Help Zoeken Gebruikerslijst Registreer Profiel Log in om je privé berichten te bekijken Inloggen

Nieuw antwoord
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Zo 05 Nov 2017, 14:18  Onderwerp: malwarebytes-opgelost
Log bestand FRST :
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 02-11-2017
Gestart door rtull (Beheerder) op PC-RAMON (04-11-2017 12:27:03)
Gestart vanaf C:\Users\rtull\Desktop
Geladen Profielen: rtull (Beschikbare Profielen: rtull)
Platform: Windows 10 Home Versie 1709 16299.19 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Edge)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121026.inf_amd64_d9c66a7a4ae5623d\igfxCUIService.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121026.inf_amd64_d9c66a7a4ae5623d\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121026.inf_amd64_d9c66a7a4ae5623d\IntelCpHDCPSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
() C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Reason Software Company Inc.) C:\Program Files (x86)\Unchecky\bin\unchecky_bg.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki121026.inf_amd64_d9c66a7a4ae5623d\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe
(PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe
(Roxio) C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Lenovo) C:\Users\rtull\AppData\Local\Apps\2.0\J6EZ52VZ.D09\R59XE0TZ.80Y\lsb...tion_2d7b41b05b24775e_0001.0006_4ccd0b1bea5227ca\LSB.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18378208 2017-06-02] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1489376 2017-06-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Silver Silk Wireless Keyboard] => C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skd8861.exe [1742336 2013-08-14] (Lenovo)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [137976 2017-08-10] (Intel)
HKLM-x32\...\Run: [RoxioDragToDisc] => C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe [1116920 2006-10-30] (Roxio)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\Run: [HP ENVY 4500 series (NET)] => C:\Program Files\HP\HP ENVY 4500 series\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\Run: [Logitech Vid] => C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\Run: [EssentialPIM] => C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe [18954456 2017-06-05] (Astonsoft)
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2289664 2008-01-24] (Hewlett-Packard Company)
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\CUBEPH~1.SCR [1022016 2012-05-23] (Gianpaolo Bottin)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Twonky Server.lnk [2017-03-03]
ShortcutTarget: Twonky Server.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Hosts: Er zijn meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 62.179.104.196 213.46.228.196
Tcpip\..\Interfaces\{360afcb4-8243-4978-9902-4260c5a56a32}: [DhcpNameServer] 62.179.104.196 213.46.228.196

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com/?q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.startpagina.nl/
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL =
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Geen bestand
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Geen bestand

FireFox:
========
FF DefaultProfile: u63cqylq.default
FF ProfilePath: C:\Users\rtull\AppData\Roaming\Mozilla\Firefox\Profiles\u63cqylq.default [2017-11-01]
FF NewTab: Mozilla\Firefox\Profiles\u63cqylq.default -> about:newtab
FF Keyword.URL: Mozilla\Firefox\Profiles\u63cqylq.default -> user_pref("keyword.URL", true);
FF Extension: (Site Deployment Checker) - C:\Program Files (x86)\Mozilla Firefox\browser\features\deployment-checker@mozilla.org.xpi [2017-04-24] [ niet getekend]
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [Geen bestand]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome:
=======
CHR Profile: C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default [2017-11-01]
CHR Extension: (Documenten) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-17]
CHR Extension: (Google Drive) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-26]
CHR Extension: (YouTube) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-26]
CHR Extension: (Offline Documenten) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-26]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-10-02]
CHR Extension: (Gmail) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02]

