Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

spam send in skype account to all skype contacts - cannot load page safety scan


  • This topic is locked This topic is locked
34 replies to this topic

#1 haramo

haramo

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 31 December 2015 - 11:34 AM

Dear

 

I noticed that skype has send to all skype contacts a certain link, to one contact even multiply links.

 

this all happens on the same day: 17th december from 14:30 -14:39.

 

I haven't seen any spam send anymore after that.

 

Skype support told me to reset my password, I did, and to download safety scanner from microsoft. they proviced me with the link.

 

when I try to open the link, the browser cannot load the page, it is stuck in a loop:  sometimes I see a page, but just for a second or even less, then mostly white page, and browser keeps trying to load the page. and in chrome : a  little shield symbol on the right side of the address bar says that it's trying to load scripts from unauthenticated sources. this message dissappears very quickly.

 

 

I have skype installed on two laptops, and on my smartphone (iphone).

 

The problem I told about, is on one laptop that has no antivirus. I did not yet checked the other laptop, if the microsoft page opens or not. but I do have bitdefender internet security (paid) installed on the second laptop.

 

I want to be sure the laptop that has the problem, is virusfree.

 

 

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie:31-12-2015
Gestart door Momo (Beheerder) op MOMOSONYLAPTOP (31-12-2015 17:11:28)
Gestart vanaf C:\Users\Momo\Desktop
Geladen Profielen: Momo (Beschikbare Profielen: Momo & Nora & MomoSurf)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Advanced Micro Devices) C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(PIXELA CORPORATION) C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-17] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [788640 2011-02-24] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657056 2011-02-24] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-03-24] (Synaptics Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-02-18] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [beid] => "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [24952456 2015-12-08] (Dropbox, Inc.)
HKLM-x32\...\Run: [AgentMonitor] => C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe [401280 2014-06-20] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-05-22]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoBrowser Camera Monitor.lnk [2015-05-14]
ShortcutTarget: VideoBrowser Camera Monitor.lnk -> C:\Program Files (x86)\PIXELA\VideoBrowser\CameraMonitor.exe (PIXELA CORPORATION)
Startup: C:\Users\Momo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2015-05-03]
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
GroupPolicyUsers\S-1-5-21-1072271410-187323381-3561074415-1004\User: Restrictie <======= AANDACHT
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{6068FF85-3B19-409C-A877-B3B6E6D6313C}: [DhcpNameServer] 195.130.130.129 195.130.131.129
Tcpip\..\Interfaces\{F6E0B91C-0992-414F-A0F3-86A6CC7B4CB4}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.be/?gws_rd=ssl
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.sony.eu/vaioportal
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> DefaultScope {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0A8F6CE5-DC38-46ED-A96D-BF2C24F1114D} URL = hxxp://rover.ebay.com/rover/1/1553-42507-16445-53/4?satitle={searchTerms}
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0BE66A01-DF14-4BF4-A65C-F3B28158E461} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => Geen bestand
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-02-24] (Atheros Commnucations)
BHO-x32: Aanmeldhulp voor Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-09-03] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-02] (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-10-21] (Microsoft Corporation.)
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-02] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-02] ()
FF Plugin-x32: @kaspersky.com/online_banking_08806E753BE44495B44E90AA2513BDC5 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-02] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-02] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-09-30] (Adobe Systems Inc.)
FF Extension: Belgium eID - C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be [2015-05-08] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_663BE84DBCC949E88C7600F63CA7F098@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\content_blocker@kaspersky.com [2015-05-02] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_07402848C2F6470194F131B0F3DE025E@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\virtual_keyboard@kaspersky.com [2015-05-02] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_08806E753BE44495B44E90AA2513BDC5@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\FFExt\online_banking@kaspersky.com [2015-05-02] [ niet getekend]
FF HKLM-x32\...\Firefox\Extensions: [belgiumeid@eid.belgium.be] - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be => niet gevonden
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2015-05-22] [ niet getekend]
FF HKU\S-1-5-21-1072271410-187323381-3561074415-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.be/"
CHR Profile: C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-16]
CHR Extension: (Google Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16]
CHR Extension: (Google Drive) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (YouTube) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04]
CHR Extension: (Google Search) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-16]
CHR Extension: (Offline Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-31]
CHR Extension: (Gmail) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16]
CHR Profile: C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Presentaties) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-27]
CHR Extension: (The Guardian) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\amckaikgfcndaokapfcedicfmagoghlg [2015-09-29]
CHR Extension: (Google Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-27]
CHR Extension: (Google Drive) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-15]
CHR Extension: (YouTube) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29]
CHR Extension: (Google Search) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-15]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-05-27]
CHR Extension: (Google Spreadsheets) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-27]
CHR Extension: (Telegraph) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gegbfkbjdbjmbjggbneiopjmhjjmffdp [2015-09-29]
CHR Extension: (Offline Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (AdBlock) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-15]
CHR Extension: (Adblock for Pirate Bay) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd [2015-05-27]
CHR Extension: (Google Maps) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-09-29]
CHR Extension: (The Independent) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mdonfjaemnemdnnpebbcelibeocdmkai [2015-09-29]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-29]
CHR Extension: (Evernote Web Clipper) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-09-29]
CHR Extension: (Gmail) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-27]
CHR Profile: C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Presentaties) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-14]
CHR Extension: (Google Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-14]
CHR Extension: (Google Drive) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google Search) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-06-14]
CHR Extension: (Google Spreadsheets) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-14]
CHR Extension: (Offline Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Gmail) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-14]
CHR Profile: C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Presentaties) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-09]
CHR Extension: (Google Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-09]
CHR Extension: (Google Drive) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-01]
CHR Extension: (YouTube) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-09]
CHR Extension: (Google Search) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-06]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-10-09]
CHR Extension: (Google Spreadsheets) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-09]
CHR Extension: (Offline Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-12-15]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-09]
CHR Extension: (Gmail) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-09]
CHR Profile: C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Presentaties) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-11]
CHR Extension: (Google Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-11]
CHR Extension: (Google Drive) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-11]
CHR Extension: (YouTube) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-11]
CHR Extension: (Google Search) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11]
CHR Extension: (Kaspersky Bescherming) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-11-11]
CHR Extension: (Google Spreadsheets) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-11]
CHR Extension: (Offline Documenten) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-13]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-11]
CHR Extension: (Gmail) - C:\Users\Momo\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-11]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - hxxps://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
 
