======


2013-08-30 18:00 - 2013-05-27 08:10 - 006583664 _____ (AVAST Software) C:\Program Files\AVA
2014-11-04 12:50 - 2014-11-04 12:50 - 000000201 _____ () C:\Program Files (x86)\1N5420HE.bat
2012-05-25 16:27 - 2015-03-04 17:52 - 000038459 _____ () C:\Users\stefan\AppData\Roaming\Door lijstscheidingstekens gescheiden waarden (Windows).ADR
2015-03-04 17:50 - 2015-03-04 17:50 - 000038447 _____ () C:\Users\stefan\AppData\Roaming\Door tabs gescheiden waarden (Windows).ADR
2013-08-08 11:08 - 2015-11-27 13:21 - 000000592 _____ () C:\Users\stefan\AppData\Roaming\wklnhst.dat
2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\AtStart.txt
2016-12-14 09:17 - 2016-12-14 09:17 - 000000000 _____ () C:\Users\stefan\AppData\Local\BIT273E.tmp
2016-05-01 12:45 - 2016-05-01 12:45 - 000000000 _____ () C:\Users\stefan\AppData\Local\BIT4115.tmp
2010-11-21 18:03 - 2014-06-12 11:05 - 000005632 _____ () C:\Users\stefan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\DSwitch.txt
2012-06-21 12:23 - 2013-09-11 17:16 - 000004096 ____H () C:\Users\stefan\AppData\Local\keyfile3.drm
2010-08-19 16:41 - 2010-08-19 16:41 - 000000000 _____ () C:\Users\stefan\AppData\Local\QSwitch.txt
2012-12-14 18:52 - 2012-12-14 18:52 - 000001464 _____ () C:\Users\stefan\AppData\Local\recently-used.xbel
2010-12-25 14:47 - 2012-11-25 12:42 - 000007634 _____ () C:\Users\stefan\AppData\Local\resmon.resmoncfg
2016-02-05 11:32 - 2016-02-05 11:32 - 000353118 _____ () C:\Users\stefan\AppData\Local\SquareClock.Production_HBMV1Icon.ico
2016-12-25 12:27 - 2016-12-25 12:27 - 000000182 _____ () C:\Users\stefan\AppData\Local\uts.ini
2010-11-21 18:01 - 2010-11-21 18:07 - 000000088 __RSH () C:\ProgramData\1AEE2A949C.sys
2010-08-19 16:41 - 2017-04-25 15:30 - 000000748 _____ () C:\ProgramData\HPWALog.txt
2010-11-21 18:01 - 2017-05-18 16:52 - 000002828 ___SH () C:\ProgramData\KGyGaAvL.sys
2010-11-26 15:18 - 2010-12-10 09:18 - 000000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-07-30 11:44 - 2015-07-30 11:44 - 000004934 _____ () C:\ProgramData\tjuhahbw.brs


Sommige bestanden in TEMP:
====================
2017-08-12 08:27 - 2017-08-12 08:27 - 006048120 _____ (Innovative Solutions ) C:\Users\stefan\AppData\Local\Temp\update170812.exe


==================== Bamital & volsnap ======================


(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2011-06-25 22:15


==================== Eind van FRST.txt ===========
 
Re: redirecting to us.search.yahoo.com

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 20-08-2017
Gestart door stefan (28-08-2017 21:18:05)
Gestart vanaf C:\Users\stefan\Downloads
Windows 7 Home Premium (X64) (2010-08-19 13:28:39)
Boot Modus: Normal
==========================================================




==================== Accounts: =============================


Administrator (S-1-5-21-998262437-1437487422-401129983-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-998262437-1437487422-401129983-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-998262437-1437487422-401129983-1002 - Limited - Enabled)
stefan (S-1-5-21-998262437-1437487422-401129983-1001 - Administrator - Enabled) => C:\Users\stefan


==================== Security Center ========================


(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)


AV: Microsoft Security Essentials (Disabled - Up to date) {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Microsoft Security Essentials (Disabled - Up to date) {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}


==================== Geïnstalleerde programma's ======================


(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)