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [22264 2017-08-10] (Intel)
S3 IDriverT; C:\Program Files (x86)\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Bestand niet getekend]
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [57160 2017-06-05] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [987432 2016-07-26] (Intel(R) Corporation)
R3 Intel(R) Online Connect; C:\Program Files\Intel\Intel(R) Online Connect\ioc.exe [25824 2016-10-04] (Intel Corporation)
S2 Intel(R) Online Connect Helper; C:\Program Files\Intel\Intel(R) Online Connect\iocHelperService.exe [22752 2016-10-04] (Intel Corporation)
S3 Intel(R) Online Connect Software Asset Manager; C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [18152 2016-09-29] (Intel Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Bestand niet getekend]
R2 Intel(R) TechnologyAccessLegacyCSLoader; C:\Program Files\Intel\Intel(R) Online Connect Access\LegacyCsLoaderService.exe [173288 2016-10-05] (Intel(R) Corporation)
R2 Intel(R) TechnologyAccessService; C:\Program Files\Intel\Intel(R) Online Connect Access\IntelTechnologyAccessService.exe [496872 2016-10-05] (Intel(R) Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Bestand niet getekend]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [177440 2016-10-20] (Intel Corporation)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2008-01-24] (Hewlett-Packard Company) [Bestand niet getekend]
R3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-21] (Lenovo)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2017-04-10] ()
S4 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 ShareItSvc; C:\Program Files (x86)\SHAREit\SHAREit\Shareit.Service.exe [31176 2016-01-15] (SHAREit Technologies Co.Ltd)
R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [605048 2014-04-01] (PacketVideo) [Bestand niet getekend]
R2 Unchecky; C:\Program Files (x86)\Unchecky\bin\unchecky_svc.exe [294168 2017-10-05] (Reason Software Company Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3750304 2017-04-10] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 DLABMFSE; C:\WINDOWS\System32\DLA\DLABMFSE.SYS [43888 2008-02-22] (Roxio)
R2 DLABOIOE; C:\WINDOWS\System32\DLA\DLABOIOE.SYS [41712 2008-02-22] (Roxio)
R1 DLACDBHE; C:\WINDOWS\System32\Drivers\DLACDBHE.SYS [15864 2007-02-08] (Roxio)
R2 DLADResE; C:\WINDOWS\System32\DLA\DLADResE.SYS [10096 2008-02-22] (Roxio)
R2 DLAIFS_E; C:\WINDOWS\System32\DLA\DLAIFS_E.SYS [141296 2008-02-22] (Roxio)
R2 DLAOPIOE; C:\WINDOWS\System32\DLA\DLAOPIOE.SYS [33904 2008-02-22] (Roxio)
R2 DLAPoolE; C:\WINDOWS\System32\DLA\DLAPoolE.SYS [17776 2008-02-22] (Roxio)
R1 DLARTL_E; C:\WINDOWS\System32\Drivers\DLARTL_E.SYS [39160 2007-02-08] (Roxio)
R2 DLAUDFAE; C:\WINDOWS\System32\DLA\DLAUDFAE.SYS [136816 2008-02-22] (Roxio)
R2 DLAUDF_E; C:\WINDOWS\System32\DLA\DLAUDF_E.SYS [142832 2008-02-22] (Roxio)
R0 DRVECDB; C:\WINDOWS\System32\Drivers\DRVECDB.SYS [122776 2006-07-21] (Sonic Solutions)
R2 DRVEDDM; C:\WINDOWS\System32\Drivers\DRVEDDM.SYS [63608 2007-02-09] (Roxio)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-10-11] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [244720 2017-06-22] (Intel Corporation)
R3 LVPr2M64; C:\WINDOWS\system32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\WINDOWS\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [192952 2017-10-11] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-03] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [45504 2017-11-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [252232 2017-11-03] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-04] (Malwarebytes)
R1 ndisrd; C:\WINDOWS\system32\DRIVERS\ndisrfl.sys [59792 2016-09-13] (Intel Corporation)
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7689728 2017-09-29] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-23] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [404184 2015-08-18] (Realsil Semiconductor Corporation)
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-11-04 12:27 - 2017-11-04 12:27 - 000020344 _____ C:\Users\rtull\Desktop\FRST.txt
2017-11-04 12:26 - 2017-11-04 12:27 - 000000000 ___DC C:\FRST
2017-11-04 12:23 - 2017-11-04 12:23 - 002403328 _____ (Farbar) C:\Users\rtull\Desktop\FRST64.exe
2017-11-03 14:14 - 2017-11-03 14:14 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-11-03 14:13 - 2017-11-03 14:13 - 000000000 ___HD C:\Users\rtull\MicrosoftEdgeBackups
2017-11-03 14:12 - 2017-11-03 14:12 - 000000000 ____D C:\Users\rtull\AppData\Local\PackageStaging
2017-11-03 14:11 - 2017-11-03 14:11 - 000000020 ___SH C:\Users\rtull\ntuser.ini
2017-11-03 14:09 - 2017-11-03 14:09 - 001862350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-03 14:09 - 2017-11-03 14:09 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2017-11-03 14:09 - 2017-11-03 14:09 - 000007623 _____ C:\WINDOWS\diagerr.xml
2017-11-03 14:08 - 2017-11-03 14:16 - 000003364 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2897933121-1580215152-3316838448-1001
2017-11-03 14:08 - 2017-11-03 14:08 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-03 14:08 - 2017-11-03 14:08 - 000003328 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AFAA4A5C-C31B-451C-B09E-6BCC6FA19ABB}
2017-11-03 14:08 - 2017-11-03 14:08 - 000003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-03 14:08 - 2017-11-03 14:08 - 000003118 _____ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2017-11-03 14:08 - 2017-11-03 14:08 - 000003074 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7
2017-11-03 14:08 - 2017-11-03 14:08 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-11-03 14:08 - 2017-11-03 14:08 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-03 14:08 - 2017-11-03 14:08 - 000002708 _____ C:\WINDOWS\System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon
2017-11-03 14:08 - 2017-11-03 14:08 - 000002696 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP ENVY 4500 series
2017-11-03 14:08 - 2017-11-03 14:08 - 000002250 _____ C:\WINDOWS\System32\Tasks\{A8783C5D-7F51-42A3-BE51-76EA0EF204B7}
2017-11-03 14:08 - 2017-11-03 14:08 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-11-03 14:08 - 2017-11-03 14:08 - 000002212 _____ C:\WINDOWS\System32\Tasks\PDVDServ12 Task
2017-11-03 14:08 - 2017-11-03 14:08 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-03 14:08 - 2017-11-03 14:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-11-03 14:08 - 2017-11-03 14:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-11-03 14:08 - 2017-11-03 14:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-11-03 14:08 - 2017-11-03 14:08 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel
2017-11-03 14:01 - 2017-11-03 14:01 - 000000000 ____D C:\ProgramData\USOShared
2017-11-03 13:57 - 2017-11-03 13:57 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-11-03 13:55 - 2017-11-04 12:14 - 000000000 ____D C:\Users\rtull\AppData\Local\Packages
2017-11-03 13:54 - 2017-11-03 14:13 - 000000000 ____D C:\Users\rtull
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Sjablonen
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Netwerkprinteromgeving
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Mijn documenten
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Menu Start
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Documents\Mijn video's
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Documents\Mijn muziek
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\Documents\Mijn afbeeldingen
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2017-11-03 13:54 - 2017-11-03 13:54 - 000000000 _SHDL C:\Users\rtull\AppData\Local\Geschiedenis
2017-11-03 13:53 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-11-03 13:53 - 2017-03-07 12:05 - 000113664 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-11-03 13:53 - 2017-03-07 12:05 - 000104448 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-11-03 13:50 - 2017-11-03 14:03 - 000489152 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-03 13:50 - 2017-11-03 13:51 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-03 13:48 - 2017-11-03 14:11 - 000000000 ___DC C:\Windows.old
2017-11-03 13:45 - 2017-11-03 13:48 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-11-03 13:44 - 2017-11-03 13:46 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-11-03 13:44 - 2017-11-03 13:44 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-11-03 13:42 - 2017-11-03 13:42 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 023664128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 021752832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 019343360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 018913792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 017080832 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 008592280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-03 13:42 - 2017-11-03 13:42 - 008097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 006032896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 004744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 003681280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 003672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 003312432 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 002474080 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 002106880 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001633744 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001528912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-03 13:42 - 2017-11-03 13:42 - 001165824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-03 13:42 - 2017-11-03 13:42 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-11-03 13:42 - 2017-11-03 13:42 - 000769024 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-11-03 13:42 - 2017-11-03 13:42 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000559000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000045976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-11-03 13:42 - 2017-11-03 13:42 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-11-03 13:42 - 2017-11-03 13:42 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-11-03 13:33 - 2017-11-03 13:33 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-11-03 13:33 - 2017-11-03 13:33 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-11-03 13:33 - 2017-11-03 13:33 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-11-03 13:33 - 2017-11-03 13:33 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-11-03 13:33 - 2017-11-03 13:33 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-11-03 13:33 - 2017-11-03 13:33 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-11-03 13:33 - 2017-11-03 13:33 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-11-03 13:33 - 2017-11-03 13:33 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-11-03 13:33 - 2017-11-03 13:33 - 000000000 ____D C:\Program Files\MSBuild
2017-11-03 13:33 - 2017-11-03 13:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-11-03 13:33 - 2017-11-03 13:33 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-11-03 12:01 - 2017-11-03 12:01 - 000002119 _____ C:\Users\rtull\Desktop\Malwarebytes Rapport.txt
2017-11-02 11:42 - 2017-11-03 14:11 - 000000000 ___DC C:\WINDOWS\Panther
2017-10-11 12:32 - 2017-11-04 12:06 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-10-11 12:32 - 2017-11-03 14:04 - 000252232 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-10-11 12:32 - 2017-11-03 14:04 - 000045504 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-10-11 12:32 - 2017-10-11 12:32 - 000192952 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-10-11 11:18 - 2017-10-11 11:18 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-10-10 11:03 - 2017-11-03 13:53 - 000307146 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-10-10 11:03 - 2017-11-03 13:53 - 000000000 ____D C:\WINDOWS\system32\DAX3
2017-10-10 11:03 - 2017-06-02 15:09 - 007172880 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 005785056 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-10-10 11:03 - 2017-06-02 15:09 - 003677120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-10-10 11:03 - 2017-06-02 15:09 - 003506600 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 003205088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 001347104 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 000343672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 000192944 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-10-10 11:03 - 2017-06-02 15:09 - 000023656 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 007096152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 001133040 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000447688 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000406416 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000378352 _____ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000151752 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000134168 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000122288 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-10-10 11:03 - 2017-06-02 15:08 - 000084584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 005346960 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 001965776 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 001554568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 001326392 _____ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 001170840 _____ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 000327424 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2017-10-10 11:03 - 2017-06-02 15:07 - 000272680 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2017-10-10 11:03 - 2017-06-02 01:17 - 013084460 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-10-10 09:59 - 2017-10-10 10:07 - 000070713 _____ C:\Users\rtull\Downloads\Factuur Ziggo.pdf
2017-10-06 11:53 - 2017-10-11 13:51 - 000967955 _____ C:\Users\rtull\Desktop\From RAMON.vep
2017-10-05 09:08 - 2017-10-05 09:08 - 000456675 _____ C:\Users\rtull\Downloads\Gebruikershandleiding ComfoAir E.pdf
2017-10-05 08:50 - 2016-04-28 07:21 - 002403072 _____ C:\Users\rtull\Downloads\LENOVO Handleiding.pdf