==================== Services (gefilterd) ========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S4 0015211430579198mcinstcleanup; C:\Users\Momo\AppData\Local\Temp\001521~1.EXE [828032 2012-06-14] (McAfee, Inc.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-02-18] (Advanced Micro Devices, Inc.) [Bestand niet getekend]
R2 AMD Reservation Manager; c:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [194496 2010-06-17] (Advanced Micro Devices)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-02-24] (Atheros) [Bestand niet getekend]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [73376 2011-02-24] (Atheros Commnucations) [Bestand niet getekend]
S4 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 15.0.2\avp.exe [193400 2014-12-23] (Kaspersky Lab ZAO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-14] (Dropbox, Inc.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [Bestand niet getekend]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [Bestand niet getekend]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-04-17] (Sony Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Bestand niet getekend]
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3272656 2014-07-21] (Paramount Software UK Ltd)
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [Bestand niet getekend]
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1653272 2015-07-31] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S3 ACSSCR; C:\Windows\System32\DRIVERS\a38usb.sys [44672 2015-05-08] (Advanced Card Systems Ltd)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2015-05-19] (AnchorFree Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [56008 2015-05-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [151240 2014-11-28] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [245960 2014-10-22] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [842440 2015-05-02] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30920 2014-10-10] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [30920 2014-10-30] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [57032 2014-10-09] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77000 2014-11-22] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [181960 2014-11-10] (Kaspersky Lab ZAO)
S3 PSMounterEx; C:\Windows\system32\drivers\psmounterex.sys [169992 2015-04-02] (Windows ® Win 7 DDK provider)
S3 PSVolAcc; C:\Windows\System32\Drivers\PSVolAcc.sys [12760 2014-07-21] (Paramount Software UK Ltd)
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2015-05-19] (Anchorfree Inc.)
S3 AODDriver4.0; \??\c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-12-31 17:11 - 2015-12-31 17:12 - 00036932 _____ C:\Users\Momo\Desktop\FRST.txt
2015-12-31 17:11 - 2015-12-31 17:11 - 00000000 ____D C:\FRST
2015-12-31 17:10 - 2015-12-31 17:10 - 02370560 _____ (Farbar) C:\Users\Momo\Desktop\FRST64.exe
2015-12-31 16:49 - 2015-12-31 17:12 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 16:49 - 2015-12-31 16:49 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-31 16:49 - 2015-12-31 16:49 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-31 16:49 - 2015-12-31 16:49 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-31 16:49 - 2015-12-31 16:49 - 00000000 ____D C:\Windows\system32\Macromed
2015-12-31 16:41 - 2015-12-31 16:41 - 00000000 _____ C:\Users\Momo\Documents\Nieuw tekstdocument.txt
2015-12-31 16:03 - 2015-12-31 16:03 - 00000000 ___RD C:\Users\Momo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-30 22:41 - 2015-12-30 22:41 - 00000000 ___RD C:\Users\Nora\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-12-30 22:39 - 2010-07-20 16:00 - 00187904 _____ (Xerox Co., Ltd.) C:\Windows\system32\xrxmpzil.dll
2015-12-30 22:33 - 2015-12-30 22:33 - 00000000 ____D C:\Xerox
2015-12-30 21:35 - 2015-12-30 21:35 - 00000000 ____D C:\Users\Nora\AppData\Local\{C5068E3C-3E40-483B-A716-D624B589886D}
2015-12-30 21:35 - 2015-12-30 21:35 - 00000000 ____D C:\Users\Nora\AppData\Local\{21900D9D-6E0B-4DD1-B310-1346560C190A}
2015-12-30 21:09 - 2015-12-30 21:09 - 01377748 _____ C:\Users\Nora\Desktop\eva-veggieplan_leuven.pdf
2015-12-15 18:20 - 2015-12-16 14:57 - 00000000 ____D C:\Users\Nora\Desktop\Kalender 2016
2015-12-11 22:13 - 2015-12-11 22:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-12-10 15:55 - 2015-12-10 15:55 - 00000000 ____D C:\Users\Momo\AppData\Local\CrashRpt
2015-12-09 14:20 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 14:20 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 14:20 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 14:20 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 14:20 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 14:20 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 14:20 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 14:20 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 14:20 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 14:20 - 2015-11-05 20:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-12-09 14:20 - 2015-11-05 20:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-12-09 14:20 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 14:20 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 14:19 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 14:19 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 14:19 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 14:19 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 14:19 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 14:19 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 14:19 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 14:19 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 14:19 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 14:19 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 14:19 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 14:19 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 14:19 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 14:19 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 14:19 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 14:19 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 14:19 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 14:19 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 14:19 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 14:19 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 14:19 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 14:19 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 14:19 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 14:19 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 14:19 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 14:19 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 14:19 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 14:19 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 14:19 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 14:19 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 14:19 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 14:19 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 14:19 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 14:19 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 14:19 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 14:19 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 14:19 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 14:19 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 14:19 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 14:19 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 14:19 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 14:19 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 14:19 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 14:19 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 14:19 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 14:19 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 14:19 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 14:19 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 14:19 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 14:19 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 14:19 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 14:19 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 14:19 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 14:19 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 14:19 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 14:19 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 14:19 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 14:19 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 14:19 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 14:19 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 14:19 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 14:19 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 14:19 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 14:19 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 14:19 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 14:19 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 14:19 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 14:19 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 14:19 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 14:19 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 14:19 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 14:19 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 14:19 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 14:19 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 14:19 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 14:19 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-09 14:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-09 14:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-09 14:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-09 14:19 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-09 14:19 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-09 14:19 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-09 14:19 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-09 14:19 - 2015-10-08 20:13 - 00419928 _____ C:\Windows\SysWOW64\locale.nls
2015-12-09 14:19 - 2015-10-08 19:52 - 00419928 _____ C:\Windows\system32\locale.nls
2015-12-09 14:18 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 14:18 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-09 13:51 - 2015-12-09 13:51 - 00000000 ___RD C:\Users\Nora\Documents\Famillie
2015-12-09 13:38 - 2015-12-09 13:40 - 00000000 ___RD C:\Users\Nora\Documents\Camera-uploads
2015-12-07 20:13 - 2015-12-07 20:35 - 00005046 _____ C:\Users\Nora\Documents\Pea coat.odt
2015-12-03 13:18 - 2015-12-03 13:18 - 00000000 ____D C:\Users\Momo\AppData\Local\ElevatedDiagnostics
2015-12-03 12:07 - 2015-12-03 12:07 - 00000000 ___HD C:\ProgramData\CanonBJ
2015-12-02 22:27 - 2015-12-02 22:27 - 00014900 _____ C:\Users\Momo\Downloads\Star.Trek.Renegades.2015.720p.WEB-DL.x264.AAC-ETRG[www.ahashare.com].torrent
2015-12-02 20:25 - 2015-12-02 20:25 - 00002180 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xperia Link.lnk
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2015-12-31 17:11 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-31 16:52 - 2015-05-01 18:27 - 00000000 ____D C:\Users\Momo\AppData\Local\Adobe
2015-12-31 16:25 - 2015-06-14 19:14 - 00001010 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-12-31 16:18 - 2015-05-16 18:14 - 00001056 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-31 16:11 - 2009-07-14 05:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 16:11 - 2009-07-14 05:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 16:10 - 2015-05-01 12:59 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C0225386-E1F9-48AA-8A47-AEEE1C16F6A2}
2015-12-31 16:04 - 2015-06-14 19:17 - 00000000 ___RD C:\Users\Momo\Dropbox
2015-12-31 16:04 - 2015-06-14 19:14 - 00000000 ____D C:\Users\Momo\AppData\Local\Dropbox
2015-12-31 16:03 - 2015-06-14 19:14 - 00001006 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-12-31 16:03 - 2015-05-16 18:14 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 16:02 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-31 16:00 - 2015-05-05 15:17 - 00000000 ____D C:\Users\Momo\AppData\Roaming\Skype
2015-12-31 16:00 - 2015-05-01 12:36 - 00000000 ____D C:\ProgramData\Skype
2015-12-30 22:46 - 2015-05-03 22:11 - 00003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A13653E3-004B-4FF9-90A6-B2AD3184C823}
2015-12-30 22:42 - 2015-09-20 19:29 - 00000000 ___RD C:\Users\Nora\Dropbox
2015-12-30 22:42 - 2015-06-15 12:46 - 00000000 ____D C:\Users\Nora\AppData\Local\Dropbox
2015-12-30 22:39 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-30 22:33 - 2015-11-04 10:05 - 00000000 ____D C:\Users\Momo\Documents\Apparaten thuis
2015-12-30 21:35 - 2015-06-23 17:42 - 00000000 ____D C:\Users\Nora\AppData\Local\Windows Live
2015-12-30 21:05 - 2015-05-01 21:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-30 18:26 - 2015-05-01 12:55 - 00000000 ____D C:\Update
2015-12-30 18:24 - 2015-05-01 12:14 - 00746450 _____ C:\Windows\system32\perfh013.dat
2015-12-30 18:24 - 2015-05-01 12:14 - 00154112 _____ C:\Windows\system32\perfc013.dat
2015-12-30 18:24 - 2009-07-14 06:13 - 01672504 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-25 13:25 - 2009-07-14 06:08 - 00032588 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-12-18 22:24 - 2015-05-02 14:20 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-12-18 22:24 - 2015-05-02 14:20 - 00000000 ___SD C:\Windows\system32\GWX
2015-12-18 22:23 - 2015-05-04 16:27 - 00000000 ____D C:\Users\Nora\AppData\Roaming\SoftGrid Client
2015-12-18 14:04 - 2015-05-03 22:12 - 00066488 _____ C:\Users\Nora\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-17 11:27 - 2015-05-16 18:14 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-17 10:45 - 2015-11-11 13:25 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-17 10:45 - 2015-11-11 13:25 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2015-12-15 20:27 - 2015-07-16 21:30 - 00000000 ____D C:\Users\Nora\Documents\Bluetooth Folder
2015-12-15 20:25 - 2015-06-05 16:39 - 00000000 ____D C:\Users\Momo\AppData\Roaming\vlc
2015-12-15 20:12 - 2015-05-01 12:53 - 00000000 ____D C:\Users\Momo\Documents\Bluetooth Folder
2015-12-15 17:04 - 2015-06-14 20:33 - 00000000 ____D C:\Users\Momo\Downloads\PopcornTime
2015-12-13 19:52 - 2015-06-05 16:27 - 00000000 ____D C:\Films
2015-12-11 22:13 - 2015-06-14 19:14 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-12-10 17:50 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-10 15:54 - 2015-05-25 21:44 - 00001048 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk
2015-12-10 15:54 - 2015-05-25 21:42 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield
2015-12-10 15:53 - 2015-05-25 21:43 - 00000000 ____D C:\ProgramData\Hotspot Shield
2015-12-09 16:27 - 2009-07-14 05:45 - 00293592 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 15:43 - 2015-05-04 21:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 15:40 - 2015-05-04 21:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 15:40 - 2015-05-04 21:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 15:37 - 2015-05-01 17:41 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 15:15 - 2015-05-01 17:41 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-06 21:13 - 2015-05-16 18:14 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-06 21:13 - 2015-05-16 18:14 - 00003800 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 12:10 - 2015-05-25 21:32 - 00000000 ____D C:\Users\Momo\AppData\Roaming\uTorrent
2015-12-03 12:08 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\spool
2015-12-02 20:25 - 2015-05-01 11:44 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2015-12-02 20:25 - 2015-05-01 11:44 - 00000000 ____D C:\Program Files (x86)\Sony
2015-12-02 20:25 - 2015-05-01 11:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-12-02 20:22 - 2015-05-22 12:00 - 00000000 ____D C:\ProgramData\Oracle
2015-12-02 19:55 - 2015-05-22 12:38 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-12-02 19:54 - 2015-05-22 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-12-02 19:53 - 2015-08-31 21:37 - 00000000 ____D C:\Users\Momo\.oracle_jre_usage
2015-12-02 19:52 - 2015-05-22 12:01 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-12-02 19:51 - 2015-05-22 12:00 - 00000000 ____D C:\Program Files (x86)\Java
2015-12-02 13:18 - 2010-11-21 04:27 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
==================== Bestanden in de root van sommige mappen =======
 