1AVMonitor version 1.7.8.11 (HKLM-x32\...\{B1D0FF50-8C97-45A2-84A7-05E1C05395F8}_is1) (Version: 1.7.8.11 - PCWinSoft Systems Informatica Ltda)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ACS Unified PC/SC Driver 4.0.0.7 (HKLM\...\{A3284A5C-2932-4FEC-974B-34CD3FFDC954}) (Version: 4.0.7 - Advanced Card Systems Ltd.)
ActiveCheck component for HP Active Support Library (HKLM-x32\...\{254C37AA-6B72-4300-84F6-98A82419187E}) (Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Reader X (10.1.0) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AA1000000001}) (Version: 10.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 15.0.2674.10091 - AKVIS)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Anime Studio Pro 9.5 (HKLM\...\Anime Studio Pro_is1) (Version: 9.5 - Smith Micro Software, Inc.)
Any Video Converter Professional 3.0.7 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.0 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.5.2303 - AVAST Software)
Avidemux 2.5 (HKLM-x32\...\Avidemux 2.5) (Version: 2.5.3.0 - )
Axon7Toolkit (HKLM-x32\...\{8AF9CA00-7B7E-41FE-BD1D-E8BC35C97EE3}_is1) (Version: 1.1.1 - benkores)
Belgium e-ID middleware 4.2.8 (build 3252) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73252}) (Version: 4.2.3252 - Belgian Government)
Bing Bar Platform (HKLM-x32\...\{65C0025A-2CDE-43C5-82D0-C7A56EF0DB39}) (Version: 6.3.2322.0 - Microsoft Corporation) Hidden
Binreader (HKLM-x32\...\{3D47B2C0-8748-4450-99AE-0746A5A74C8E}) (Version: 1.0.0 - Binreader)
Boilsoft Video Splitter 6.34 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CinemaHD 4 Free (HKLM-x32\...\{A2FA92C7-DEEE-4508-8BC3-F0A85B5FADA8}) (Version: 4.0.5533.27174 - Engelmann Media GmbH) Hidden
CinemaHD 4 Free (HKLM-x32\...\{d6fdf5fc-8c5f-48c0-a314-83b565e1dc97}) (Version: 4.0.5533.27229 - Engelmann Media GmbH)
Clone Files Checker (HKLM-x32\...\Clone Files Checker_is1) (Version: 3.0 - SORCIM Technologies Pvt Ltd)
Compatibiliteitspakket voor het 2007 Microsoft Office system (HKLM-x32\...\{90120000-0020-0413-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Contents (HKLM-x32\...\{D7D99A66-493F-468B-BCE1-6F88612B89D5}) (Version: 1.6.1.109 - Corel Corporation) Hidden
Convert XLS (HKLM-x32\...\Convert XLS_is1) (Version: - Softinterface, Inc.)
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation)
Corel PaintShop Photo Pro X3 (HKLM-x32\...\{DA4BF4BE-3CDC-43B5-BBDA-DDDA73103111}) (Version: 1.00.0000 - Corel Corporation) Hidden
CPUID CPU-Z 1.62 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2111 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM-x32\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.1.1005 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2201 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 5.0.1.0406 - Disc Soft Ltd)
DDR - Pen Drive Recovery (DEMO) 4.0.1.6 (HKLM-x32\...\DDR - Pen Drive Recovery (DEMO)) (Version: 4.0.1.6 - )
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DeviceIO (HKLM-x32\...\{D3BCC13A-E4F2-45EE-846F-D143CEDDDBCB}) (Version: 1.6.1.109 - Corel Corporation) Hidden
DiskInternals Linux Reader (HKLM-x32\...\DiskInternals Linux Reader) (Version: 2.6 - DiskInternals Research)
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.0.4.2 - DivX, Inc. )
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version: - EaseUS)
EaseUS Partition Master 11.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
Easy GIF Animator 5.5 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 5.0 - Karlis Blumentals)
EasyTune version 1.2.3 (HKLM-x32\...\{F015AA47-5058-47F7-A877-7F864BEC3E1A}_is1) (Version: 1.2.3 - Sly Software Solutions)
FastStone Photo Resizer 3.0 (HKLM-x32\...\FastStone Photo Resizer) (Version: 3.0 - FastStone Soft.)
Firefox ActiveX Plugin r39 (HKLM\...\{97F2985C-B74A-4672-960E-E3769AE5657A}}_is1) (Version: - )
Freemake Audio Converter versie 1.1.8 (HKLM-x32\...\Freemake Audio Converter_is1) (Version: 1.1.8 - Ellora Assets Corporation)
Git version 2.14.0.2 (HKLM\...\Git_is1) (Version: 2.14.0.2 - The Git Development Community)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.101 - Google Inc.)
Google Earth (HKLM-x32\...\{A0C18B96-AB79-46BD-8321-6FA83E6D25B9}) (Version: 7.1.7.2606 - Google)
Google Earth (HKLM-x32\...\{B3FED300-806C-11E0-A0D0-B8AC6F97B88E}) (Version: 6.0.3.2197 - Google)
Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GrabIt 1.7.3 Beta (build 1010) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
Handbrake 0.9.4 (HKLM-x32\...\Handbrake) (Version: 0.9.4 - )
Handset WinDriver 1.02.03.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.03.00 - Huawei technologies Co., Ltd.)
HomeByMe (HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\SquareClock_Production_HBMV1) (Version: - 3DVIA SAS)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.3.9512.3162 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{4F38594F-2C4A-4C42-B2C4-505E225F6F80}) (Version: 11.14.0004 - HP)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.7.1 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{54CC7901-804D-4155-B353-21F0CC9112AB}) (Version: 3.50.9.1 - Hewlett-Packard)
HPAsset component for HP Active Support Library (HKLM-x32\...\{669D4A35-146B-4314-89F1-1AC3D7B88367}) (Version: 3.0.0.3 - Hewlett-Packard) Hidden
HyperCam 2 (HKLM-x32\...\HyperCam 2) (Version: 2.27.01 - Hyperionics Technology LLC)
ICA (HKLM-x32\...\{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.109 - Corel Corporation) Hidden
iCare Data Recovery Pro (HKLM-x32\...\{F7EAB243-4D0C-47F5-A4F1-74D350E45489}_is1) (Version: 7.6 - iCare Recovery)
Icecream Screen Recorder versie 4.89 (HKLM-x32\...\{7ADEC622-3230-4C9A-9DCE-9BD462B74095}_is1) (Version: 4.89 - Icecream Apps)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6230.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.4.2.0 - LIGHTNING UK!)
Infix PDF Editor versie 6.1.9.0 (HKLM-x32\...\83FFB914-6FA7-4F1F-807E-E0FFBA2E49E1_is1) (Version: 6.1.9.0 - Iceni Technology)
InternetCalls (HKLM-x32\...\InternetCalls_is1) (Version: 4.11 build 688 - Finarea S.A. Switzerland)
IPM_PSP_Pro (HKLM-x32\...\{DCD941B6-F2E7-4FAF-B102-F7D4DE5FF99A}) (Version: 1.00.0000 - Corel Corporation) Hidden
Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
KeyTweak - Keyboard Remapper (remove only) (HKLM-x32\...\KeyTweak) (Version: - )
K-Lite Codec Pack 9.5.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.5.5 - )
KML/KMZ to GPX Converter 1.2.2009.11 (HKLM-x32\...\KML/KMZ to GPX Converter_is1) (Version: - HotelResortClub.com)
Lexmark 1300 Series (HKLM\...\Lexmark 1300 Series) (Version: - Lexmark International, Inc.)
Lexmark X1100 Series (HKLM-x32\...\Lexmark X1100 Series) (Version: - Lexmark International, Inc.)
Lighten PDF to Word Converter (Giveawayoftheday) version 4.0.0 (HKLM-x32\...\{C2401A6F-6002-4137-99B8-C30FA92147F3}_is1) (Version: 4.0.0 - Lighten Software Limited)
LightScribe System Software (HKLM-x32\...\{CC8E94A2-55C7-4460-953C-2A790180578C}) (Version: 1.18.8.1 - LightScribe)
Macrium Reflect Free Edition (HKLM\...\{330CEE90-4706-4FF6-82B7-7B82C8F850C9}) (Version: 5.0.5154 - Paramount Software (UK) Ltd.)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.10.10 - Magical Jelly Bean)
MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - )
MailWasher (HKLM-x32\...\{AAC06A0D-1DDF-4337-AB06-18DB2FA42FA1}) (Version: 7.2.0 - Firetrust)
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaCoder 0.7.0-rc1 (HKLM-x32\...\MediaCoder) (Version: 0.7.0-rc1 - Broad Intelligence)
MediaInfo 0.7.35 (32-bit) (HKLM-x32\...\MediaInfo) (Version: 0.7.35 - MediaArea.net)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Keyboard Layout Creator 1.4 (HKLM-x32\...\{99E66BC9-E4B6-485F-ABFC-31EFCE36DFDF}) (Version: 1.4.6000 - Microsoft Corp.)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Outlook Personal Folders Backup (HKLM-x32\...\{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}) (Version: 1.10.0.0 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{5158F1F5-FA1B-4D49-B546-55A5004B89BD}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's (HKLM-x32\...\{90120000-00B2-0413-0000-0000000FF1CE}) (Version: 12.0.4518.1017 - Microsoft Corporation)
Minimal ADB and Fastboot version 1.3.1 (HKLM-x32\...\{26AC9666-A2C6-4D33-8370-A50F50F277C4}_is1) (Version: 1.3.1 - Sam Rodberg)
MKVtoolnix 4.4.0 (HKLM-x32\...\MKVtoolnix) (Version: 4.4.0 - Moritz Bunkus)
MLE (HKLM-x32\...\{D84B7C7E-2E4D-4002-8CA8-EED4EDB333AC}) (Version: 1.0.0.23 - Corel Corporation) Hidden
Mozilla Firefox 31.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 nl)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MP3 Cutter 2 (HKLM-x32\...\MP3 Cutter_is1) (Version: - MP3Cutter.org)
Mp3tag v2.78 (HKLM-x32\...\Mp3tag) (Version: v2.78 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Netcam Studio - 64-bit (HKLM\...\{15EA5AE0-5406-421C-8F76-E7A512E312DE}) (Version: 1.1.9.0 - Moonware) Hidden
Netcam Studio - 64-bit (HKLM\...\Netcam Studio - 64-bit 1.1.9.0) (Version: 1.1.9.0 - Moonware)
Nitro Reader 3 (HKLM\...\{9EA981E5-EE67-4662-86F1-58937D31FE07}) (Version: 3.5.6.5 - Nitro)
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.3 - Notepad++ Team)
NVIDIA Grafisch stuurprogramma 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 17.0.2 - OBS Project)
oPlayer (HKLM-x32\...\{AA1B7F27-A49D-4D7F-9755-570AF5597160}) (Version: 1.0.30 - object)
Outlook Password by Thegrideon Software (HKLM-x32\...\Outlook Password) (Version: - Thegrideon Software)
Paragon Backup & Recoveryâ„¢ 2012 Free (HKLM-x32\...\{C268B5E1-A5DA-11DF-A289-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF To Excel Converter V3.0 (HKLM-x32\...\PDF To Excel Converter_is1) (Version: - hxxp://www.PDFExcelConverter.com)
PoiEdit (HKLM-x32\...\PoiEdit) (Version: - )
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.1 - Popcorn Time) <==== AANDACHT
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3311 - CyberLink Corp.)
PowerDirector (HKLM-x32\...\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3311 - CyberLink Corp.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.9 - Power Software Ltd)
PSPH10Pro (HKLM-x32\...\{DA4A2F61-1E26-4D51-94BB-36D77678BDAD}) (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPContent (HKLM-x32\...\{DF8B9311-ADE7-4EDE-B121-326CAA3D225D}) (Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (HKLM-x32\...\{DCF1928A-FC01-48E7-A7E6-4651D42EF6A1}) (Version: 13.0.0 - Corel Corporation) Hidden
PureHD (HKLM-x32\...\{D875FFEE-2FCE-4774-902A-749198C00A68}) (Version: 1.6.1.109 - Corel Corporation) Hidden
PVSonyDll (HKLM\...\{3D3E663D-4E7E-4577-A560-7ECDDD45548A}) (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Python 2.7.12 (64-bit) (HKLM\...\{9DA28CE5-0AA5-429E-86D8-686ED898C666}) (Version: 2.7.12150 - Python Software Foundation)
Python 3.5.0 (64-bit) (HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\{e599f76f-2b95-44da-a280-77548b1b2a21}) (Version: 3.5.150.0 - Python Software Foundation)
Python 3.5.0 Add to Path (64-bit) (HKLM\...\{810503AC-4E50-4A21-BD5A-BFA973480B35}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Core Interpreter (64-bit) (HKLM\...\{9D059C5B-80A5-46AA-BC8A-FD41E89D0A49}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Development Libraries (64-bit) (HKLM\...\{6EA6724A-71C6-43EE-BE9F-80E3C0DC8A4F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Executables (64-bit) (HKLM\...\{9C67D7CC-26D3-4535-9D0A-F4591AD9B11F}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Launcher (32-bit) (HKLM-x32\...\{A095BD6B-4F39-46A4-9AA1-8F7296492974}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 pip Bootstrap (64-bit) (HKLM\...\{6ADAF31E-EEE6-4251-BE5A-EFD7868D3930}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Standard Library (64-bit) (HKLM\...\{5741118B-D61A-4F27-BB80-0CAED22FE20B}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Tcl/Tk Support (64-bit) (HKLM\...\{47483182-8783-45CB-9120-77FDB241E2FF}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Test Suite (64-bit) (HKLM\...\{B2AB1292-01D1-4972-BF56-43531A2AA3BA}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
Python 3.5.0 Utility Scripts (64-bit) (HKLM\...\{2B5129D0-C4C1-4322-8888-D0B6CDA6DCD2}) (Version: 3.5.150.0 - Python Software Foundation) Hidden
QLBCASL (HKLM-x32\...\{F1D7AC58-554A-4A58-B784-B61558B1449A}) (Version: 6.40.17.2 - Hewlett-Packard) Hidden
Quick Image Resizer 2.7.1 (HKLM-x32\...\DzSoftWebPhotoResizer_is1) (Version: 2.7.1 - DzSoft Ltd)
QuickMirror (HKLM-x32\...\QuickMirror) (Version: - )
QuickTime (HKLM-x32\...\{8DC42D05-680B-41B0-8878-6C14D24602DB}) (Version: 7.55.90.70 - Apple Inc.)
Radmin Viewer 3.5 (HKLM-x32\...\{199127DC-7BDB-41AB-825B-4229A86F8F0D}) (Version: 3.50.0000 - Famatech)
Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0007 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.2214 - CyberLink Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.850.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Secure Hunter Anti-Malware Professional Edition version 1.0.1.256 (HKLM-x32\...\E32E9E8D-BCF7-4763-BD25-121500F05460_is1) (Version: 1.0.1.256 - SecureHunter, LLC.)
Security Monitor Pro 5 (HKLM-x32\...\Security Monitor Pro DotNet5_is1) (Version: - DeskShare Inc.)
Setup (HKLM-x32\...\{D1612A3D-0DCC-4055-BB6A-0036F31158A0}) (Version: 1.6.1.109 - Corel Corporation) Hidden
Setup Wizard (HKLM-x32\...\{665C721C-49A3-49E9-AED0-EBEDC1327D57}) (Version: - )
Share (HKLM-x32\...\{D94ABC2B-5CA9-48B2-9266-15AB78384D3C}) (Version: 1.6.1.109 - Corel Corporation) Hidden
Share64 (HKLM\...\{D5FE818E-F1C7-44F8-A3C0-C08761906E27}) (Version: 1.6.1.109 - Corel Corporation) Hidden
SharpKeys (HKLM-x32\...\{636E94DA-99C0-448F-A931-3DAD83B4975F}) (Version: 3.5.0000 - RandyRants.com)
Silicon Laboratories CP210x USB to UART Bridge (Driver Removal) (HKLM-x32\...\SLABCOMM&10C4&EA60) (Version: - Silicon Laboratories)
Silicon Laboratories CP210x VCP Drivers for Windows XP/2003 Server/Vista/7 (HKLM-x32\...\{3DEE7030-D3B8-4ABE-92AA-A6BAF67EF762}) (Version: 6.5 - Silicon Laboratories, Inc.)
SketchUp 2016 (HKLM\...\{E2B66CF6-ABA0-4E5F-B426-7478B18301AE}) (Version: 16.1.1449 - Trimble Navigation Limited)
Some PDF Images Extract 2.0 (HKLM-x32\...\Some PDF Images Extract_is1) (Version: - SomePDF.com)
STK02N 2.4 (HKLM-x32\...\{E42E07F5-5A90-4BA9-B55A-79FCF9EAF9B5}) (Version: 2.4 - Syntek)
Stuurprogrammapakket voor Windows - Advanced Card Systems Ltd. Unified PC/SC Driver (05/30/2015 4.0.0.7) (HKLM\...\1955D686C48CCCD0F157D8D8170D36D03D484A51) (Version: 05/30/2015 4.0.0.7 - Advanced Card Systems Ltd.)
Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) (HKLM\...\3FE3642036A0F4AEC17772437CE14BB1E67006AA) (Version: 10/04/2011 4.0.0.5 - Fedict)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
Sweet Home 3D version 5.1 (HKLM\...\Sweet Home 3D_is1) (Version: 5.1 - eTeks)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.42.2 - Synaptics Incorporated)
Taalpakket voor Microsoft .NET Framework 4.5 - NLD (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50709 - Microsoft Corporation)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Uw bedrijfsnaam)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Video Converter 3.70 100621 (HKLM-x32\...\Total Video Converter 3.70_is1) (Version: - EffectMatrix Inc.)
TrainingPeaks Device Agent (HKLM-x32\...\{04D7046E-DCCF-42AB-A501-177968C6F870}) (Version: 3.0.93 - TrainingPeaks)
Trogon MAC Scanner version 2.5 (HKLM-x32\...\{8F9216E8-21AC-4307-AE08-F5CBBCBEFE53}_is1) (Version: 2.5 - Trogon Software)
Trust1Connector (HKLM\...\{940F66A7-B6A6-4D93-B4DA-541781484946}) (Version: 1.2.4 - Trust1team)
Undelete 360 (HKLM-x32\...\Undelete 360_is1) (Version: - File Recovery Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_PROPLUS_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version: - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_PROPLUS_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version: - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_PROPLUS_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.4053 (HKLM-x32\...\{5EE7D259-D137-4438-9A5F-42F432EC0421}) (Version: 1.1.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Video Cartoonizer versie 1.4.0 (HKLM-x32\...\{24DA5847-2D6E-41F0-AACD-99B311A162F5}_is1) (Version: 1.4.0 - Cartoonizevideo.com)
VideoActiveX version 1.1.0.1 (HKLM\...\VideoActiveX_is1) (Version: 1.1.0.1 - Fov)
VideoLAN Movie Creator (HKLM-x32\...\VLMC) (Version: - )
Vidmex 1.39 (HKLM-x32\...\Vidmex) (Version: - )
VIO (HKLM-x32\...\{D9C4FA35-7C6B-4C9E-863B-58C4D7472F41}) (Version: 1.6.1.109 - Corel Corporation) Hidden
VlanOn (HKLM-x32\...\{7A79858F-FA77-4051-8B57-46D3AB10FF87}) (Version: 3.0.0 - Belgacom)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.5.1 - VideoLAN)
web control version 1.0.0.9 (HKLM-x32\...\{7DEBACD4-13DE-46DF-974F-F3F264D1E897}_is1) (Version: 1.0.0.9 - )
Who Is On My Wifi version 2.1.2 (HKLM-x32\...\{010D45A1-093D-4534-8147-4E10E80F81CC}_is1) (Version: 2.1.2 - IO3O LLC)
Winamp (HKLM-x32\...\Winamp) (Version: 5.61 - Nullsoft, Inc)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter) (Version: 11.6.1.4734 - ZJMedia Digital Technology Ltd.)
Windows Live - Hulpprogramma voor uploaden (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Live aanmeldhulp (HKLM-x32\...\{1BD6AE96-4742-4498-9D03-9451C7E5A214}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{CD19EDD9-1632-4002-9212-7478E4BA0423}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version: - )
Windows Mobile Apparaatcentrum (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Resource Kit Tools (HKLM-x32\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
Windows-stuurprogrammapakket - Silicon Laboratories Inc. (silabser) Ports (09/19/2016 6.7.4.261) (HKLM\...\9E2C239D42290B984A9E2B350A67AF8BC8BD11B9) (Version: 09/19/2016 6.7.4.261 - Silicon Laboratories Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
Wondershare PDF Converter (Build 4.0.5) (HKLM-x32\...\{A888A8D1-ACCB-4EBE-AAA8-903D2B8FB6A4}_is1) (Version: 4.0.5 - Wondershare Software)
XiaoMiFlash (HKLM-x32\...\{9AF75396-D38E-4F07-831C-9F78923DC015}) (Version: 1.0.0 - XiaoMi)
Xilisoft Video Converter Ultimate 6 (HKLM-x32\...\Xilisoft Video Converter Ultimate 6) (Version: 6.0.7.0707 - Xilisoft)
YoutubeMovieMaker (HKLM-x32\...\{E084C471-FA8F-4468-93F1-25B3A13ED942}) (Version: 15.06 - Youtube Movie Maker)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
ZTE Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2104.1.02B08 - ZTE Corporation)