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2017-11-04 12:18 - 2017-02-07 12:30 - 000336572 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-11-04 12:16 - 2017-02-07 13:40 - 000000000 ____D C:\Users\rtull\AppData\LocalLow\Mozilla
2017-11-04 12:14 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-04 12:14 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-04 12:13 - 2017-03-03 13:52 - 000000000 ____D C:\ProgramData\TwonkyServer
2017-11-04 12:13 - 2017-02-06 16:40 - 000000000 __SHD C:\Users\rtull\IntelGraphicsProfiles
2017-11-04 12:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-03 14:25 - 2017-02-06 16:44 - 000000000 __RDL C:\Users\rtull\OneDrive
2017-11-03 14:16 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-03 14:16 - 2017-02-06 16:44 - 000002433 _____ C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 14:13 - 2017-02-07 18:11 - 000000000 ____D C:\Users\rtull\AppData\Local\ConnectedDevicesPlatform
2017-11-03 14:12 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-11-03 14:12 - 2017-03-08 13:03 - 000000000 ___RD C:\Users\rtull\3D Objects
2017-11-03 14:12 - 2017-02-06 16:40 - 000000000 ____D C:\Users\rtull\AppData\Local\TileDataLayer
2017-11-03 14:12 - 2016-11-21 12:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-03 14:11 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-11-03 14:10 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-11-03 14:09 - 2017-09-30 15:32 - 000823812 _____ C:\WINDOWS\system32\perfh013.dat
2017-11-03 14:09 - 2017-09-30 15:32 - 000161142 _____ C:\WINDOWS\system32\perfc013.dat
2017-11-03 14:08 - 2017-02-07 18:03 - 000023076 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-11-03 14:07 - 2017-04-26 14:11 - 000002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-03 14:04 - 2017-09-27 11:56 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-03 14:03 - 2017-09-29 09:45 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-11-03 14:03 - 2017-07-22 11:45 - 000000000 _____ C:\WINDOWS\system32\Drivers\lvuvc.hs
2017-11-03 14:02 - 2017-09-20 15:11 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica CD Label Maker
2017-11-03 14:02 - 2017-02-28 13:12 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6
2017-11-03 14:02 - 2017-02-20 15:04 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PicosmosTools
2017-11-03 14:02 - 2017-02-14 14:04 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-11-03 14:02 - 2017-02-07 13:52 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-11-03 14:01 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-11-03 13:57 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-11-03 13:54 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-11-03 13:53 - 2017-07-22 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-03 13:53 - 2017-07-22 11:45 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-03 13:53 - 2017-07-22 11:45 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-11-03 13:53 - 2017-07-22 11:45 - 000000000 ____D C:\Program Files\Common Files\logishrd
2017-11-03 13:53 - 2017-07-22 11:45 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-11-03 13:49 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-11-03 13:48 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-11-03 13:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-11-03 13:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-11-03 13:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2017-11-03 13:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-03 13:48 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-03 13:48 - 2017-09-27 11:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-03 13:48 - 2017-09-24 13:50 - 000000000 ____D C:\WINDOWS\SysWOW64\DLA
2017-11-03 13:48 - 2017-09-24 13:50 - 000000000 ____D C:\WINDOWS\system32\DLA
2017-11-03 13:48 - 2017-09-24 13:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
2017-11-03 13:48 - 2017-09-24 13:44 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightScribe Direct Disc Labeling
2017-11-03 13:48 - 2017-08-12 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility
2017-11-03 13:48 - 2017-07-22 11:45 - 000000000 ____D C:\Program Files\Intel
2017-11-03 13:48 - 2017-06-07 12:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-11-03 13:48 - 2017-06-06 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unchecky
2017-11-03 13:48 - 2017-05-09 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-03 13:48 - 2017-04-04 11:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-11-03 13:48 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-03 13:48 - 2017-03-11 16:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photobucket Backup
2017-11-03 13:48 - 2017-03-04 15:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EssentialPIM
2017-11-03 13:48 - 2017-03-03 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Twonky Server
2017-11-03 13:48 - 2017-03-02 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2017-11-03 13:48 - 2017-02-23 16:16 - 000000000 ____D C:\WINDOWS\nl
2017-11-03 13:48 - 2017-02-23 16:15 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-11-03 13:48 - 2017-02-20 14:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-11-03 13:48 - 2017-02-19 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-11-03 13:48 - 2017-02-14 14:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVS4YOU
2017-11-03 13:48 - 2017-02-07 15:38 - 000000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-11-03 13:48 - 2017-02-07 13:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CubePhotoShow
2017-11-03 13:48 - 2017-02-07 13:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-11-03 13:48 - 2017-02-07 12:46 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-11-03 13:48 - 2016-08-21 20:16 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-11-03 13:48 - 2016-08-18 20:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHAREit
2017-11-03 13:48 - 2016-08-18 20:10 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-11-03 13:47 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-11-03 13:47 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-03 13:46 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\OCR
2017-11-03 13:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-11-03 13:46 - 2017-07-22 11:45 - 000000000 ____D C:\Program Files\Realtek
2017-11-03 13:46 - 2017-03-17 12:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2017-11-03 13:46 - 2017-02-07 12:46 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-11-03 13:43 - 2017-09-30 15:33 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-11-03 13:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-03 13:43 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-03 13:40 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-11-03 13:40 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-11-03 13:40 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-11-03 13:40 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-11-03 13:40 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-03 13:39 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-11-03 13:39 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-11-03 13:39 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-11-03 13:39 - 2017-09-30 15:32 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-03 13:39 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-11-03 13:39 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\servicing
2017-11-03 13:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-11-03 13:33 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-11-03 13:17 - 2017-02-11 13:39 - 000000000 ____D C:\Users\rtull\Documents\photo album
2017-11-01 12:07 - 2017-02-18 12:08 - 000000000 ___RD C:\Users\rtull\Desktop\Onderhoud Map
2017-11-01 12:02 - 2017-06-07 12:06 - 000000000 ___DC C:\Program Files\CCleaner
2017-10-25 12:55 - 2017-02-07 13:23 - 000001682 _____ C:\Users\rtull\Desktop\Configure CubePhotoShow.lnk
2017-10-25 12:33 - 2017-06-02 10:12 - 000000000 ____D C:\ProgramData\firebird
2017-10-17 10:03 - 2017-06-16 12:28 - 000000000 ____D C:\Users\rtull\AppData\Roaming\ZHP
2017-10-15 15:56 - 2017-02-07 13:14 - 000000000 ____D C:\Users\rtull\AppData\Local\HP
2017-10-15 15:48 - 2017-05-17 11:07 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-10-15 15:48 - 2017-02-07 12:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-10-13 14:10 - 2017-02-20 14:57 - 000002337 _____ C:\Users\rtull\Desktop\Chromium.lnk
2017-10-11 12:35 - 2017-09-24 13:56 - 000000000 ____D C:\Users\rtull\AppData\Roaming\Roxio
2017-10-11 12:32 - 2017-02-19 14:24 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-10-11 12:31 - 2017-09-20 15:11 - 000001096 _____ C:\Users\rtull\Downloads\Acoustica CD Label Maker.lnk
2017-10-11 12:30 - 2017-09-24 14:10 - 000001707 _____ C:\Users\rtull\Downloads\stax - Snelkoppeling.lnk
2017-10-11 11:20 - 2017-02-07 12:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-10-11 11:18 - 2017-02-07 12:39 - 126925120 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-10-10 11:35 - 2017-02-14 14:57 - 000000000 ____D C:\Users\rtull\Desktop\AVS Map
2017-10-10 11:32 - 2017-02-14 14:03 - 000000000 ___DC C:\Program Files (x86)\AVS4YOU
2017-10-10 11:03 - 2016-08-21 20:14 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-10-10 10:19 - 2017-05-09 13:40 - 000000000 ____D C:\Users\rtull\AppData\Roaming\vlc