2015-05-01 12:42 - 2015-05-01 12:42 - 0000035 _____ () C:\ProgramData\AtherosServiceConfig.ini
2015-05-22 13:11 - 2015-11-02 23:43 - 0001768 _____ () C:\ProgramData\hpzinstall.log
 
Sommige bestanden in TEMP:
====================
C:\Users\Momo\AppData\Local\Temp\0015211430579198mcinst.exe
C:\Users\Momo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptcgnpl.dll
C:\Users\Momo\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Momo\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Momo\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\Momo\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Momo\AppData\Local\Temp\update.exe
C:\Users\MomoSurf\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_cqpk4.dll
C:\Users\Nora\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvingln.dll
C:\Users\Nora\AppData\Local\Temp\jre-8u66-windows-au.exe
 
 
==================== Bamital & volsnap =================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\SysWOW64\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2015-12-26 13:18
 
==================== Eind van FRST.txt ============================

 

 

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie:31-12-2015
Gestart door Momo (2015-12-31 17:13:24)
Gestart vanaf C:\Users\Momo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-05-01 11:49:28)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1072271410-187323381-3561074415-500 - Administrator - Disabled)
Gast (S-1-5-21-1072271410-187323381-3561074415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1072271410-187323381-3561074415-1006 - Limited - Enabled)
Momo (S-1-5-21-1072271410-187323381-3561074415-1001 - Administrator - Enabled) => C:\Users\Momo
MomoSurf (S-1-5-21-1072271410-187323381-3561074415-1005 - Limited - Enabled) => C:\Users\MomoSurf
Nora (S-1-5-21-1072271410-187323381-3561074415-1004 - Limited - Enabled) => C:\Users\Nora
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Kaspersky Internet Security (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Internet Security (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Disabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
µTorrent (HKU\S-1-5-21-1072271410-187323381-3561074415-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
5600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{786CB536-FA02-6F2E-4AE4-59B288E79A6E}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.90 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Registration Guide (HKLM-x32\...\DV CIG Guide) (Version: 1.0.0.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.)
Handleiding VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Hotspot Shield 5.0.4 (HKLM-x32\...\HotspotShield) (Version: 5.0.4 - AnchorFree Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7299 - Paramount Software (UK) Ltd.) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ondersteuning voor VAIO Transfer (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.00.04171 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.00.04060 - Sony Corporation) Hidden
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.3.00 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-1072271410-187323381-3561074415-1001\...\Popcorn Time) (Version:  - Popcorn Official)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote-play bij PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-toetsenbord (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.4.11210 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (x32 Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.10 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.10 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VideoBrowser (HKLM-x32\...\{D79DC615-EC9F-4EFA-9482-5911168D8F32}) (Version: 1.01.100 - PIXELA)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VTech Download Agent Library (x32 Version: 1.00.0000 - VTech) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {3DA6218E-806B-4C20-9C91-8E6FF1EA5F2A} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)
Task: {41D27563-D99B-4C63-BA27-F20B69F759ED} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {464F4C4E-313A-4387-B378-9B228A02A7D8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-14] (Dropbox, Inc.)
Task: {569E5823-90A1-4B26-B020-CC4BB18F9DE4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {7C88A4A8-5695-444D-930B-D176A4083037} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {7FD82A53-9B9F-4282-B357-3FAF0FF90823} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-11-21] (Sony Corporation)
Task: {80184E70-B9A1-433C-8A0A-92C1A55AD31F} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {905ED54B-8C37-4023-AF2A-A0568051D01E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {94098C08-19D4-4439-9DC5-C23704C1B160} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {965BFD6C-E6B2-4BC0-B4BD-6C8CD58A6500} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {9F05FB5F-313D-4273-8A1B-8B2A022DC269} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {A1F2C23F-24C2-4BA5-95C6-A77143FBD037} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-31] (Adobe Systems Incorporated)
Task: {A9B9F78F-D126-4D29-B87E-583541F56026} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {ABB0321F-D8A4-4AEC-A834-BFD97112E77C} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {B46B448D-CFF1-4D3F-AF14-5D6494955912} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.)
Task: {B82526DD-FBD8-4850-B034-EFF597EE4205} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-16] (Google Inc.)
Task: {DD3C45DB-0688-4FF6-913B-AB8C2CF649E6} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {EB328D94-E6F6-4089-9E2B-26F1F0B0E994} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2015-07-31] (Sony Corporation)
Task: {F8567BA4-56E9-4FA8-871F-A99C79F341B4} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Snelkoppelingen =============================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
==================== Geladen Modules (gefilterd) ==============
 