==================== Aangepaste CLSID (gefilterd): ==========================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


CustomCLSID: HKU\S-1-5-21-998262437-1437487422-401129983-1001_Classes\CLSID\{DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611}\InprocServer32 -> C:\Program Files\Macrium\Reflect\RShellExt.dll (Paramount Software UK Ltd)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> Geen bestand
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
ContextMenuHandlers1: [Advanced SystemCare] -> {7C8D3E6A-13A6-4D8F-BF77-D267D0F9AC21} => -> Geen bestand
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2017-01-17] ()
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
ContextMenuHandlers1: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
ContextMenuHandlers1: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\system32\mscoree.dll [2009-11-25] (Microsoft Corporation)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers2: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
ContextMenuHandlers2-x32: [Ulead UDF Driver] -> {DBD8E168-244D-448C-9922-25508950D1DC} => c:\Program Files (x86)\Common Files\Ulead Systems\DVD\USIShex.dll [2010-01-07] (Ulead Systems, Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
ContextMenuHandlers4: [Corel.Paint.Shop.Pro.Photo] -> {B1D2CD8F-45E9-49d1-838A-AAA5780D94B7} => c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll [2009-12-30] ()
ContextMenuHandlers4: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2016-06-25] (Florian Heidenreich)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-06-14] (Igor Pavlov)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-08-17] (AVAST Software)
ContextMenuHandlers6: [MagicISO] -> {DB85C504-C730-49DD-BEC1-7B39C6103B7A} => C:\Program Files (x86)\MagicISO\misosh64.dll [2008-05-23] (MagicISO, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2017-06-07] (Power Software Ltd)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2013-08-13] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] ()
ContextMenuHandlers2_S-1-5-21-998262437-1437487422-401129983-1001: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RShellExt.dll [2012-09-25] (Paramount Software UK Ltd)