==================== Bestanden in de root van sommige mappen =======

2017-05-17 11:44 - 2017-05-17 11:44 - 000004608 _____ () C:\Users\rtull\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-06-18 14:56 - 2017-06-18 14:56 - 000000011 _____ () C:\ProgramData\.tv7
2017-02-07 13:14 - 2017-02-07 13:14 - 000000057 _____ () C:\ProgramData\Ament.ini
2017-07-22 11:45 - 2017-07-22 11:45 - 000000000 _____ () C:\ProgramData\DP45977C.lfl
2017-03-11 16:41 - 2017-03-11 16:41 - 000000104 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Bestanden om te verplaatsen of verwijderen:
====================
C:\Users\rtull\ZHPCleaner.exe


==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Zo 05 Nov 2017, 18:28 
Hallo,

Farbar Recovery Scan Tool (FRST) heeft twee logjes gemaakt met de naam (FRST.txt) & (Addition.txt).
Het logje met de naam FRST heb je netjes geplaatst.

Wil je nog het logje met de naam Addition in je volgende antwoord plaatsen.
Dat doe je door:
1. Open het tekst bestand met de naam Addition wat op je bureaublad staat.
2. Kopieer en plak de inhoud in je volgende antwoord hier.
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Ma 06 Nov 2017, 11:50  Onderwerp: malwarebytes
Logbestand Addition :

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 02-11-2017
Gestart door rtull (04-11-2017 12:27:44)
Gestart vanaf C:\Users\rtull\Desktop
Windows 10 Home Versie 1709 16299.19 (X64) (2017-11-03 13:11:36)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2897933121-1580215152-3316838448-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2897933121-1580215152-3316838448-503 - Limited - Disabled)
Gast (S-1-5-21-2897933121-1580215152-3316838448-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2897933121-1580215152-3316838448-1003 - Limited - Enabled)
rtull (S-1-5-21-2897933121-1580215152-3316838448-1001 - Administrator - Enabled) => C:\Users\rtull
WDAGUtilityAccount (S-1-5-21-2897933121-1580215152-3316838448-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