2015-05-22 12:29 - 2013-10-23 14:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-02-18 17:49 - 2011-02-18 17:49 - 00079872 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Services.dll
2011-02-18 17:49 - 2011-02-18 17:49 - 00073728 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-09-14 03:38 - 2014-06-20 07:42 - 00401280 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
2011-02-18 17:50 - 2011-02-18 17:50 - 00103424 _____ () c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-08-24 13:39 - 2010-08-24 13:39 - 00016384 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-02-18 17:36 - 2011-02-18 17:36 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-11-13 00:25 - 2015-11-13 00:25 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2015-11-06 20:44 - 2015-11-06 20:44 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2015-05-14 19:39 - 2010-07-01 19:27 - 00364544 ____N () C:\Program Files (x86)\PIXELA\VideoBrowser\pxl_m17n_tool.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00439304 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2015-09-03 14:45 - 2015-09-03 14:45 - 00321032 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2015-12-11 22:13 - 2015-10-31 01:59 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00022848 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Random.OSRNG.winrandom.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00023352 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util._counter.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00042296 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Cipher._AES.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-11 22:13 - 2015-10-31 01:59 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2015-12-11 22:13 - 2015-12-08 22:36 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00109520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 01737032 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00021320 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_xde9e4433x360333f0.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2015-12-11 22:13 - 2015-10-31 02:00 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2015-12-11 22:13 - 2015-10-31 01:59 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00021304 _____ () C:\Program Files (x86)\Dropbox\Client\Crypto.Util.strxor.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2015-12-11 22:13 - 2015-12-08 22:36 - 01826608 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-11 22:13 - 2015-10-31 02:00 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 03891504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 01950000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00519984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00133936 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00225080 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00486704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2015-12-11 22:13 - 2015-12-08 22:36 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2015-06-14 19:16 - 2015-10-31 02:01 - 00019920 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-06-14 19:16 - 2015-10-31 02:00 - 00786904 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:17 - 2015-10-31 02:00 - 00063448 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-14 19:16 - 2015-10-31 02:00 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2015-09-14 03:38 - 2014-03-04 12:20 - 00117760 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QtSolutions_SOAP-2.7.dll
2015-09-14 03:38 - 2014-04-22 03:14 - 00065536 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\QHttpServer.dll
2015-09-14 03:38 - 2014-05-06 06:39 - 00861184 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\platforms\qwindows.dll
2015-09-14 03:38 - 2014-05-06 06:38 - 00021504 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qgif.dll
2015-09-14 03:38 - 2014-05-06 06:38 - 00020992 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qico.dll
2015-09-14 03:38 - 2014-05-06 06:38 - 00204800 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qjpeg.dll
2015-09-14 03:38 - 2014-05-06 11:44 - 00218112 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qmng.dll
2015-09-14 03:38 - 2014-05-06 06:58 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qsvg.dll
2015-09-14 03:38 - 2014-05-06 11:44 - 00015360 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtga.dll
2015-09-14 03:38 - 2014-05-06 11:44 - 00307712 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qtiff.dll
2015-09-14 03:38 - 2014-05-06 11:44 - 00014848 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\imageformats\qwbmp.dll
2015-09-14 03:38 - 2014-05-06 07:31 - 00015872 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\sensors\qtsensors_dummy.dll
2015-09-14 03:38 - 2014-05-06 06:38 - 00036352 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qgenericbearer.dll
2015-09-14 03:38 - 2014-05-06 06:38 - 00038912 _____ () C:\Program Files (x86)\VTech\DownloadManager\System\plugins\bearer\qnativewifibearer.dll
2015-12-17 11:27 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-17 11:27 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-30 22:37 - 2015-12-24 07:46 - 16792256 _____ () C:\Users\Momo\AppData\Local\Google\Chrome\User Data\PepperFlash\20.0.0.267\pepflashplayer.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
AlternateDataStreams: C:\Users\Nora\Documents\Camera-uploads:com.dropbox.attributes
AlternateDataStreams: C:\Users\Nora\Documents\Famillie:com.dropbox.attributes
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
 
==================== EXE Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Momo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
MSCONFIG\Services: 0015211430579198mcinstcleanup => 2
MSCONFIG\Services: AVP15.0.2 => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [{1B9B2C13-98B8-4F73-9D39-6E84B4303FE2}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{5CDD2A8C-7BD0-4C7F-BAF4-1A32700714C5}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{464CD296-994D-41AB-A213-239EBC3020D5}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{919DEC82-6875-4FEA-803A-752D5AAB711D}] => (Allow) LPort=2869
FirewallRules: [{C1B98D68-BC32-42F7-9A61-89E9EF65E9A4}] => (Allow) LPort=1900
FirewallRules: [{36A5AD84-5DE0-48F6-9A1D-59BA46C80037}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F137479E-5907-453D-BAD1-3C0A03D7CC59}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{CC7FEE85-7EAC-41DB-90FC-EC10ABFB8EE3}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{BC390B13-7B5F-4680-8BB2-C3D007EAC13C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{8BE2A34A-C421-4C62-9495-2107892D77E3}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{0FF429A6-535D-4BDE-8839-B6966A8139DC}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{EC08F70B-CB72-4900-BCF6-1B97657F2731}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{49B76A31-9D77-46F2-99E7-F01F70C15564}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{E1736E5C-DCC0-491C-9683-6961C813F3D5}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{5082B2D7-5D74-460E-BD15-05A3756A5EEE}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{4970087D-5EBE-418C-B2DA-9788E1686A3D}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{9ED146DC-50DF-4736-BDCE-14D0F254D713}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{1CD7243A-8A8B-4FA2-8FBC-19CD7C834419}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C8AC253D-B40D-4D06-BC3D-2C79F1BAA034}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AE25B7FB-8AE4-43A7-AF1B-EB71E4F17066}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0528FECC-50A2-44CD-AF6C-55A556AAA480}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{687BE0F0-138C-4AF6-9D79-0050C415DD8F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{154D366C-0C73-48B7-990A-B063CAD13673}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{BE2660ED-5CA7-4486-97BE-4387B8A883ED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{9F2F4B0D-69CC-409F-A3CE-2B3048E3E30F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{969472B8-D66A-476E-B929-2BB7021E9103}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{4B3C766A-C4F3-408B-B788-74D073717C69}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{DA45E92D-7D89-4E07-9CD8-7F5DDC4209D8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{9408254D-1039-4286-A3C0-9FFFC3F9FE05}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{651D0191-B9D1-4D7C-AD48-0DC7753CA1BB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{379C71B3-287C-496F-8938-D64658378D91}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{E48647F9-C779-4F51-B4E9-A4B23A92389D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{244C3665-91F7-4820-B211-2B1BF46C92B5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{8C7C73B5-6A43-4453-A4FE-ECB49760A7EF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{32C0624C-875B-4999-A210-EF45565FBF0D}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{CEC353E1-97E7-4163-90F2-1A97800A9495}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{52C3FFD7-02C4-492D-9CC4-B0D2C3C11D3E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{3D312A81-EC78-4BA9-8B3F-B0D4A00250C1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{08B7FC18-E38F-41F5-AD47-90AAA8CAEA72}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{2B92B5B8-6156-4A88-8CE3-7F38D3EF8B7E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{C658C21A-2B9C-4ADD-BF28-AF6B5E19546A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{505BEAFD-6DD9-46FE-B2D7-D0D5D4FD95CB}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{DDD0DD34-A556-47F5-94D3-9E7F44470938}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{BDE6D68F-4EB7-460C-8A7F-75CBF972F48E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{64214A8E-80BD-485A-9BD9-9CC4DCAA7DDC}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{90BA9F1C-1F9B-44AF-90FF-397DD84F23A3}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{6015B225-2CE8-4A7B-8703-DB0C9244410C}] => (Allow) C:\Users\Momo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3603457B-7763-45C4-9F97-4E34060919AA}] => (Allow) C:\Users\Momo\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{34191982-5F03-44F3-9329-2AC033441BCC}C:\users\momo\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\momo\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{BEA37A0F-468D-4349-A18A-F7BED8DF4DB3}C:\users\momo\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\momo\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [TCP Query User{8BF98B31-2852-4CEB-9DF4-BF527FE33453}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{E6B559BC-3258-460A-AD18-CF748A313CDA}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [TCP Query User{85EF1A6D-5EBF-4B83-8D1C-71F883CE22A9}C:\users\momo\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\momo\appdata\local\popcorn time\nw.exe
FirewallRules: [UDP Query User{81500A81-71E2-4489-A2F2-34F4E2B65CED}C:\users\momo\appdata\local\popcorn time\nw.exe] => (Allow) C:\users\momo\appdata\local\popcorn time\nw.exe
FirewallRules: [{ACC7F6D9-D6C5-49AD-8D03-E838214F5393}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{6DD36714-081D-48E3-BA15-D862ACF06717}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{75461FC7-7DBC-416C-BAC2-89D0DCF37F4E}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{5A782330-E687-4E1E-B200-908570D27B90}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{FAACE8AD-2DDE-4CFB-8829-9681FC73B50C}] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{99EA3CC3-5589-4BDB-ACC9-75861AF7EB6A}] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [{537810A8-3525-47B0-BAC6-C8AAFC154096}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{44F211AA-AF8E-4636-96FA-D2B7CF248938}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6F9F9E58-D970-47E6-8713-CFB9D06C5BDD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F783B1CF-4425-49A6-A966-880E20F916A6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E29210FD-5E47-4DFD-AA97-AA4FBD62F80B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{262F38E4-068C-4051-A80C-953F55A9D35B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Herstelpunten =========================
 