==================== Geplande Taken (gefilterd) =============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


Task: {05AA8D5C-2E39-415A-AD11-8719E9B26F0A} - System32\Tasks\{28E822A4-7C70-4D37-B8AE-CA22A4F6A638} => C:\Windows\system32\pcalua.exe -a C:\Users\stefan\Downloads\HijackThis.exe -d C:\Users\stefan\Downloads
Task: {0CC7AFB3-604C-4879-9BF4-A4CCCB973371} - System32\Tasks\{8D138075-FAE3-4CCD-83DA-4BD463311536} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
Task: {17C6D178-67D7-4257-B2C6-376950F74738} - System32\Tasks\{DFF49360-BD51-461E-A010-BA4CE0F04B90} => E:\setup.EXE
Task: {230D6B55-C59C-4BCE-B18C-4BAC3D125592} - System32\Tasks\{7B305C36-23EC-4969-A9F3-22A9475C342E} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
Task: {24E4B1A8-35FE-4631-9630-FE59AE291848} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-08-17] (AVAST Software)
Task: {25A9B684-A0CB-4567-AB30-F0057E544E2D} - System32\Tasks\{502B6831-3981-4F48-A463-56E58B880ED2} => C:\Windows\system32\pcalua.exe -a E:\Setup.EXE -d E:\
Task: {2652441E-524D-4F95-B9F6-23E8025A7CB1} - System32\Tasks\GoogleUpdateTaskMachineUA1ce5addc77f728d => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2A5E202D-2824-43C3-9AAC-86F1B0CC3E90} - System32\Tasks\GoogleUpdateTaskMachineCore1ce5addc5af66b1 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2E9FABAB-8123-43A7-BF97-0B6478DE50CB} - System32\Tasks\DriverMaxAgent => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {358483FC-B34C-453E-8D3D-B86D08831992} - System32\Tasks\DriverMaxWelcome => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {55D95FA7-0989-42AA-80F2-F7A9E3027322} - System32\Tasks\{3C913616-DD03-4C81-A0B6-681495F66050} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
Task: {58822575-8344-44A0-9E1B-7A1ABAEE9FC1} - System32\Tasks\{EA3854A3-BC27-48DE-9188-3991A34B650D} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
Task: {59F1338E-D491-4B41-866E-7DA450BBFCC4} - System32\Tasks\{65856AB6-3200-401F-9032-6E482F4BAFB8} => C:\drivers\printer\X1100\drivers\Win_XP2K\x64\lxbkpswx.exe
Task: {5DCD3BC4-928F-45E9-89F0-617C7C6F457A} - System32\Tasks\{4CED938E-BE32-456C-9147-70D059E4F472} => C:\Users\stefan\Downloads\Yamb-2.1.0.0_beta2_setup.exe
Task: {649F0326-3258-4BFC-B68B-6B3CA1EBFBB4} - \ASC4_AutoUpdate -> Geen bestand <==== AANDACHT
Task: {7BFAFB64-1FB2-4F24-BD20-2B2B6FE10AF5} - System32\Tasks\{8FFFBB29-2922-49EF-AAFF-D2737E65B10C} => C:\drivers\printer\X1100\drivers\Win_XP2K\x64\lxbkpswx.exe
Task: {807F7B23-8586-44E3-836D-75A4E2C0867A} - System32\Tasks\{720AE88A-C7F7-45DB-8DE1-C915C8B400AF} => C:\Users\stefan\Downloads\mp4muxer-0.9.3.exe
Task: {841178C5-75EC-4C46-BC8C-808918FD99F3} - System32\Tasks\{6AB0207F-E1C6-483E-A090-84D63C10B272} => C:\Windows\system32\pcalua.exe -a C:\Users\stefan\Downloads\YambInstaller-2.0.0.8.exe -d C:\Users\stefan\Downloads
Task: {875D6F3B-B47B-40D3-B8EB-C654F8FCE214} - System32\Tasks\SafeZone scheduled Autoupdate 1458730726 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
Task: {92849CE9-49A0-4FD4-A678-6C52DE18D1BB} - System32\Tasks\Games\UpdateCheck_S-1-5-21-998262437-1437487422-401129983-1001
Task: {9325B766-2EE4-4514-B0CF-1DFFDBF13560} - System32\Tasks\DriverNavigator Scheduled Scan => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
Task: {AF658E01-9E7B-40C8-85F5-3DF0487C394E} - System32\Tasks\{2513C8B7-F409-4066-817F-A6830AA3D9E1} => C:\Program Files\Lexmark X1100 Series\Drivers\X64\lxbkpswx.exe
Task: {B1500430-0EF5-45FF-8102-12692FF90F94} - System32\Tasks\{06A5BB1A-8257-47ED-947C-D7F7DB28075F} => C:\Users\stefan\Downloads\cjsX1100EN.exe
Task: {C5443D95-30B5-45B4-A4F2-56C55B45D4C7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-08-12] (Adobe Systems Incorporated)
Task: {C5DC4C65-F593-48AC-8FC6-5DF45E4D941D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {D3FF0F42-252F-40D9-AA10-E42D7ACD9EC0} - System32\Tasks\DriverMax Notification => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
Task: {E3BF5A61-0589-4D4C-82E4-C35D3CC23C98} - System32\Tasks\{BD494A44-939E-4B28-8488-43E84E13618C} => C:\Users\stefan\Downloads\mp4creator\mp4creator.exe
Task: {E6A4402E-BD9C-4D56-B126-91949F9173F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E8058091-90EC-4F21-B5C0-9C649EF3A120} - System32\Tasks\{287F1535-A371-4FA0-84EE-ED985693A317} => C:\Users\stefan\Downloads\mp4muxer-0.9.3.exe


(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job => C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe
Task: C:\Windows\Tasks\HPCeeScheduleForstefan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe


==================== Snelkoppelingen & WMI ========================


(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)




Shortcut: C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamb 2.1.0.0 beta 2\Yamb - Website.lnk -> hxxp://yamb.unite-video.com
Shortcut: C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\EPB Software Vlaanderen 1.7.1\EPB Software Vlaanderen 1.7.1.lnk -> C:\Program Files (x86)\EPB Software Vlaanderen 1.7.1\start.bat ()


ShortcutWithArgument: C:\Users\stefan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"


==================== Geladen Modules (gefilterd) ==============


2017-06-02 17:21 - 2013-08-26 14:12 - 000087040 _____ () C:\Windows\System32\redmonnt.dll
2010-10-09 18:48 - 2010-03-15 11:28 - 000166400 _____ () C:\Program Files\WinRAR\rarext.dll
2009-12-30 19:48 - 2009-12-30 19:48 - 000124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2017-01-17 03:30 - 2017-01-17 03:30 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-08-17 17:58 - 2017-08-17 17:58 - 000162032 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000831664 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000276808 _____ () c:\Program Files\AVAST Software\Avast\x64\StreamBack.dll
2017-08-08 10:48 - 2017-08-02 09:39 - 003824472 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libglesv2.dll
2017-08-08 10:48 - 2017-08-02 09:39 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.90\libegl.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000170224 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000192664 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000224256 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-08-28 11:23 - 2017-08-28 11:23 - 005895544 _____ () C:\Program Files\AVAST Software\Avast\defs\17082800\algo.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000689272 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-08-17 17:59 - 2017-08-17 17:59 - 000231664 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-08-17 18:00 - 2017-08-17 18:00 - 001065936 _____ () C:\Program Files\AVAST Software\Avast\AvChrome.dll
2017-08-17 18:00 - 2017-08-17 18:00 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-17 17:58 - 2017-08-17 17:58 - 000292920 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-07-17 19:30 - 2017-07-17 19:30 - 000863744 _____ () C:\Windows\mod_frst.exe


==================== Alternate Data Streams (gefilterd) =========


(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]


==================== Veilige Modus (gefilterd) ===================


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"


==================== Bestandskoppeling (gefilterd) ===============


(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)




==================== Internet Explorer vertrouwde/beperkte toegang ===============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alipay.com -> hxxps://alipay.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alipay.com -> hxxp://alipay.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alisoft.com -> hxxps://alisoft.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\alisoft.com -> hxxp://alisoft.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\allsubs.org -> hxxps://www.allsubs.org
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\google.com -> hxxps://mail.google.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\ondertitel.com -> hxxps://www.ondertitel.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\taobao.com -> hxxps://taobao.com
IE trusted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\taobao.com -> hxxp://taobao.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\00hq.com -> Pheenix - Buy this domain today. | 00HQ.com is for sale.
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-2005-search.com -> 1-2005-search.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-998262437-1437487422-401129983-1001\...\1-se.com -> 1-se.com


Er zijn 11085 Meer websites.