. . (HKLM\...\{12B07FF1-29CB-45AC-B493-1DB88BE717BD}) (Version: 7.1 - Intel) Hidden
. . (HKLM\...\{E99F3005-A18B-4BF7-B751-7E780C5E87F0}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{26ABF655-7062-4BBB-B954-F21DF44A1D76}) (Version: 2.9.0.2 - Intel) Hidden
1.0.0 (HKLM-x32\...\{257B5922-2435-4FDA-900A-AEA29ED0A8D5}_is1) (Version: 1.0.0 - Gianpaolo Bottin)
Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - )
Adblock Plus voor IE (32-bit en 64-bit) (HKLM\...\{2B2310B1-FBC0-4933-8C73-1CBAD0D7CA28}) (Version: 1.6 - Eyeo GmbH)
AVS Audio Converter 8.3.2 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.3.2.575 - Online Media Technologies Ltd.)
AVS Audio Editor 8.3.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 8.3.2.515 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2.8 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.8.542 - Online Media Technologies Ltd.)
AVS Document Converter 4.0.3 (HKLM-x32\...\AVS Document Converter_is1) (Version: 4.0.3.252 - Online Media Technologies Ltd.)
AVS Image Converter 4.1.2 (HKLM-x32\...\AVS Image Converter_is1) (Version: 4.1.2.287 - Online Media Technologies Ltd.)
AVS Media Player 4.4.1 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.4.1.119 - Online Media Technologies Ltd.)
AVS Photo Editor 2.3.6 (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.3.6.152 - Online Media Technologies Ltd.)
AVS Registry Cleaner 3.0.5 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 3.0.5.275 - Online Media Technologies Ltd.)
AVS Video Converter 9.5.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.5.1.600 - Online Media Technologies Ltd.)
AVS Video Editor 7.5.1 (HKLM-x32\...\AVS Video Editor_is1) (Version: 7.5.1.288 - Online Media Technologies Ltd.)
AVS Video ReMaker 5.1.1 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 5.1.1.187 - Online Media Technologies Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
Chromium (HKLM-x32\...\{602088E0-30A0-5960-8120-29E051A0FA60}) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Driver and Application Installation (HKLM-x32\...\{6EC299C6-074C-4529-8D5F-2798584BB27B}) (Version: 2.12.0219 - Lenovo)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 7.51 - Astonsoft Ltd)
FrostWire 6.5.1 (HKLM-x32\...\FrostWire 6) (Version: 6.5.1.238 - FrostWire LLC)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HP ENVY 4500 series Basissoftware van het apparaat (HKLM\...\{E7E2EB53-AA2D-4068-8242-28859DCB7C3A}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
HP ENVY 4500 series Help (HKLM-x32\...\{8E0DEA5E-822C-4993-8D47-9305D61E6188}) (Version: 30.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1036 - Intel Corporation)
Intel(R) Online Connect Software Asset Manager (HKLM-x32\...\{AE956AB9-CD98-4F1E-8B9E-C3C66E290D64}) (Version: 3.4.2072 - Intel Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4590 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.45358 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{00000071-0190-1043-84C8-B8D95FA3C8C3}) (Version: 19.71.0 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{e0c04d85-bdcb-4572-ac96-c3e248f87a87}) (Version: 2.9.0.2 - Intel)
Intel® PROSet/Wireless Software (HKLM-x32\...\{227fd89d-2205-499a-8b73-9ec775789c4d}) (Version: 19.70.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Lenovo Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.) Hidden
Lenovo Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.8231 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5320.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.022.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\dda9ca0b023f4c56) (Version: 1.6.5.3 - Lenovo)
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo) Hidden
Lenovo Silver Silk Wireless Keyboard (HKLM-x32\...\InstallShield_{B88AD4F5-58A6-425D-9282-92228FEB7067}) (Version: 1.05 - Lenovo)
Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo)
Lenovo System Interface Foundation Driver (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.078.00 - Lenovo)
LightScribe System Software 1.12.29.2 (HKLM-x32\...\{CF8C077A-B467-4C43-8DB5-3A9B94FF9681}) (Version: 1.12.29.2 - hxxp://www.lightscribe.com)
Logitech Vid (HKLM-x32\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Malwarebytes versie 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
Manual (HKLM-x32\...\{693F92E5-37D1-46B7-A0D6-19A74A2FD0EC}) (Version: 1.00.0701 - Lenovo)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\OneDriveSetup.exe) (Version: 17.3.7074.1023 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DC5E5027-65E8-41CB-815C-9AAB48BFB8E2}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 52.0.2 (x86 nl) (HKLM-x32\...\Mozilla Firefox 52.0.2 (x86 nl)) (Version: 52.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.4.0.6486 - Mozilla)
Mozilla Thunderbird 52.4.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 52.4.0 (x86 nl)) (Version: 52.4.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{9A20BB10-551A-4D13-AB25-3A67EE3F600C}) (Version: 4.13.9783 - Apache Software Foundation)
Photobucket Backup (HKLM-x32\...\{98813202-6C6E-4ABE-A128-6E8FB3368BE0}) (Version: 1.0.7.2104 - Photobucket)
PicosmosTools 1.8.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
Productverbeteringsonderzoek voor HP ENVY 4500 series (HKLM\...\{A0B1D150-9577-4F9C-9FC7-AD8557C6BDFC}) (Version: 32.3.198.49673 - Hewlett-Packard Co.)
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 10.1.505.2015 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Roxio Creator Audio (HKLM-x32\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator Basic v9 (HKLM-x32\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM-x32\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM-x32\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM-x32\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Drag-to-Disc (HKLM\...\{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}) (Version: 9.0 - Roxio)
Roxio Express Labeler 3 (HKLM-x32\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 3.2.1 - Roxio)
Roxio MyDVD Basic v9 (HKLM-x32\...\{938B1CD7-7C60-491E-AA90-1F1888168240}) (Version: 9.0.117 - Roxio)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 3.2.0.526 - Lenovo)
Skype™ 7.36 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.101 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Sonic Activation Module (HKLM-x32\...\{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}) (Version: 1.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Twonky Server (HKLM-x32\...\TwonkyServer) (Version: 7.2.7.0 - PacketVideo)
Unchecky v1.1 (HKLM-x32\...\Unchecky) (Version: 1.1 - Reason Software Company Inc.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
Windows 10-updateassistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22243 - Microsoft Corporation)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files (x86)\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki121026.inf_amd64_d9c66a7a4ae5623d\igfxDTCM.dll [2017-03-07] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0CE30B30-58CF-424F-90EF-7530F4DBF1AD} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\SHAREit\SHAREit\ShareitPrompt.exe
Task: {21C9D413-005A-4B7D-8035-FFE3093271FF} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-21] (Lenovo)
Task: {2BC9097F-4164-4177-8A0E-570BA5F69711} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\e34aa4a3-7507-46cc-b5ab-0679886c0560 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {2E96FDE9-E041-4444-AB6A-0BF21F8E38BD} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {357A50C5-7002-4E02-8A90-B9DB89F146A5} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7-Logon => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {3C3D52E4-0D0E-481A-B7BC-DDCDD4EDD2B9} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-21] (Lenovo)
Task: {515DBA5B-714F-4647-89E0-5DB08016F734} - System32\Tasks\{A8783C5D-7F51-42A3-BE51-76EA0EF204B7} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\Felitec\Mindful\unins000.exe"
Task: {56145F7C-141D-4884-895C-13354C428169} - System32\Tasks\IntelIOC-Upgrade-f1c8187b-2653-47cd-a9be-b554b98f68a7 => C:\Program Files (x86)\Intel\Intel(R) Online Connect Access\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2016-09-29] (Intel Corporation)
Task: {56531C03-896A-4C2E-AD52-D8E0B4625B6F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {584FC020-85C8-46D3-9A92-D0EB967693AF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {9875EF7E-9F94-4BD9-893C-1BB15C72AC99} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
Task: {987EA20C-4100-41CF-A97C-B56703B46B7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-04-26] (Google Inc.)
Task: {A8528AB6-F490-4AE9-90EF-C1F50225B837} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {AA27C8CB-2EB6-44DA-98C4-2F6993596530} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2016-07-26] (Intel(R) Corporation)
Task: {B1337527-0BBE-4D40-A9EA-A2B25B529432} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {B20F4184-741E-46AD-9636-5A6A037DEF39} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-2897933121-1580215152-3316838448-1001 => "C:\WINDOWS\system32\rundll32.exe" dfshim.dll,ShOpenVerbShortcut C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo\Lenovo Service Bridge.appref-ms
Task: {BC1C3755-CC14-457C-BB1D-B2129E63A8B9} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {BC60A77F-98FC-4E89-B36E-E3E3BBEEE0A3} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c5ebb955-852b-4f08-afa4-c26e182301cb => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {BD1F6FE9-906F-4B75-89AD-CE5F2ADDA5BD} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-21] ()
Task: {C9874C08-3709-4687-849F-8368943E42A5} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [2016-03-17] (Intel Corporation)
Task: {D2E64FCE-6DD7-4B5D-B709-BC26CE3CCF96} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\a5c92226-d3c7-4ea0-953e-059248959cc7 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {D50C83A0-AF37-477C-ABB5-7C0549A68B4E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {DFC99518-3CA2-4F1F-BEEA-8C3A5EF3445D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5987213e-b061-433f-8c45-58cccc8b9c42 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2017-06-05] (Lenovo Group Limited)
Task: {E43E86E2-1624-431A-AF05-1ACEA643DB8B} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-21] (Lenovo)
Task: {EEDCA221-2F65-4851-9EA5-A9C2089F2672} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-20] (CyberLink Corp.)
Task: {EF11EFBC-BFC4-4E1C-8063-9365D2C00664} - System32\Tasks\HPCustParticipation HP ENVY 4500 series => C:\Program Files\HP\HP ENVY 4500 series\Bin\HPCustPartic.exe [2014-07-21] (Hewlett-Packard Development Company, LP)
Task: {F0857E7B-B694-4B7C-B0BD-D9F6105BFA92} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\SHAREit\SHAREit\ShareitUpdater.exe
Task: {F6F3FE68-8F1A-4985-84B4-779CC4F09828} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {FD38890B-7138-4A2C-9B69-85723C0A3312} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-21] (Lenovo)