18-12-2015 10:22:20 Windows Update
18-12-2015 22:23:30 Windows Update
24-12-2015 21:00:56 Windows Update
29-12-2015 09:53:09 Windows Update
30-12-2015 18:29:55 Geïnstalleerd Xperia Link
31-12-2015 15:59:49 Removed Skype™ 7.6
 
==================== Defecte Apparaatbeheer Apparaten =============
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (12/31/2015 04:03:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/31/2015 02:47:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4618
 
Error: (12/31/2015 02:47:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4618
 
Error: (12/31/2015 02:47:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/31/2015 02:26:29 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/30/2015 10:26:05 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/30/2015 09:33:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma Explorer.EXE, versie 6.1.7601.17567 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm.
 
Proces-id: c08
 
Starttijd: 01d1433ced0c579e
 
Eindtijd: 32
 
Toepassingspad: C:\Windows\Explorer.EXE
 
Rapport-id: a37c69ab-af34-11e5-b1ed-ccaf78b4c63a
 
Error: (12/30/2015 09:03:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/30/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 83567972
 
Error: (12/30/2015 06:17:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 83567972
 
 
Systeemfouten:
=============
Error: (12/31/2015 04:02:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.0-service kan vanwege de volgende fout niet worden gestart: 
%%3
 
Error: (12/31/2015 02:26:13 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (12/31/2015 02:25:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.0-service kan vanwege de volgende fout niet worden gestart: 
%%3
 
Error: (12/30/2015 10:24:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.0-service kan vanwege de volgende fout niet worden gestart: 
%%3
 
Error: (12/30/2015 09:04:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
 
Error: (12/30/2015 09:02:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.0-service kan vanwege de volgende fout niet worden gestart: 
%%3
 
Error: (12/30/2015 06:22:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.
 
Error: (12/30/2015 06:22:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.
 
Error: (12/30/2015 06:18:37 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {9F070738-F6EA-408A-A6BD-AED405E67A13}
 
Error: (12/29/2015 04:47:22 PM) (Source: Disk) (EventID: 11) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
 
==================== Geheugen info =========================== 
 
Processor: AMD E-350 Processor
Percentage geheugen in gebruik: 53%
Totaal fysiek RAM-geheugen: 3690.9 MB
Beschikbaar fysiek RAM-geheugen: 1699.03 MB
Totaal Virtueel geheugen: 7380.01 MB
Beschikbaar Virtual geheugen: 4967.29 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:284.41 GB) (Free:124.91 GB) NTFS
Drive e: (BIOS) (Removable) (Total:1.88 GB) (Free:1.87 GB) FAT32
 
==================== MBR & Partitietabel ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: D6D77326)
Partition 1: (Not Active) - (Size=13.6 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=284.4 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
========================================================
Disk: 2 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== Eind van Addition.txt ============================


BC AdBot (Login to Remove)

 


#2 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 01 January 2016 - 03:22 PM

I downloaded the safety scanner from microsoft from my other laptop without any issue.

 

copied it to a usb, put it on the problem laptop, a full scan and nothing found.

 

I realize I did had a antivirus paid version (kaspersky internet securuity) on the laptop, as I first said that it had no antivirus.

 

I only disabled it because it had problems running.

 

Now I enabled it, updated it and run a full scan. nothing found.

 

I don't know if skype is the cause and not a virus?  the skype workers told me that the cause could be anything (email, virus on computer).

 

I mostly use skype on iphone, and here I'm confused with what the skype workers said: one said that iphone can not be infected, so no need to check the iphone.

an other said: you can download an app from app store to scan for viruses, because it is possible that the virus is on the iphone.

 

This is really not clear anymore.



#3 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:17 PM

Posted 04 January 2016 - 11:52 AM


:welcome: to BleepingComputer.

Hi there,

my name is Jo and I will help you with your computer problems.


Please follow these guidelines:
  • Read and follow the instructions in the sequence they are posted.
  • print or copy & save instructions.
  • back up all your private data / music / important files on another (external) drive before using our tools.
  • Do not install / uninstall any applications, unless otherwise instructed.
  • Use only that tools you have been instructed to use.
  • Copy and Paste the log files inside your post, unless otherwise instructed.
  • Ask for clarification, if you have any questions.
  • Stay with this topic til you get the all clean post.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

***


:step1: Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

***


:step2: Please download Malwarebytes Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page.
  • Caution: This is a beta version so please be sure to read the disclaimer and back up all your data before using.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
With some infections, you may see two messages boxes.
  • 'Could not load protection driver'. Click 'OK'.
  • 'Could not load DDA driver'. Click 'Yes' to this message, to allow the driver to load after a restart. Allow the computer to restart. Continue with the rest of these instructions.
  • If malware is found - do not press the Clean up button, please go to the MBAR folder and then copy/paste the contents of the MBAR-log-***.txt file to your next reply.
  • If there is no malware found, please let me know as well.

***


:step3: Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
    The actual line should say "Pending. Please uncheck elements you do not want to remove" => scan is complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it.
    If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

***


:step4: MiniToolbox by Farbar

Disable your antivirus if it does not allow you to download the tool!
Please download MiniToolBox, save it to your desktop and run it.
Place a checkmark in Select all, then click Go and post the result (MTB.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Copy and paste the contents of that logfile in your next reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#4 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 01:32 PM

 Results of screen317's Security Check version 1.009  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Kaspersky Internet Security   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 66  
 Java version 32-bit out of Date! 
 Google Chrome (47.0.2526.106) 
 Google Chrome (47.0.2526.80) 
````````Process Check: objlist.exe by Laurent````````  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avp.exe  
 Kaspersky Lab Kaspersky Internet Security 15.0.2 avpui.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C: 1% 
````````````````````End of Log`````````````````````` 


#5 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 02:51 PM

Malwarebytes Anti-Rootkit : NO malsware found.



#6 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 03:06 PM

# AdwCleaner v5.028 - Logbestand aangemaakt 05/01/2016 op 20:52:17
# Laatste update 04/01/2016 door Xplode
# Database : 2016-01-04.2 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Momo - MOMOSONYLAPTOP
# Gestart vanuit : C:\Users\Momo\Desktop\AdwCleaner.exe
# Optie : Scannen
# Ondersteuning : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Mappen ] *****
 
Map Gevonden : C:\Users\Nora\AppData\Local\DownloadManager
 
***** [ Bestanden ] *****
 
Bestand Gevonden : C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Bestand Gevonden : C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
 
***** [ Register ] *****
 
Sleutel Gevonden : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
 
***** [ Internetbrowsers ] *****
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1049 bytes] ##########


#7 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 03:13 PM

MiniToolBox by Farbar  Version: 02-11-2015
Ran by Momo (administrator) on 05-01-2016 at 21:09:33
Running from "C:\Users\Momo\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: VPCEL1E1E Manufacturer: Sony Corporation
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP-configuratie
 
De DNS-omzettingscache is leeggemaakt.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================
 
Atheros AR9285 Wireless Network Adapter = Draadloze netwerkverbinding (Connected)
Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = LAN-verbinding (Media disconnected)
Bluetooth-apparaat (Personal Area Network) = Bluetooth-netwerkverbinding (Media disconnected)
 
 
# ----------------------------------
# IPv4-configuratie
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# Einde van IPv4-configuratie
 
 
 
Windows IP-configuratie
 
   Hostnaam  . . . . . . . . . . . . : MomoSonyLaptop
   Primair DNS-achtervoegsel . . . . : 
   Knooppunttype . . . . . . . . . . : hybride
   IP-routering ingeschakeld . . . . : nee
   WINS-proxy ingeschakeld . . . . . : nee
   DNS-achtervoegselzoeklijst. . . . : telenet.be
 