==================== Hosts inhoud: ===============================


(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)


2009-07-14 04:34 - 2014-09-10 10:01 - 000000824 ____N C:\Windows\system32\Drivers\etc\hosts




==================== Andere gebieden ============================


(Momenteel is er geen automatische fix voor dit onderdeel.)


HKU\S-1-5-21-998262437-1437487422-401129983-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\stefan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 0)
Windows Firewall is ingeschakeld.


==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==


MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdvancedSystemCareService => 2
MSCONFIG\Services: bthserv => 2
MSCONFIG\Services: Com4QLBEx => 2
MSCONFIG\Services: Disc Soft Lite Bus Service => 3
MSCONFIG\Services: FirebirdServerDefaultInstance => 2
MSCONFIG\Services: GCL Service => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hpqwmiex => 2
MSCONFIG\Services: LightScribeService => 2
MSCONFIG\Services: lxdc_device => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NetcamStudioSvc64 => 3
MSCONFIG\Services: NitroReaderDriverReadSpool3 => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: ReflectService.exe => 2
MSCONFIG\Services: RichVideo => 2
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: Secure Hunter Service => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BitTorrent Ultra Accelerator.lnk => C:\Windows\pss\BitTorrent Ultra Accelerator.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Dyn Updater Tray Icon.lnk => C:\Windows\pss\Dyn Updater Tray Icon.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^STK02N 2.4 PNP Monitor.lnk => C:\Windows\pss\STK02N 2.4 PNP Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MagicDisc.lnk => C:\Windows\pss\MagicDisc.lnk.Startup
MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MailWasherPro.lnk => C:\Windows\pss\MailWasherPro.lnk.Startup
MSCONFIG\startupfolder: C:^Users^stefan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: aliim => "C:\Program Files (x86)\TradeManager\AliIM.exe" /autorun
MSCONFIG\startupreg: beid => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files (x86)\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EaseUS Cleanup => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\CleanUpUI.exe" 10 300
MSCONFIG\startupreg: EaseUS EPM Tray Agent => "C:\Program Files (x86)\EaseUS\EaseUS Partition Master 11.0\bin\TrayPopupE\TrayTipAgentE.exe"
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HPADVISOR => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW
MSCONFIG\startupreg: InternetCalls => "C:\Program Files (x86)\InternetCalls.com\InternetCalls\internetcalls.exe" -nosplash -minimized
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Magic Desktop for HP notification => "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: ROC_roc_ssl_v12 => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
MSCONFIG\startupreg: WirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: ZAM => "C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized


==================== Firewall regels (gefilterd) ===============


(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


FirewallRules: [{19D24B9E-4F5C-4454-ACC5-6944C9A426D2}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{71274413-F453-482D-8414-DC8B993EC853}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{D809A40E-68F2-46E8-9811-885742840517}C:\program files (x86)\wanscam\videoclient.exe] => (Allow) C:\program files (x86)\wanscam\videoclient.exe
FirewallRules: [UDP Query User{D700136D-59D9-4913-9C13-493C1969F3F5}C:\program files (x86)\wanscam\videoclient.exe] => (Allow) C:\program files (x86)\wanscam\videoclient.exe
FirewallRules: [TCP Query User{311DCA28-86D9-4566-98FF-1A2D2A61E6A2}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
FirewallRules: [UDP Query User{7BBA3FE1-C2C1-4523-9F20-305F32631EA0}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
FirewallRules: [{0E6AA9B2-B1E3-4170-A0BD-429458BF39AE}] => (Allow) C:\Windows\System32\lxdccoms.exe
FirewallRules: [{02862D91-3FA7-4354-84B2-515BAC99C88A}] => (Allow) C:\Windows\System32\lxdccoms.exe
FirewallRules: [{C3EB85AF-7454-40CF-A5FF-C0DF081331C3}] => (Allow) C:\Windows\SysWOW64\lxdccoms.exe
FirewallRules: [{F60E6CD9-C29A-4471-8986-CD8A802781A0}] => (Allow) C:\Windows\SysWOW64\lxdccoms.exe
FirewallRules: [TCP Query User{86D6039C-4951-4133-9DC3-4AFAC5139B5B}C:\users\stefan\desktop\english\search tool.exe] => (Allow) C:\users\stefan\desktop\english\search tool.exe
FirewallRules: [UDP Query User{47FF1065-282D-4570-9695-BE3557142734}C:\users\stefan\desktop\english\search tool.exe] => (Allow) C:\users\stefan\desktop\english\search tool.exe
FirewallRules: [TCP Query User{D7FC2A25-1FE2-4FE2-9799-4971039C65FF}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
FirewallRules: [UDP Query User{7DBBFBFC-F0EF-405D-9D3F-69E4ABAF7A37}C:\program files (x86)\wanscam\camerastatus.exe] => (Allow) C:\program files (x86)\wanscam\camerastatus.exe
FirewallRules: [{19AD4C78-EE2C-414E-BAF6-8CB61450CF9A}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [{BFB74317-5343-4AFB-B2AD-C7517F0A4E38}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [TCP Query User{A3BA853F-E902-414A-82A6-80D3E346B1CD}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [UDP Query User{64416234-AA1E-46E3-9C74-49D6EDB80E8B}C:\ipcclient\ipcc.exe] => (Allow) C:\ipcclient\ipcc.exe
FirewallRules: [{0A8A92F9-23D6-40EA-978A-0C2B561F4110}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609\SZBrowser.exe
FirewallRules: [{50311C95-D084-418A-9E64-F5829834ADFC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.609_0\SZBrowser.exe
FirewallRules: [{264B3CA0-0B06-4180-8F5D-747F2B08E6C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\IPC Client\IPC Client.exe] => Enabled:IPC Client.exe


==================== Herstelpunten =========================


28-08-2017 08:08:22 Windows 7 Service Pack 1
28-08-2017 10:36:57 Controlepunt van HitmanPro
28-08-2017 10:37:37 Controlepunt van HitmanPro


==================== Defecte Apparaatbeheer Apparaten =============


Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


Name: ZAM Helper Driver
Description: ZAM Helper Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


Name: ZAM Guard Driver
Description: ZAM Guard Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ZAM_Guard
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.




==================== Eventlog fouten: =========================


Applicatiefouten:
==================
Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002dc,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000015DF070.72). hr = 0x80070005, Toegang geweigerd.
.


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000720,(null),0,REG_BINARY,0000000001E5DF30.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Naam van schrijver: WMI Writer
Instantie-id van schrijver: {2c2fd5a1-bbde-4bf1-b541-a6f2308669c4}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000bdc,(null),0,REG_BINARY,00000000058FDF70.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Naam van schrijver: MSSearch Service Writer
Instantie-id van schrijver: {25bd2d47-fb4b-4b75-b884-e44149cacecc}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000720,(null),0,REG_BINARY,0000000001E5DF30.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
Naam van schrijver: WMI Writer
Instantie-id van schrijver: {2c2fd5a1-bbde-4bf1-b541-a6f2308669c4}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x00000bdc,(null),0,REG_BINARY,00000000058FDF70.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Naam van schrijver: MSSearch Service Writer
Instantie-id van schrijver: {25bd2d47-fb4b-4b75-b884-e44149cacecc}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002bc,(null),0,REG_BINARY,00000000026DE500.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {1e22191b-cdfe-4571-89d2-c088fa713aeb}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001bc,(null),0,REG_BINARY,000000000226EC10.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {afbab4a2-367d-4d15-a586-71dbb18f8485}
Naam van schrijver: Registry Writer
Instantie-id van schrijver: {1495627e-6bdc-4094-99b1-97612e952965}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000002bc,(null),0,REG_BINARY,00000000026DE500.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {e8132975-6f93-4464-a53e-1050253ae220}
Naam van schrijver: System Writer
Instantie-id van schrijver: {1e22191b-cdfe-4571-89d2-c088fa713aeb}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001fc,(null),0,REG_BINARY,000000000238EA50.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Naam van schrijver: Shadow Copy Optimization Writer
Instantie-id van schrijver: {1c37919f-9488-498f-8d99-0705acec5f8b}


Error: (08/28/2017 10:38:01 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fout in de Volume Shadow Copy-service: onverwachte fout bij het aanroepen van routine RegSetValueExW(0x000001c8,(null),0,REG_BINARY,00000000025FEE60.72). hr = 0x80070005, Toegang geweigerd.
.




Bewerking:
BackupShutdown-gebeurtenis


Context:
Uitvoeringscontext: Writer
Klasse-id van schrijver: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Naam van schrijver: COM+ REGDB Writer
Instantie-id van schrijver: {b3016f05-dd52-41c4-b196-2161d80d7788}




Systeemfouten:
=============
Error: (08/28/2017 08:05:52 PM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.