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


Shortcut: C:\Users\rtull\Favorites\NCH Audio and Telephony Software.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\rtull\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\rtull\Favorites\NCH Software Download.lnk -> hxxp://www.nchsoftware.com/index.htm
Shortcut: C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.4.5-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()
Shortcut: C:\Users\rtull\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FrostWire 6\FrostWire 6.5.1-SafeMode.lnk -> C:\Program Files (x86)\FrostWire 6\frostwire.bat ()

==================== Geladen Modules (gefilterd) ==============

2016-10-05 12:15 - 2016-10-05 12:15 - 000107752 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\libglog.dll
2016-10-05 12:15 - 2016-10-05 12:15 - 000412904 _____ () C:\Program Files\Intel\Intel(R) Online Connect Access\JsonCpp.dll
2017-09-27 11:55 - 2017-10-11 12:32 - 002289096 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-02-19 14:24 - 2017-10-11 12:32 - 002358728 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2014-04-01 13:38 - 2014-04-01 13:38 - 002366328 ____C () C:\Program Files (x86)\Twonky\TwonkyServer\TwonkyServer.exe
2016-10-04 17:09 - 2016-10-04 17:09 - 000253664 _____ () C:\Program Files\Intel\Intel(R) Online Connect\CSLibWrapper.dll
2016-04-21 00:49 - 2016-04-21 00:49 - 000105808 ____C () C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Core.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-24 13:50 - 2008-02-22 09:22 - 000049648 _____ () C:\WINDOWS\SYSTEM32\DLAAPI_W.DLL
2017-09-29 14:42 - 2017-09-30 15:34 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:34 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-20 01:28 - 2016-10-20 01:28 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2007-07-12 11:55 - 2007-07-12 11:55 - 001581056 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2007-08-14 11:59 - 2007-08-14 11:59 - 006365184 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2007-07-12 11:55 - 2007-07-12 11:55 - 000131072 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2009-12-05 00:59 - 2009-12-05 00:59 - 000619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-05 01:04 - 2009-12-05 01:04 - 000013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2011-11-03 19:48 - 2011-11-03 19:48 - 000056320 _____ () C:\Program Files (x86)\Lenovo\Lenovo Silver Silk Wireless Keyboard\skfunc.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)

AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts inhoud: ==========================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2015-10-30 08:24 - 2017-11-03 14:04 - 000002032 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost
0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 rp.yefeneri2.com
0.0.0.0 os.yefeneri2.com
0.0.0.0 os2.yefeneri2.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\rtull\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\lenovowallpaper.jpg
DNS Servers: 62.179.104.196 - 213.46.228.196
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

MSCONFIG\Services: defragsvc => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: TrustedInstaller => 3
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Malwarebytes TrayApp"
HKLM\...\StartupApproved\Run32: => "LogitechQuickCamRibbon"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Chromium"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "HP ENVY 4500 series (NET)"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "Logitech Vid"
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\...\StartupApproved\Run: => "EssentialPIM"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [{6E0C2E9F-99CA-46C0-AED4-62F4C7201A03}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{35396F3E-6D9E-4671-BD94-179DC446431D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{FB0AD40F-6A10-4674-8EFD-270564FC1FBD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{20EC96A2-E3A2-4F96-9776-3710E67C9276}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{CC654A1B-E454-4919-8F9B-EC384379D7C2}] => (Allow) LPort=5357
FirewallRules: [{B0016E3F-8180-4519-AE16-B99AC4DC56D9}] => (Allow) C:\Program Files\HP\HP ENVY 4500 series\Bin\DeviceSetup.exe
FirewallRules: [{5629D214-6E3F-41B5-A830-DEAA3C9F81A7}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{E2622FBA-84B8-4968-B8A3-E0A7CCA7096D}] => (Allow) C:\Program Files (x86)\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{91E06080-BF83-40C0-B58C-DB3066968E74}] => (Allow) C:\Users\rtull\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{D149358E-0B79-4564-8525-B793DB62401D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{DE6C9A8D-B952-437B-9278-BB1D36832CAF}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{3F51499A-7071-4B6D-9A76-44AB9B4DD464}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{85E88C33-4CA6-473B-B1E4-1278CFF8C5A4}] => (Allow) LPort=2869
FirewallRules: [{E0C1235F-FBF3-4CFF-B51A-9AB5C9279C4B}] => (Allow) LPort=1900
FirewallRules: [{15D619C9-F084-4E11-B830-C18AD4155992}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{63A966E6-AC83-46D1-BE2C-A269464133EB}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{F99A7D6B-332A-4A1F-9875-42706208867A}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{63F9D269-F05E-4E94-A578-4282DBC235EC}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{C84B5FA1-6304-4C57-8E7B-E14805FA2AF7}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{9C0BDDEB-DBDF-4004-B962-902EA5886E60}] => (Allow) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{C3F4C195-ED77-41F2-ACD1-1A83CF3C56E0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F0E594BF-6F37-44EB-B22D-1F9EFC7ED7D0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{6C5ECAA1-5FFE-473D-9A4B-0EF57B78D764}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{F29166B9-D87F-4660-9F5F-E95D7878E7CD}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{754D4061-3DE1-4223-ABB7-54E45E5E6AAF}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Herstelpunten =========================

AANDACHT: Systeemherstel is uitgeschakeld

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (11/03/2017 02:25:25 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (11/03/2017 02:25:25 PM) (Source: IntelDalJhi) (EventID: 4) (User: )
Description: Intel(R) Dynamic Application Loader Host Interface Service initialization failure - the spooler applet is invalid.

Error: (11/03/2017 02:13:28 PM) (Source: LSCWinService) (EventID: 0) (User: )
Description: Service kan niet worden gestart. De ingang is ongeldig

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider wsp_sr heeft geprobeerd query select * from WSP_ReplicationGroupModificationEvent te registreren, waarvan doelklasse WSP_ReplicationGroupModificationEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider wsp_sr heeft geprobeerd query select * from WSP_ReplicationGroupDepartureEvent te registreren, waarvan doelklasse WSP_ReplicationGroupDepartureEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider wsp_sr heeft geprobeerd query select * from WSP_ReplicationGroupArrivalEvent te registreren, waarvan doelklasse WSP_ReplicationGroupArrivalEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider heeft geprobeerd query select * from WSP_ReplicationGroupModificationEvent te registreren, waarvan doelklasse WSP_ReplicationGroupModificationEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider heeft geprobeerd query select * from WSP_ReplicationGroupDepartureEvent te registreren, waarvan doelklasse WSP_ReplicationGroupDepartureEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:46 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider heeft geprobeerd query select * from WSP_ReplicationGroupArrivalEvent te registreren, waarvan doelklasse WSP_ReplicationGroupArrivalEvent in naamruimte //./root/Microsoft/Windows/Storage/Providers_v2 niet bestaat. De query wordt genegeerd.