Ethernet-adapter voor LAN-verbinding* 2:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Anchorfree HSS VPN Adapter
   Fysiek adres. . . . . . . . . . . : 00-FF-0D-07-6A-E2
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
 
Ethernet-adapter voor Bluetooth-netwerkverbinding:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Bluetooth-apparaat (Personal Area Network)
   Fysiek adres. . . . . . . . . . . : CC-AF-78-B4-C6-3A
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
 
Draadloos LAN-adapter voor Draadloze netwerkverbinding:
 
   Verbindingsspec. DNS-achtervoegsel: telenet.be
   Beschrijving. . . . . . . . . . . : Atheros AR9285 Wireless Network Adapter
   Fysiek adres. . . . . . . . . . . : CC-AF-78-B4-C6-39
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
   Link-local IPv6-adres . . . . . . : fe80::4897:f5ef:4a6:3240%12(voorkeur) 
   IPv4-adres. . . . . . . . . . . . : 192.168.1.101(voorkeur) 
   Subnetmasker. . . . . . . . . . . : 255.255.255.0
   Lease verkregen . . . . . . . . . : dinsdag 5 januari 2016 17:43:58
   Lease verlopen. . . . . . . . . . : zaterdag 12 februari 2152 3:38:19
   Standaardgateway. . . . . . . . . : 192.168.1.1
   DHCP-server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 315404152
   DHCPv6-client DUID. . . . . . . . : 00-01-00-01-1C-D5-0F-ED-78-84-3C-99-E1-62
   DNS-servers . . . . . . . . . . . : 2a02:1800:100::44:1
                                       2a02:1800:100::44:2
                                       192.168.1.1
   NetBIOS via TCPIP . . . . . . . . : ingeschakeld
   Zoeklijst voor verbindingsspec. DNS-achtervoegsels :
                                       telenet.be
 
Ethernet-adapter voor LAN-verbinding:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: telenet.be
   Beschrijving. . . . . . . . . . . : Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Fysiek adres. . . . . . . . . . . : 78-84-3C-99-E1-62
   DHCP ingeschakeld . . . . . . . . : ja
   Autom. configuratie ingeschakeld  : ja
 
Tunnel-adapter voor isatap.telenet.be:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter
   Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP ingeschakeld . . . . . . . . : nee
   Autom. configuratie ingeschakeld  : ja
 
Tunnel-adapter voor isatap.{F6E0B91C-0992-414F-A0F3-86A6CC7B4CB4}:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: telenet.be
   Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP ingeschakeld . . . . . . . . : nee
   Autom. configuratie ingeschakeld  : ja
 
Tunnel-adapter voor isatap.{0D076AE2-5793-4473-896A-F51D14AFB508}:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter #3
   Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP ingeschakeld . . . . . . . . : nee
   Autom. configuratie ingeschakeld  : ja
 
Tunnel-adapter voor Teredo Tunneling Pseudo-Interface:
 
   Mediumstatus. . . . . . . . . . . : medium ontkoppeld
   Verbindingsspec. DNS-achtervoegsel: 
   Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP ingeschakeld . . . . . . . . : nee
   Autom. configuratie ingeschakeld  : ja
Server:  UnKnown
Address:  2a02:1800:100::44:1
 
 
Pingen naar google.com [64.15.124.213] met 32 bytes aan gegevens:
Antwoord van 64.15.124.213: bytes=32 tijd=16 ms TTL=58
Antwoord van 64.15.124.213: bytes=32 tijd=15 ms TTL=58
 
Ping-statistieken voor 64.15.124.213:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).
 
De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden:
    Minimum = 15ms, Maximum = 16ms, Gemiddelde = 15ms
Server:  UnKnown
Address:  2a02:1800:100::44:1
 
 
Pingen naar yahoo.com [98.138.253.109] met 32 bytes aan gegevens:
Antwoord van 98.138.253.109: bytes=32 tijd=127 ms TTL=50
Antwoord van 98.138.253.109: bytes=32 tijd=234 ms TTL=50
 
Ping-statistieken voor 98.138.253.109:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).
 
De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden:
    Minimum = 127ms, Maximum = 234ms, Gemiddelde = 180ms
 
Pingen naar 127.0.0.1 met 32 bytes aan gegevens:
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128
 
Ping-statistieken voor 127.0.0.1:
    Pakketten: verzonden = 2, ontvangen = 2, verloren = 0
    (0% verlies).
 
De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden:
    Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms
===========================================================================
Interfacelijst
 16...00 ff 0d 07 6a e2 ......Anchorfree HSS VPN Adapter
 14...cc af 78 b4 c6 3a ......Bluetooth-apparaat (Personal Area Network)
 12...cc af 78 b4 c6 39 ......Atheros AR9285 Wireless Network Adapter
 11...78 84 3c 99 e1 62 ......Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 19...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
 15...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 routetabel
===========================================================================
Actieve routes:
Netwerkadres             Netmasker          Gateway        Interface Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.101     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link     192.168.1.101    281
    192.168.1.101  255.255.255.255         On-link     192.168.1.101    281
    192.168.1.255  255.255.255.255         On-link     192.168.1.101    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.1.101    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.1.101    281
===========================================================================
Permanente routes:
  Geen
 
IPv6 routetabel
===========================================================================
Actieve routes:
 Indien metrische netwerkbestemming      Gateway
  1    306 ::1/128                  On-link
 12    281 fe80::/64                On-link
 12    281 fe80::4897:f5ef:4a6:3240/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Permanente routes:
  Geen
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 10 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/05/2016 05:45:37 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/05/2016 09:29:52 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5585
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5585
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2715
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2715
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 09:53:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/03/2016 05:03:13 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3369
 
 
System errors:
=============
Error: (01/05/2016 07:07:28 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
 
Error: (01/05/2016 07:07:27 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
 
Error: (01/05/2016 07:07:26 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
 
Error: (01/05/2016 07:07:26 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk2\DR2.
 
Error: (01/05/2016 07:07:25 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
Error: (01/05/2016 07:07:25 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
Error: (01/05/2016 07:07:24 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
Error: (01/05/2016 07:07:24 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
Error: (01/05/2016 07:07:23 PM) (Source: Disk) (User: )
Description: Het stuurprogramma heeft een controllerfout gevonden in \Device\Harddisk1\DR1.
 
Error: (01/05/2016 05:44:26 PM) (Source: Service Control Manager) (User: )
Description: De AODDriver4.0-service kan vanwege de volgende fout niet worden gestart: 
%%3
 
 
Microsoft Office Sessions:
=========================
Error: (01/05/2016 05:45:37 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/05/2016 09:29:52 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5585
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5585
 
Error: (01/04/2016 01:35:46 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2715
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2715
 