Error: (08/28/2017 07:58:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
Kan de service niet starten omdat deze is uitgeschakeld of omdat
het geen ingeschakelde apparaten met zich heeft verbonden.


Error: (08/28/2017 07:57:30 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
sptd


Error: (08/28/2017 05:34:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
Kan de service niet starten omdat deze is uitgeschakeld of omdat
het geen ingeschakelde apparaten met zich heeft verbonden.


Error: (08/28/2017 04:32:55 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
Kan de service niet starten omdat deze is uitgeschakeld of omdat
het geen ingeschakelde apparaten met zich heeft verbonden.


Error: (08/28/2017 04:30:14 PM) (Source: atapi) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Ide\IdePort0.


Error: (08/28/2017 04:19:50 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: De HomeGroup Provider-service is afhankelijk van de Function Discovery Provider Host-service, die vanwege de volgende fout niet kan worden gestart:
Kan de service niet starten omdat deze is uitgeschakeld of omdat
het geen ingeschakelde apparaten met zich heeft verbonden.


Error: (08/28/2017 04:19:02 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
sptd


Error: (08/28/2017 01:51:48 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout:
Toegang geweigerd.
.


Error: (08/28/2017 12:37:16 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout:
Toegang geweigerd.
.




CodeIntegrity:
===================================
Date: 2017-08-21 09:03:46.167
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 09:03:46.120
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 09:02:10.895
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 09:02:10.893
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 09:00:30.388
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 09:00:30.386
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 08:58:40.421
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 08:58:40.418
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 08:57:03.668
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


Date: 2017-08-21 08:57:03.666
Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Windows\System32\drivers\a38usb.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.




==================== Geheugen info ===========================


Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage geheugen in gebruik: 64%
Totaal fysiek RAM-geheugen: 4062.93 MB
Beschikbaar fysiek RAM-geheugen: 1462.42 MB
Totaal Virtueel geheugen: 8123.99 MB
Beschikbaar Virtual geheugen: 5403.33 MB


==================== Schijven ================================


Drive c: () (Fixed) (Total:450.58 GB) (Free:114.37 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (RECOVERY) (Fixed) (Total:12.99 GB) (Free:2.16 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.99 GB) FAT32


==================== MBR & Partitietabel ==================


========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B132777F)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=2 GB) - (Type=0C)
Partition 4: (Not Active) - (Size=13 GB) - (Type=07 NTFS)


==================== Eind van Addition.txt ============================
 
Re: redirecting to us.search.yahoo.com

Hi, raystef66.

You should only have needed to disable your security software at the time of attempting the install. If it is not on now, please enable it. I also advise you to re-enable UAC.

1. There are very few reasons why Java is needed on a personal computer. In addition, you have several outdated versions of Java on your computer which means that any web application can specify any vulnerable JRE installed to run attack code on your computer. If you don't need Java, uninstall it. One less update to worry about and, more importantly, one less potential vulnerability. In the event a program you use requires Java, you will be prompted to install it.

If you decide to keep Java, uninstall the out-dated versions listed below. Should you elect to remove it completely, also uninstall Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation).

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)​

2. Another program installed on your computer that is generally no longer needed is Shockwave Player. I've never needed it on my computer and it is from 2008. If you decide to keep it, you need to update Adobe Shockwave Player 12.0 to the newest version 12.2.9.199 which is available here: http://get.adobe.com/shockwave/. When updating, watch for any pre-checked add-ons as they are not needed for the update. Otherwise install that version as well as the following:

Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)​

4. P2P programs form a direct conduit on to your computer. They have always been a target of malware writers and are increasingly so of late. P2P security measures are easily circumvented and if your P2P program is not configured correctly, you may be sharing more files than you realize. There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.

With P2P file sharing, a file can be distributed among many hosts, and peers will provide for download the sections that they have already downloaded. This results in the distinct possibility of a distribution method in which malicious bits are mixed with with good files. Please uninstall BitTorrent.

5. Your version of Firefox is extremely outdated and has had numerous critical security updates. The current version is 55.0.3. To get the update, select "Help" from the Firefox menu, then pick "About Firefox."

6. Please do the following to run FRST:

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system
  • Please select the entire contents of the code box below, from the "Start::" line to "End", including both lies. Right-click and select "Copy ".
Code: 
Start::
CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
GroupPolicy: Restrictie - Chrome <==== AANDACHT
GroupPolicyScripts\User: Restrictie <==== AANDACHT
GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
C:\444f310cfc15188bae837ebc78
C:\655b4ca83bc64a86aeaf06582313
C:\ac4c1fa8911b574875d7525245
C:\dc59eb761a5c80ac0e2d26c2ba
C:\9cae8c3de34a5a532af4711b8e
C:\80ed5da7469e630af8
C:\235d6ea06bf9600b48810d7f
C:\89cc7330450f265de9de
C:\bdd7f804becdf8a002ee5269d9b2
C:\ec61763e42b14a964258f3ebbb
C:\Program Files\Advanced Card Systems Ltd
C:\5825a1d52772cdb846
C:\990746c30ac77677f0e5
C:\5c75ead3829f90f090ae2d4808
C:\4f42d37172017005abdf90d4e4ae7f9b
C:\124259902c8503bf0cfceb
C:\ce51e115a100e2640a0e39dd055add
C:\2d61a63ce7f37211318de35760a1
C:\0b9632262526aafaa89609b1
C:\d4a37d9541a41d9611e143c200
C:\8a131cd49804b940bbfa84
C:\ba6bbdcc354e83841a4d81
C:\Users\stefan\AppData\Roaming\IObit
C:\Users\Administrator\AppData\Roaming\IObit
C:\Windows\IObit
C:\Users\stefan\AppData\LocalLow\IObit
Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]
EmptyTemp:
End::
  • Please right-click on FRST/FRST64 to run as administrator. When the tool opens, click "yes" to the disclaimer.
  • Press the Fix button once and wait.
  • FRST will process fixlist.txt
  • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST/FRST64.exe
  • Please post the log in your next reply.

7. Please download Adware Cleaner and save it to your Desktop.
  • Right-click on AdwCleaner.exe and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin. Please be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

8. Please download Junkware Removal Tool to your desktop.
  • Temporarily disable your protection software now to avoid potential conflicts but be sure to re-enable upon completion!
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
Re: redirecting to us.search.yahoo.com

Hi, thanks for your help !
I did the removals you asked (Java, Shockwave, bittorrent, Firefox updated)
1. i coppied the text for FRST, ran it as admin and just ran FIX (i didn't have to drag and drop something, right ?)
Hereby the log :
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 20-08-2017
Gestart door stefan (29-08-2017 09:32:49) Run:1
Gestart vanaf C:\Users\stefan\Downloads
Geladen Profielen: stefan (Beschikbare Profielen: stefan & Administrator)
Boot Modus: Normal
==============================================


fixlist inhoud:
*****************


CreateRestorePoint:
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
BHO-x32: Geen Naam -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Geen bestand
BHO-x32: Geen Naam -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> Geen bestand
BHO-x32: Geen Naam -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> Geen bestand
BHO-x32: Geen Naam -> {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} -> Geen bestand
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Geen bestand
Toolbar: HKLM - Geen Naam - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Geen bestand
Toolbar: HKLM-x32 - Geen Naam - {8dcb7100-df86-4384-8842-8fa844297b3f} - Geen bestand
Toolbar: HKU\S-1-5-21-998262437-1437487422-401129983-1001 -> Geen Naam - {6F2CF24C-F970-4947-81FA-158F224B2362} - Geen bestand
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [Geen bestand]
FF Plugin-x32: @alibaba.com/nptrademanager;version=1.0 -> C:\Program Files (x86)\TradeManager\nptrademanager.dll [Geen bestand]
FF Plugin-x32: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\TradeManager\npwangwang.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [Geen bestand]
FF Plugin-x32: @google.com/npwebplugin -> C:\Windows\system32\npwebplugin.dll [Geen bestand]
FF Plugin-x32: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files (x86)\PDFlite\npPdfViewer.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=8 -> C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand]
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand]
GroupPolicy: Restrictie - Chrome <==== AANDACHT
GroupPolicyScripts\User: Restrictie <==== AANDACHT
GroupPolicyScripts-x32\User: Restrictie <==== AANDACHT
CHR HKLM\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
CHR HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google: Restrictie <==== AANDACHT
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <==== AANDACHT
S3 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
C:\444f310cfc15188bae837ebc78
C:\655b4ca83bc64a86aeaf06582313
C:\ac4c1fa8911b574875d7525245
C:\dc59eb761a5c80ac0e2d26c2ba
C:\9cae8c3de34a5a532af4711b8e
C:\80ed5da7469e630af8
C:\235d6ea06bf9600b48810d7f
C:\89cc7330450f265de9de
C:\bdd7f804becdf8a002ee5269d9b2
C:\ec61763e42b14a964258f3ebbb
C:\Program Files\Advanced Card Systems Ltd
C:\5825a1d52772cdb846
C:\990746c30ac77677f0e5
C:\5c75ead3829f90f090ae2d4808
C:\4f42d37172017005abdf90d4e4ae7f9b
C:\124259902c8503bf0cfceb
C:\ce51e115a100e2640a0e39dd055add
C:\2d61a63ce7f37211318de35760a1
C:\0b9632262526aafaa89609b1
C:\d4a37d9541a41d9611e143c200
C:\8a131cd49804b940bbfa84
C:\ba6bbdcc354e83841a4d81
C:\Users\stefan\AppData\Roaming\IObit
C:\Users\Administrator\AppData\Roaming\IObit
C:\Windows\IObit
C:\Users\stefan\AppData\LocalLow\IObit
Task: {8DC05A47-17BA-42A7-941D-81F87D0AA310} - System32\Tasks\Driver Booster SkipUAC (stefan) => C:\Program Files (x86)\IObit\Driver Booster\4.5.0\DriverBooster.exe
2017-08-12 08:32 - 2017-08-27 22:13 - 000002890 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)
Task: {955A7896-24BD-4312-AFF3-B6F251D6194B} - \Hewlett-Packard\HP Assistant\PC Tuneup -> Geen bestand <==== AANDACHT
Task: {D6667469-171F-4085-9E92-FB806FDE3B51} - \Hewlett-Packard\HP Assistant\HP Total Care Tune-Up -> Geen bestand <==== AANDACHT
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
AlternateDataStreams: C:\ProgramData\Temp:054B9966 [126]
AlternateDataStreams: C:\ProgramData\Temp:4BF2F6B5 [184]
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9 [156]
AlternateDataStreams: C:\ProgramData\Temp:CB9FA647 [332]
EmptyTemp:


*****************


Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => sleutel niet gevonden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => sleutel niet gevonden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} => sleutel niet gevonden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} => sleutel niet gevonden.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => waarde is succesvol verwijderd
HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => waarde is succesvol verwijderd
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => sleutel niet gevonden.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{8dcb7100-df86-4384-8842-8fa844297b3f} => waarde is succesvol verwijderd
HKLM\Software\Wow6432Node\Classes\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} => sleutel niet gevonden.
HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6F2CF24C-F970-4947-81FA-158F224B2362} => waarde is succesvol verwijderd
HKLM\Software\Classes\CLSID\{6F2CF24C-F970-4947-81FA-158F224B2362} => sleutel niet gevonden.
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5 => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@alibaba.com/nptrademanager;version=1.0 => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@alibaba.com/npwangwang;version=1.0 => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@google.com/npwebplugin => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin => sleutel is succesvol verwijderd
HKLM\Software\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=8 => sleutel is succesvol verwijderd
HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand] => sleutel niet gevonden.
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/nptrademanager;version=1.0 -> "C:\Program Files (x86)\trademanager\nptrademanager.dll" [Geen bestand] => niet gevonden.
HKU\S-1-5-21-998262437-1437487422-401129983-1001\Software\MozillaPlugins\FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand] => sleutel niet gevonden.
FF Plugin HKU\S-1-5-21-998262437-1437487422-401129983-1001: @alibaba.com/npwangwang;version=1.0 -> "C:\Program Files (x86)\trademanager\npwangwang.dll" [Geen bestand] => niet gevonden.
C:\Windows\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => is succesvol verplaatst
C:\Windows\system32\GroupPolicy\User => is succesvol verplaatst
C:\Windows\SysWOW64\GroupPolicy\User => is succesvol verplaatst
HKLM\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd
HKU\S-1-5-21-998262437-1437487422-401129983-1001\SOFTWARE\Policies\Google => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => sleutel is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\aspnet_state => sleutel is succesvol verwijderd
aspnet_state => dienst is succesvol verwijderd
C:\444f310cfc15188bae837ebc78 => is succesvol verplaatst
C:\655b4ca83bc64a86aeaf06582313 => is succesvol verplaatst
C:\ac4c1fa8911b574875d7525245 => is succesvol verplaatst
C:\dc59eb761a5c80ac0e2d26c2ba => is succesvol verplaatst
C:\9cae8c3de34a5a532af4711b8e => is succesvol verplaatst
C:\80ed5da7469e630af8 => is succesvol verplaatst
C:\235d6ea06bf9600b48810d7f => is succesvol verplaatst
C:\89cc7330450f265de9de => is succesvol verplaatst
C:\bdd7f804becdf8a002ee5269d9b2 => is succesvol verplaatst
C:\ec61763e42b14a964258f3ebbb => is succesvol verplaatst
C:\Program Files\Advanced Card Systems Ltd => is succesvol verplaatst
C:\5825a1d52772cdb846 => is succesvol verplaatst
C:\990746c30ac77677f0e5 => is succesvol verplaatst
C:\5c75ead3829f90f090ae2d4808 => is succesvol verplaatst
C:\4f42d37172017005abdf90d4e4ae7f9b => is succesvol verplaatst
C:\124259902c8503bf0cfceb => is succesvol verplaatst
C:\ce51e115a100e2640a0e39dd055add => is succesvol verplaatst
C:\2d61a63ce7f37211318de35760a1 => is succesvol verplaatst
C:\0b9632262526aafaa89609b1 => is succesvol verplaatst
C:\d4a37d9541a41d9611e143c200 => is succesvol verplaatst
C:\8a131cd49804b940bbfa84 => is succesvol verplaatst
C:\ba6bbdcc354e83841a4d81 => is succesvol verplaatst
C:\Users\stefan\AppData\Roaming\IObit => is succesvol verplaatst
C:\Users\Administrator\AppData\Roaming\IObit => is succesvol verplaatst
C:\Windows\IObit => is succesvol verplaatst
C:\Users\stefan\AppData\LocalLow\IObit => is succesvol verplaatst
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8DC05A47-17BA-42A7-941D-81F87D0AA310} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DC05A47-17BA-42A7-941D-81F87D0AA310} => sleutel is succesvol verwijderd
C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan) => is succesvol verplaatst
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (stefan) => sleutel is succesvol verwijderd
"C:\Windows\System32\Tasks\Driver Booster SkipUAC (stefan)" => niet gevonden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{955A7896-24BD-4312-AFF3-B6F251D6194B} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{955A7896-24BD-4312-AFF3-B6F251D6194B} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Assistant\PC Tuneup => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6667469-171F-4085-9E92-FB806FDE3B51} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6667469-171F-4085-9E92-FB806FDE3B51} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Hewlett-Packard\HP Assistant\HP Total Care Tune-Up => sleutel is succesvol verwijderd
C:\ProgramData\Reprise => ":wupeogjxldtlfudivq`qsp`27hfm" ADS is succesvol verwijderd.
C:\ProgramData\Temp => ":054B9966" ADS is succesvol verwijderd.
C:\ProgramData\Temp => ":4BF2F6B5" ADS is succesvol verwijderd.
C:\ProgramData\Temp => ":CB0AACC9" ADS is succesvol verwijderd.
C:\ProgramData\Temp => ":CB9FA647" ADS is succesvol verwijderd.


=========== EmptyTemp: ==========


BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11073974 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 2941944 B
Edge => 0 B
Chrome => 107859872 B
Firefox => 57397325 B
Opera => 0 B


Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 66228 B
Public => 0 B
ProgramData => 0 B
systemprofile32 => 57755 B
LocalService => 173204 B
NetworkService => 79342 B
stefan => 440605018 B
Administrator => 466222 B


RecycleBin => 0 B
EmptyTemp: => 600 MB tijdelijke gegevens verwijderd.


================================




Het systeem moest herstart worden.


==== Eind van Fixlog 09:34:04 ====
 
Re: redirecting to us.search.yahoo.com

2. the adw gave a S3 before reboot and a C1 after reboot : i copy both inhere to be sure :
# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 07:44:46 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 08-25-2017.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
# Support: Malwarebytes | Customer Support & Help Center


***** [ Services ] *****


No malicious services found.


***** [ Folders ] *****


PUP.Adware.Heuristic, \Downloaded Installers\M928366
PUP.Adware.Heuristic, \Installer\M928366




***** [ Files ] *****


PUP.Optional.SpyHunter, C:\Windows\System32\drivers\EsgScanner.sys




***** [ DLL ] *****


No malicious DLLs found.


***** [ WMI ] *****


No malicious WMI found.


***** [ Shortcuts ] *****


No malicious shortcuts found.


***** [ Tasks ] *****


No malicious tasks found.


***** [ Registry ] *****


PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
PUP.Optional.SpyHunter, [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
PUP.Adware.Heuristic, [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\M928366




***** [ Firefox (and derivatives) ] *****


No malicious Firefox entries.


***** [ Chromium (and derivatives) ] *****


No malicious Chromium entries.