Error: (11/03/2017 02:08:43 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT AUTHORITY)
Description: Gebeurtenisprovider IntelWLANEventProvider heeft geprobeerd query select * from CIntelQosEvent te registreren, waarvan doelklasse CIntelQosEvent in naamruimte //./root/DEFAULT niet bestaat. De query wordt genegeerd.


Systeemfouten:
=============
Error: (11/04/2017 12:13:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (11/04/2017 12:13:25 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (11/03/2017 02:25:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-RAMON)
Description: De server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXyvyv4mghdjas8j88defq0w1hc410kvzt.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (11/03/2017 02:25:14 PM) (Source: DCOM) (EventID: 10010) (User: PC-RAMON)
Description: De server Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (11/03/2017 02:11:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (11/03/2017 02:11:49 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
en APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (11/03/2017 02:10:17 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als
lid van een domein. De NetLogon-service hoeft niet te worden gestart in
deze configuratie.

Error: (11/03/2017 02:08:41 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: Kan de listener met adres * en transport HTTP niet migreren. Er bestaat al een listener met dezelfde configuratie voor adres en transport.

Error: (11/03/2017 02:04:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Intel(R) PROSet/Wireless Zero Configuration Service-service is gestopt met de volgende foutcode:
%%2147770990.

Error: (11/03/2017 02:03:12 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {A47979D2-C419-11D9-A5B4-001185AD2B89} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.


CodeIntegrity:
===================================
Date: 2017-11-04 12:22:53.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:20:18.430
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:19:14.724
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:19:14.095
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:18:50.296
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:18:49.644
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:18:39.178
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-04 12:18:38.986
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-03 14:20:08.774
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2017-11-03 14:20:08.136
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i3-6100 CPU @ 3.70GHz
Percentage geheugen in gebruik: 38%
Totaal fysiek RAM-geheugen: 8106.61 MB
Beschikbaar fysiek RAM-geheugen: 4983.69 MB
Totaal Virtueel geheugen: 10026.61 MB
Beschikbaar Virtual geheugen: 6814.9 MB

==================== Schijven ================================

Drive c: (Windows) (Fixed) (Total:899.67 GB) (Free:759.9 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 310D8D7D)

Partition: GPT.

==================== Eind van Addition.txt ============================
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Ma 06 Nov 2017, 15:06 
Hallo,

AANDACHT: Systeemherstel is uitgeschakeld die staat standaard uit in Windows 10 zet die aan Handleiding.


Lees eerst de handleiding en voer daarna de fix uit Handleiding Fix

Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Klik Windows knop plus R tegelijk in.  

 
"Uitvoeren" opent vul daar Notepad in en klik daarna op "OK", Kladblok opent.
Kopieer onderstaande dik gedrukte code en plak dat in "Kladblok"


start
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL =
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Geen bestand
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Geen bestand
CHR Extension: (Chrome Media Router) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand
AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
EmptyTemp:
end

Ga naar Bestand - Opslaan als.
Kies als locatie bureaublad.
Bij "Bestandsnaam" zet je:fixlist.txt
Bij "Opslaan als type" selecteer je: Alle bestanden.

Als het goed is staat er nu een text bestand op je bureaublad?

Start de Farbar Recovery Scan Tool.
Als het programma is geopend klik Yes (Ja) bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
Kopieer en plak de inhoud van de logbestanden in je het volgende bericht.(als de inhoud te groot is voor één bericht plaats het in meerdere berichten)
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Ma 06 Nov 2017, 16:57  Onderwerp: malwarebytes
Logbestand

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 02-11-2017
Gestart door rtull (06-11-2017 16:47:19) Run:1
Gestart vanaf C:\Users\rtull\Desktop
Geladen Profielen: rtull (Beschikbare Profielen: rtull)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
tart
CreateRestorePoint:
SearchScopes: HKLM -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL =
SearchScopes: HKLM-x32 -> DefaultScope waarde ontbreekt
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> DefaultScope {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE04
SearchScopes: HKU\S-1-5-21-2897933121-1580215152-3316838448-1001 -> {95A95B3E-B21D-4EAF-8287-4BA3B9173C16} URL = hxxp://www.palikan.com/results.php?f=4&a=plk_coinisre_17_12_ssg01&cd=2XzuyEtN2Y1L1QzuyCzztDyBtCyDzz0AtA0Azy0EzyyBzyyBtN0D0Tzu0StCzytDyCtN1L2XzutAtFtByBtFyEtFyDtDtN1L1Czu1ByCtN1L1G1B1V1N2Y1L1Qzu2SyDtB0B0EzyyC0AtDtGyEyD0EtBtGtCzzzzzztGyEtByD0AtGtC0B0CtDtBzztC0AtD0E0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyE0FtDtB0DtDtB0FtGyEtDyCtAtGyEyEyC0BtG0BzztBzztGzzzy0AyDyBtA0B0F0BzyyC0F2QtN0A0LzuyE&cr=2077811798&ir=&q={searchTerms}
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Geen bestand
Handler: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - Geen bestand
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - Geen bestand
CHR Extension: (Chrome Media Router) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02]
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand
AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:3or4kl4x13tuuug3Byamue2s4b [95]
AlternateDataStreams: C:\Users\rtull\Documents\Video Play List.jpg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d} [0]
EmptyTemp:
end
*****************

tart => Fout: Geen automatische fix gevonden voor dit item.
Herstelpunt is succesvol gemaakt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde met succes hersteld
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => waarde is succesvol verwijderd
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => sleutel niet gevonden.
HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16} => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16} => sleutel niet gevonden.
HKLM\Software\Classes\PROTOCOLS\Handler\livecall => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => sleutel niet gevonden.
HKLM\Software\Classes\PROTOCOLS\Handler\msnim => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{828030A1-22C1-4009-854F-8E305202313F} => sleutel niet gevonden.
HKLM\Software\Classes\PROTOCOLS\Handler\wlmailhtml => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{03C514A3-1EFB-4856-9F99-10D7BE1653C0} => sleutel niet gevonden.
HKLM\Software\Classes\PROTOCOLS\Handler\wlpg => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} => sleutel niet gevonden.
CHR Extension: (Chrome Media Router) - C:\Users\rtull\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-10-02] => Fout: Geen automatische fix gevonden voor dit item.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => sleutel niet gevonden.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => sleutel niet gevonden.
C:\Users\rtull\Documents\Video Play List.jpg => ":3or4kl4x13tuuug3Byamue2s4b" ADS is succesvol verwijderd.
C:\Users\rtull\Documents\Video Play List.jpg => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS is succesvol verwijderd.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19168446 B
Java, Flash, Steam htmlcache => 2156 B
Windows/system/drivers => 4527920 B
Edge => 5728980 B
Chrome => 392917 B
Firefox => 229376 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2396 B
NetworkService => 7302 B
rtull => 6283092 B