Error: (01/04/2016 01:35:43 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (01/04/2016 09:53:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/03/2016 05:03:13 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3369
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
5600 (HKLM-x32\...\{F2DC2589-C894-43DD-BA70-8FDCA7360584}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
5600_Help (HKLM-x32\...\{7DCBC3D8-8954-491D-A1B9-8C61C563B004}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
5600Trb (HKLM-x32\...\{2605461E-AB2E-49F5-8A16-64B7F3595030}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (HKLM-x32\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM-x32\...\{9F6B13E2-B93F-4203-9BD4-5DC18C9F9DEB}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM-x32\...\{104066F4-5897-4067-85D3-4C88B67CCF75}) (Version: 130.0.421.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{786CB536-FA02-6F2E-4AE4-59B288E79A6E}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
Belgium e-ID middleware 4.0.7 (build 7466) (HKLM\...\{824563DE-75AD-4166-9DC0-B6482F207466}) (Version: 4.0.7466 - Belgian Government)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.90 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (HKLM-x32\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.0.1 - Canon Inc.)
CANON iMAGE GATEWAY Registration Guide (HKLM-x32\...\DV CIG Guide) (Version: 1.0.0.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.8.0.1 - Canon Inc.)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\Canon Internet Library for ZoomBrowser EX) (Version: 1.7.0.1 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC8) (Version: 8.3.0.6 - Canon Inc.)
Canon Utilities CameraWindow Launcher (HKLM-x32\...\CameraWindowLauncher) (Version: 7.5.0.2 - Canon Inc.)
Canon Utilities MyCamera (HKLM-x32\...\MyCamera) (Version: 7.4.0.2 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.6.0.23 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.4.0.4 - Canon Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
Copy (HKLM-x32\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - Acro Software Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM-x32\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM-x32\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (HKLM-x32\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Evernote v. 5.9.1 (HKLM-x32\...\{5EA1DED0-5285-11E5-8AA1-0050569584E9}) (Version: 5.9.1.8742 - Evernote Corp.)
Explor@ Park (HKLM-x32\...\VTechDownloadManager) (Version:  - VTech)
Fax (HKLM-x32\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Galeria de Fotografias do Windows Live (HKLM-x32\...\{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (HKLM-x32\...\{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (HKLM-x32\...\{488F0347-C4A7-4374-91A7-30818BEDA710}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (HKLM-x32\...\{CB66242D-12B1-4494-82D2-6F53A7E024A3}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.29.1 - Google Inc.) Hidden
GPBaseService2 (HKLM-x32\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.16) (Version: 9.16 - Artifex Software Inc.)
Handleiding VAIO (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
Hotspot Shield 5.0.4 (HKLM-x32\...\HotspotShield) (Version: 5.0.4 - AnchorFree Inc.)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM-x32\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM-x32\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM-x32\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM-x32\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM-x32\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
IsoBuster 3.6 (HKLM-x32\...\IsoBuster_is1) (Version: 3.6 - Smart Projects)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kaspersky Internet Security (HKLM-x32\...\{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.396 - Kaspersky Lab)
Macrium Reflect Free Edition (HKLM\...\{F68D807C-3B19-4907-B066-5A026C7488BE}) (Version: 5.3.7299 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Gallery (HKLM\...\{115B60D5-BBDB-490E-AF2E-064D37A3CE01}) (Version: 1.5.0.16020 - Your Company Name) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klik-en-Klaar 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Nederlands (HKLM-x32\...\{90140011-0066-0413-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Network64 (HKLM\...\{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Ondersteuning voor VAIO Transfer (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.00.04171 - Sony Corporation)
PMB VAIO Edition Guide (HKLM-x32\...\{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM\...\{133D3F07-D558-46CE-80E8-F4D75DBBAD63}) (Version: 1.5.00.04010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (HKLM-x32\...\{8356CB97-A48F-44CB-837A-A12838DC4669}) (Version: 1.5.00.02250 - Sony Corporation) Hidden
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 9.3.00 - Sony Corporation) Hidden
Poczta usługi Windows Live (HKLM-x32\...\{64376910-1860-4CEF-8B34-AA5D205FC5F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (HKLM-x32\...\{7A9D47BA-6D50-4087-866F-0800D8B89383}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Popcorn Time (HKCU\...\Popcorn Time) (Version:  - Popcorn Official)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
Qualcomm Atheros Direct Connect (HKLM-x32\...\{21DD6041-7251-40FA-9D06-C5EB30268E0F}) (Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (HKLM-x32\...\{ED16B700-D91F-44B0-867C-7EB5253CA38D}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{08D7BC86-7358-464C-8AD0-0D84B5F0A0C9}) (Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (HKLM-x32\...\{5FA51AAF-23FE-42F4-A724-D79F85F41D4B}) (Version: 1.1.0.15070 - Sony Corporation) Hidden
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM-x32\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM-x32\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Corporation (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Status (HKLM-x32\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Stuurprogrammapakket voor Windows - Fedict SmartCard  (04/30/2014 4.0.7.5) (HKLM\...\C5357B4AD7C02B3F6EF45765A07E5B725E50BBF7) (Version: 04/30/2014 4.0.7.5 - Fedict)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)
Toolbox (HKLM-x32\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM-x32\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM-x32\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.02250 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.5.00.04060 - Sony Corporation)
VAIO - Remote-play bij PlayStation®3 (HKLM-x32\...\{07441A52-E208-478A-92B7-5C337CA8C131}) (Version: 1.1.0.15070 - Sony Corporation)
VAIO - Remote-toetsenbord (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.4.11210 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.0.15030 - Sony Corporation)
VAIO Care (HKLM-x32\...\{91989CE7-EE83-4A53-8E06-D97887928119}) (Version: 6.4.0.15030 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{70EED410-697B-4193-A2CB-2F790F82B420}) (Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.3.0.11090 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.03240 - Sony Corporation)
VAIO Hardware Diagnostics (HKLM-x32\...\{C72E35E5-C5C6-4328-AD9A-BBCCC816A2E6}) (Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Hero Screensaver - Summer 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Summer 2011 Screensaver) (Version:  - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\{5A92468F-3ED8-4F96-A9E1-4F176C80EC29}) (Version: 1.4.5.10 - Sony Corporation) Hidden
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.10 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.1.08270 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VCCx86 (HKLM-x32\...\{9B088046-8A01-4355-99DD-8530C022F682}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (HKLM\...\{F1DC5C16-9B1F-467B-85E3-CB48C27AC50D}) (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (HKLM-x32\...\{3A94F54D-A8A4-4B82-B346-92B4D56A2708}) (Version: 1.0.0 - Sony Corporation) Hidden
VideoBrowser (HKLM-x32\...\{D79DC615-EC9F-4EFA-9482-5911168D8F32}) (Version: 1.01.100 - PIXELA)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VSNx64 (HKLM\...\{F2611404-06BF-4E67-A5B7-8DB2FFC1CBF6}) (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (HKLM-x32\...\{A49A517F-5332-4665-922C-6D9AD31ADD4F}) (Version: 1.0.0 - Sony Corporation) Hidden
VTech Download Agent Library (HKLM-x32\...\{DB083AE1-3354-4AAD-BD44-5F2CC4B2ECE6}) (Version: 1.00.0000 - VTech) Hidden
VU5x64 (HKLM\...\{6B7DE186-374B-4873-AEC1-7464DA337DD6}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{9D12A8B5-9D41-4465-BF11-70719EB0CD02}) (Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WebReg (HKLM-x32\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
WhoCrashed 5.03 (HKLM\...\WhoCrashed_is1) (Version:  - Resplendence Software Projects Sp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
WMV9/VC-1 Video Playback (HKLM\...\{2E5AF62E-C985-6448-F858-42C9F3EEA035}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
Συλλογή φωτογραφιών του Windows Live (HKLM-x32\...\{C00C2A91-6CB3-483F-80B3-2958E29468F1}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (HKLM-x32\...\{2C8FBAB0-4564-47B8-AC4B-9C7401B94BF2}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (HKLM-x32\...\{E83DC314-C926-4214-AD58-147691D6FE9F}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (HKLM-x32\...\{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}) (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (HKLM-x32\...\{77F69CA1-E53D-4D77-8BA3-FA07606CC851}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (HKLM-x32\...\{C115A674-A398-49E5-9C6E-C0A541D3EA10}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 46%
Total physical RAM: 3690.9 MB
Available physical RAM: 1960.78 MB
Total Virtual: 7380.01 MB
Available Virtual: 4785.45 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:284.41 GB) (Free:121.95 GB) NTFS
3 Drive e: (BIOS) (Removable) (Total:1.88 GB) (Free:1.87 GB) FAT32
 
========================= Users: ========================================
 
Gebruikersaccounts voor \\MOMOSONYLAPTOP
 
Administrator            Gast                     Momo                     
MomoSurf                 Nora                     
De opdracht is voltooid.
 