*************************


C:/AdwCleaner/AdwCleaner[C0].txt - [6873 B] - [2017/8/27 20:41:15]
C:/AdwCleaner/AdwCleaner[S0].txt - [5106 B] - [2014/11/4 9:24:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [7723 B] - [2017/8/27 20:38:44]
C:/AdwCleaner/AdwCleaner[S2].txt - [3729 B] - [2017/8/28 9:39:57]




########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########


# AdwCleaner 7.0.1.0 - Logfile created on Tue Aug 29 07:46:19 2017
# Updated on 2017/05/08 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: Malwarebytes | Customer Support & Help Center


***** [ Services ] *****


No malicious services deleted.


***** [ Folders ] *****


Deleted: \Downloaded Installers\M928366
Deleted: \Installer\M928366




***** [ Files ] *****


Deleted: C:\Windows\System32\drivers\EsgScanner.sys




***** [ DLL ] *****


No malicious DLLs cleaned.


***** [ WMI ] *****


No malicious WMI cleaned.


***** [ Shortcuts ] *****


No malicious shortcuts cleaned.


***** [ Tasks ] *****


No malicious tasks deleted.


***** [ Registry ] *****


Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{E7BC34A1-BA86-11CF-84B1-CBC2DA68BF6C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{655847A1-FA36-46ED-923B-A5CD523696EA}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{EBBC143E-44AC-4B9C-BCCE-9A0E42921F2A}
Deleted: [Key] - HKLM\SOFTWARE\EnigmaSoftwareGroup
Deleted: [Key] - HKCU\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\M928366




***** [ Firefox (and derivatives) ] *****


No malicious Firefox entries deleted.


***** [ Chromium (and derivatives) ] *****


No malicious Chromium entries deleted.


*************************


::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0






*************************


C:/AdwCleaner/AdwCleaner[C0].txt - [6873 B] - [2017/8/27 20:41:15]
C:/AdwCleaner/AdwCleaner[S0].txt - [5106 B] - [2014/11/4 9:24:13]
C:/AdwCleaner/AdwCleaner[S1].txt - [7723 B] - [2017/8/27 20:38:44]
C:/AdwCleaner/AdwCleaner[S2].txt - [3729 B] - [2017/8/28 9:39:57]
C:/AdwCleaner/AdwCleaner[S3].txt - [3796 B] - [2017/8/29 7:44:47]




########## EOF - C:\AdwCleaner\AdwCleaner
Danger

.txt ##########

 
Re: redirecting to us.search.yahoo.com

3. JRT log :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x64
Ran by stefan (Limited) on di 29/08/2017 at 9:52:53,24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~








File System: 29


Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\nptrademanager.dll (File)
Successfully deleted: C:\Program Files (x86)\mozilla firefox\plugins\npwangwang.dll (File)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\stefan\AppData\Roaming\new version available (Folder)
Successfully deleted: C:\Users\stefan\Documents\add-in express (Folder)
Successfully deleted: C:\Windows\system32\Tasks\DriverMax Notification (Task)
Successfully deleted: C:\Windows\system32\Tasks\DriverMaxAgent (Task)
Successfully deleted: C:\Windows\system32\Tasks\DriverMaxWelcome (Task)
Successfully deleted: C:\Windows\system32\Tasks\DriverNavigator Scheduled Scan (Task)
Successfully deleted: C:\Windows\Tasks\DriverNavigator Scheduled Scan.job (Task)
Successfully deleted: C:\xiaomi (Folder)
Successfully deleted: C:\Program Files (x86)\dll-files.com fixer (Folder)
Successfully deleted: C:\Program Files (x86)\trademanager (Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY8UJN0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VZMPUXS (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQMK3OH2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVKPJKSW (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGOEEMW1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O72J9JB0 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZC2N0HV (Temporary Internet Files Folder)
Successfully deleted: C:\Users\stefan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZRZ5AP3R (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2MY8UJN0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2VZMPUXS (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQMK3OH2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LVKPJKSW (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NGOEEMW1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O72J9JB0 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SZC2N0HV (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZRZ5AP3R (Temporary Internet Files Folder)






Registry: 0










~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 29/08/2017 at 9:57:33,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Re: redirecting to us.search.yahoo.com

By the way, after i ran your tools, the redirecting is as far as i know gone. I will wait for your analysis as whether you can find something that is being cleaned with this tools.
I'll wait for you reply. In the mean time i do a follow up when i am on webpages to see if it remains OK :-)
thnx !
 
Re: redirecting to us.search.yahoo.com

Excellent! Plus, with the uninstall of Java and Shockwave Player, you have less to worry about keeping updated.

Please download Delfix from here.

Ensure the following boxes are checked:
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore
    delfix.jpg
  • Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

Following that, you can return to [Win7 x64] Unable to install SP1. and await instructions from softwaremaniac. However, please be alert to keeping your antivirus enabled when not following his instructions to disable it.
 
Re: redirecting to us.search.yahoo.com

Thank you for your help ! It is much appreciated. As a matter of fact i'm running smoother now as before and up till now i did not encouter any redirecting anymore. I also removed some older programms which i did not use anymore. I de-installed a dozen of those :-)
So GREAT HELP ! Thanks again !
Here is the log :

# DelFix v1.013 - Logfile created 29/08/2017 at 17:44:12
# Updated 17/04/2016 by Xplode
# Username : stefan - STEFAN-PC
# Operating System : Windows 7 Home Premium (64 bits)


~ Removing disinfection tools ...


Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\TDSSKiller.3.1.0.15_28.08.2017_11.54.16_log.txt
Deleted : C:\Users\stefan\Desktop\AdwCleaner
Danger

.txt
Deleted : C:\Users\stefan\Desktop\AdwCleaner[S3].txt
Deleted : C:\Users\stefan\Desktop\Fixlog.txt
Deleted : C:\Users\stefan\Desktop\JRT.txt
Deleted : C:\Users\stefan\Downloads\Addition.txt
Deleted : C:\Users\stefan\Downloads\adwcleaner_7.0.1.0.exe
Deleted : C:\Users\stefan\Downloads\FRST.txt
Deleted : C:\Users\stefan\Downloads\FRST64.exe
Deleted : C:\Users\stefan\Downloads\JRT.exe
Deleted : C:\Users\stefan\Downloads\RGSA.exe
Deleted : C:\Users\stefan\Downloads\SALog.txt
Deleted : C:\Users\stefan\Downloads\tdsskiller.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis


~ Creating registry backup ... OK


~ Cleaning system restore ...


Deleted : RP #618 [Windows 7 Service Pack 1 | 08/28/2017 06:08:22]
Deleted : RP #619 [Controlepunt van HitmanPro | 08/28/2017 08:36:57]
Deleted : RP #620 [Controlepunt van HitmanPro | 08/28/2017 08:37:37]
Deleted : RP #621 [Removed Java 7 Update 51 | 08/29/2017 06:55:30]
Deleted : RP #622 [Removed Java 7 Update 51 (64-bit) | 08/29/2017 06:56:34]
Deleted : RP #623 [Removed Java 8 Update 144 (64-bit) | 08/29/2017 06:57:34]
Deleted : RP #624 [Removed Java SE Development Kit 8 Update 25 (64-bit) | 08/29/2017 06:58:34]
Deleted : RP #625 [Removed Adobe Shockwave Player 12.0. | 08/29/2017 07:01:29]
Deleted : RP #626 [Removed Python 2.7.12 (64-bit) | 08/29/2017 07:02:29]
Deleted : RP #627 [Python 3.5.0 (64-bit) | 08/29/2017 07:03:02]
Deleted : RP #628 [Removed Python 2.7.12 (64-bit) | 08/29/2017 07:05:41]
Deleted : RP #629 [Removed TomTom HOME Visual Studio Merge Modules | 08/29/2017 07:07:03]
Deleted : RP #630 [Removed TomTom HOME. | 08/29/2017 07:07:28]
Deleted : RP #631 [Removed Binreader | 08/29/2017 07:12:25]
Deleted : RP #633 [Restore Point Created by FRST | 08/29/2017 07:32:54]
Deleted : RP #634 [JRT Pre-Junkware Removal | 08/29/2017 07:52:57]
Deleted : RP #635 [Removed 7-Zip 9.20 (x64 edition) | 08/29/2017 11:45:17]
Deleted : RP #636 [CinemaHD 4 Free | 08/29/2017 11:50:02]
Deleted : RP #637 [Removed Netcam Studio - 64-bit | 08/29/2017 11:56:55]
Deleted : RP #638 [Removed Nitro Reader 3 | 08/29/2017 11:57:57]
Deleted : RP #639 [Removed Radmin Viewer 3.5. | 08/29/2017 12:03:17]
Deleted : RP #640 [Removed XiaoMiFlash | 08/29/2017 12:10:19]
Deleted : RP #641 [Removed XiaoMiFlash | 08/29/2017 12:18:16]


New restore point created !


########## - EOF - ##########

 
Re: redirecting to us.search.yahoo.com

I'm so happy I was able to help as well as you taking the initiative to do further cleanup! I know softwaremaniac will do his very best to help you get properly updated now.
 
You must log in or register to reply here.

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top