========================= Minidump Files ==================================
 
C:\Windows\Minidump\050815-33914-01.dmp
C:\Windows\Minidump\052215-31886-01.dmp
C:\Windows\Minidump\052615-24866-01.dmp
C:\Windows\Minidump\052615-26395-01.dmp
C:\Windows\Minidump\060915-25474-01.dmp
C:\Windows\Minidump\062415-27565-01.dmp
C:\Windows\Minidump\062715-24164-01.dmp
C:\Windows\Minidump\070315-19796-01.dmp
C:\Windows\Minidump\070415-21528-01.dmp
C:\Windows\Minidump\070415-24367-01.dmp
C:\Windows\Minidump\070915-22729-01.dmp
========================= Restore Points ==================================
 
29-12-2015 08:53:09 Windows Update
30-12-2015 17:29:55 Geïnstalleerd Xperia Link
31-12-2015 14:59:49 Removed Skype™ 7.6
01-01-2016 14:35:47 Windows Update
05-01-2016 12:28:43 Windows Update
 
**** End of log ****


#8 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:17 PM

Posted 05 January 2016 - 03:18 PM

Hello,
 

***


Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it in the same location as / FSRT / FSRT64 (usually your desktop) as fixlist.txt

 
start
CreateRestorePoint:
EmptyTemp:
S3 AODDriver4.0; \??\c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
GroupPolicyUsers\S-1-5-21-1072271410-187323381-3561074415-1004\User: Restrictie <======= AANDACHT
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> DefaultScope {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms} 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0A8F6CE5-DC38-46ED-A96D-BF2C24F1114D} URL = hxxp://rover.ebay.com/rover/1/1553-42507-16445-53/4?satitle={searchTerms} 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0BE66A01-DF14-4BF4-A65C-F3B28158E461} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms} 
AlternateDataStreams: C:\Users\Nora\Documents\Camera-uploads:com.dropbox.attributes 
AlternateDataStreams: C:\Users\Nora\Documents\Famillie:com.dropbox.attributes
end


NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST / FSRT64 again like we did before but this time press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#9 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 03:31 PM

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie:31-12-2015
Gestart door Momo (2016-01-05 21:23:55) Run:1
Gestart vanaf C:\Users\Momo\Desktop
Geladen Profielen: Momo & Nora (Beschikbare Profielen: Momo & Nora & MomoSurf)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
start
CreateRestorePoint:
EmptyTemp:
S3 AODDriver4.0; \??\c:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
GroupPolicyUsers\S-1-5-21-1072271410-187323381-3561074415-1004\User: Restrictie <======= AANDACHT
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> DefaultScope {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms} 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0A8F6CE5-DC38-46ED-A96D-BF2C24F1114D} URL = hxxp://rover.ebay.com/rover/1/1553-42507-16445-53/4?satitle={searchTerms} 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {0BE66A01-DF14-4BF4-A65C-F3B28158E461} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices 
SearchScopes: HKU\S-1-5-21-1072271410-187323381-3561074415-1001 -> {4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} URL = hxxps://www.google.com/search?q={searchTerms} 
AlternateDataStreams: C:\Users\Nora\Documents\Camera-uploads:com.dropbox.attributes 
AlternateDataStreams: C:\Users\Nora\Documents\Famillie:com.dropbox.attributes
end
*****************
 
Herstelpunt is succesfol gemaakt.
AODDriver4.0 => dienst is succesvol verwijderd.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1072271410-187323381-3561074415-1004\User => is succesvol verplaatst.
C:\Windows\system32\GroupPolicy\GPT.ini => is succesvol verplaatst.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => waarde is succesvol verwijderd.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => sleutel is succesvol verwijderd.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => sleutel niet gevonden. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => sleutel is succesvol verwijderd.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => sleutel niet gevonden. 
HKU\S-1-5-21-1072271410-187323381-3561074415-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde is succesvol verwijderd.
"HKU\S-1-5-21-1072271410-187323381-3561074415-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => sleutel niet gevonden. 
"HKU\S-1-5-21-1072271410-187323381-3561074415-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0A8F6CE5-DC38-46ED-A96D-BF2C24F1114D}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{0A8F6CE5-DC38-46ED-A96D-BF2C24F1114D} => sleutel niet gevonden. 
"HKU\S-1-5-21-1072271410-187323381-3561074415-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BE66A01-DF14-4BF4-A65C-F3B28158E461}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{0BE66A01-DF14-4BF4-A65C-F3B28158E461} => sleutel niet gevonden. 
"HKU\S-1-5-21-1072271410-187323381-3561074415-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99}" => sleutel is succesvol verwijderd.
HKCR\CLSID\{4E7AD9FB-9DF6-4E50-9E7D-2147C1FDDE99} => sleutel niet gevonden. 
"C:\Users\Nora\Documents\Camera-uploads" => ":com.dropbox.attributes" ADS niet gevonden.
"C:\Users\Nora\Documents\Famillie" => ":com.dropbox.attributes" ADS niet gevonden.
EmptyTemp: => 3.6 GB tijdelijke gegevens verwijderd.
 
 
Het systeem moest herstart worden.
 
==== Eind van Fixlog 21:26:06 ====


#10 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:17 PM

Posted 05 January 2016 - 04:07 PM

:step1: Double click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


:step2: Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Double click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.


***


:step3: How the computer is running now?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#11 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 04:38 PM

# AdwCleaner v5.028 - Logbestand aangemaakt 05/01/2016 op 22:35:17
# Laatste update 04/01/2016 door Xplode
# Database : 2016-01-04.2 [Server]
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (x64)
# Gebruikersnaam : Momo - MOMOSONYLAPTOP
# Gestart vanuit : C:\Users\Momo\Desktop\AdwCleaner.exe
# Optie : Verwijderen
# Ondersteuning : http://toolslib.net/forum
 
***** [ Services ] *****
 
 
***** [ Mappen ] *****
 
[-] Map Verwijderd : C:\Users\Nora\AppData\Local\DownloadManager
 
***** [ Bestanden ] *****
 
[-] Bestand Verwijderd : C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Bestand Verwijderd : C:\Users\Nora\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
 
***** [ DLLs ] *****
 
 
***** [ Snelkoppelingen ] *****
 
 
***** [ geplande taken ] *****
 
 
***** [ Register ] *****
 
[-] Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
 
***** [ Internetbrowsers ] *****
 
 
*************************
 
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
 
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1176 bytes] ##########


#12 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 04:50 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64 
Ran by Momo (Administrator) on di 05/01/2016 at 22:42:47,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 3 
 
Successfully deleted: C:\Users\Momo\AppData\Local\{543F4565-8F66-48F2-B0B6-C624EF8B5C7C} (Empty Folder)
Successfully deleted: C:\Users\Momo\AppData\Local\crashrpt (Folder) 
Successfully deleted: C:\Users\Public\Desktop\hotspot shield.lnk (Shortcut) 
 
 
 
Registry: 1 
 
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\0015211430579198mcinstcleanup (Registry Key) 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 05/01/2016 at 22:49:58,88
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#13 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 05 January 2016 - 04:53 PM

the webpage of microsoft safety scanner still cannot load.

 

How can I know if the virus that made skype send links to all skype contacts is not anymore on the laptop?

 

How can I even know that this laptop is the cause? as I use skype on this laptop, on another and on my iphone.



#14 Jo*

Jo*

  • Malware Response Team
  • 3,417 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:01:17 PM

Posted 06 January 2016 - 02:28 AM

Hello,
 

the webpage of microsoft safety scanner still cannot load.

Does it work if you shutdown your antivirus to avoid any potential conflicts?
 

How can I know if the virus that made skype send links to all skype contacts is not anymore on the laptop?

The scans we made until now, do not show any infection, but we do some more scans.
 

How can I even know that this laptop is the cause? as I use skype on this laptop, on another and on my iphone.

You cannot know that.
 

2015-12-17 10:45 - 2015-11-11 13:25 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-17 10:45 - 2015-11-11 13:25 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk

The same day when spam was sent from your account, these TeamViewer links where created.

Did you install TeamViewer and do you need it really?

---

:step1: Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 5 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7/8/10 users need to right click and choose Run as Administrator
You only need to get one of them to run, not all of them.Do not reboot your computer after running rkill as the malware programs will start again.


---


:step2: Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
How to get logs: (Export log to save as txt)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#15 haramo

haramo
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:17 PM

Posted 07 January 2016 - 04:26 PM

Antivirus was all the time disabled, untill I had the problem not to be able to open the page of microsoft.

 

I think disable it now, will have the same effect? will give it a try anyway.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users