RecycleBin => 84349822 B
EmptyTemp: => 120.9 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 16:47:50 ====
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Ma 06 Nov 2017, 18:37 
Hallo,

Download en voer AdwCleaner eens uit: https://www.seniorennet.be/forum/viewtopic.php?t=194247
Plaats de inhoud van het logje in je volgende antwoord.
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 12:35  Onderwerp: malwarebytes
Logbestand ADW Cleaner:

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 07 11:29:02 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Reason\ReasonByteFence


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1013 B] - [2017/11/7 11:27:14]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 13:19 
Hallo,

Doe nu weer eens een scan met MalwareBytes om te kijken of alles weg is. (wat steeds weer werd gevonden)
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 14:12  Onderwerp: malwarebytes
Het is gelukt. Hartelijk dank.
De PUP ect. zijn na het scannen verdwenen.

Nogmaals TxxxS
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 15:05 
Hallo,


Dat is mooi, dan mag je de laatste stap doen en daarna zijn we klaar:

Met het onderstaande tooltje ruim je alle gebruikte tools op:

Download  

  Delfix - Alternatieve downloadlink by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.
Zet een vinkje voor het volgende item:

  • Remove disinfection tools


 

 
Klik nu op "Run" en wacht geduldig tot de tool gereed is.
Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft je echter niet te plaatsen.
Start je pc hierna opnieuw op, mochten er nog programma's of log bestanden aanwezig zijn mag je die handmatig verwijderen.
Maak ook een nieuw herstelpunt [url= https://www.windows-helpdesk.nl/herstelpunt-maken-in-windows-7-of-10/]Uitleg[/url].
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 16:46  Onderwerp: malwarebytes
Gelukt
Groetjes amonra
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Di 07 Nov 2017, 17:31  Onderwerp: Re: malwarebytes
RamonR schreef:
Gelukt
Groetjes amonra


Dat is mooi, bedankt en graag gedaan Smile
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Wo 08 Nov 2017, 11:55  Onderwerp: malwarebytes
Te vroeg gejuigd na nog een keer scannen waren de Pup / PoP terug .

Malwarebytes
www.malwarebytes.com

-Logboekdetails-
Scandatum: 08-11-17
Scantijd: 11:38
Logbestand: f85aa9bc-c470-11e7-a4df-00016cdac3b8.json
Beheerder: Ja

-Software-informatie-
Versie: 3.2.2.2029
Versie componenten: 1.0.212
Update pakketversie: 1.0.3204
Licentie: Premium

-Systeeminformatie-
Besturingssysteem: Windows 10 (Build 16299.19)
Processor: x64
Bestandssysteem: NTFS
Gebruiker: PC-RAMON\rtull

-Scansamenvatting-
Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 390549
Dreigingen herkend: 4
Dreigingen in quarantaine: 0
(Geen kwaadaardige items gedetecteerd)
Verstreken tijd: 2 min, 45 sec

-Scanopties-
Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Uitgeschakeld
Heuristiek: Ingeschakeld
POP: Detectie
POA: Detectie

-Scandetails-
Proces: 0
(Geen kwaadaardige items gedetecteerd)

Module: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutel: 1
PUP.Optional.Palikan, HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16}, Geen actie door gebruiker, [1715], [241488],1.0.3204

Registerwaarde: 3
PUP.Optional.Palikan, HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16}|DISPLAYNAME, Geen actie door gebruiker, [1715], [241488],1.0.3204
PUP.Optional.Palikan, HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16}|FAVICONPATH, Geen actie door gebruiker, [1715], [241488],1.0.3204
PUP.Optional.Palikan, HKU\S-1-5-21-2897933121-1580215152-3316838448-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{95A95B3E-B21D-4EAF-8287-4BA3B9173C16}|URL, Geen actie door gebruiker, [1715], [241488],1.0.3204

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Gegevensstroom: 0
(Geen kwaadaardige items gedetecteerd)

Map: 0
(Geen kwaadaardige items gedetecteerd)

Bestand: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke sector: 0
(Geen kwaadaardige items gedetecteerd)


(end)
Ramon
abbs


Geregistreerd op: 16-12-2016
Woonplaats: Leidschendam

Profiel
Prive Bericht
Geplaatst: Wo 08 Nov 2017, 16:35 
Hallo,

Neem voor de volgende scanner de tijd kan uren duren:


Download de  

  ESET Online Scanner naar je bureaublad.

Eset Online Scanner uitvoeren.

  • Dubbelklik op "esetonlinescanner_enu.exe", "Terms of use" opent vink daar "Download latest version of ESET Online Scanner" aan.
  • Klik vervolgens op de knop "Accept", wanneer u een melding krijgt van het Gebruikersaccountbeheer staat u dit toe.
  • "Computer scan settings" opent, vink daar "Enable detection of potentially unwanted applications" aan.
  • Klik op "Advanced settings", zorg dat daar de volgende items zijn aangevinkt.

    - Enable detection of potentially unsafe applications
    - Enable detection of suspicious applications
    - Scan archives
    - Enable Anti-Stealth technology
    - Clean threats automatically


  • Let op: Schakel nu eerst je eigen virusscanner uit, het scannen met Eset gaat dan sneller. ( zet deze na de scan weer aan)
  • Klik op "Scan", deze scan kan geruime tijd in beslag nemen en gebruik bij voorkeur de computer niet voor andere bezigheden tijdens de scan.

Na het scannen:

  • Als er niks word gevonden klik op "Finish", het scherm "Thank you for trying Eset Online Scanner" mag je ook sluiten.
  • Zijn er bedreigingen gevonden klik dan op "Show list of results", klik op "Save to text file.." geef als Bestandsnaam "Eset.txt" en plaats het op je bureaublad.
  • Klik vervolgens rechts boven op "X" (de bedreigingen zijn dan verwijderd), het scherm "Thank you for trying Eset Online Scanner" mag je ook sluiten.
  • Plaats de inhoud van het logje in het volgende bericht.
Groeten abbs
Member of UNITE (Unified Network of Instructors and Trained Eliminators)
RamonR


Geregistreerd op: 8-11-2011
Woonplaats: eindhoven

Profiel
Prive Bericht
Geplaatst: Do 09 Nov 2017, 14:16  Onderwerp: malwarebytes
Eset txt bestand :

C:\Program Files (x86)\FrostWire 6\frostwire-installer.exe Win32/FusionCore.P potentially unwanted application cleaned by deleting
C:\Users\rtull\Downloads\ccsetup531.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application cleaned by deleting
Ramon

 
Ga naar: 
Je mag geen nieuwe onderwerpen plaatsen
Je mag geen reacties plaatsen
Je mag je berichten niet bewerken
Je mag je berichten niet verwijderen
Ja mag niet stemmen in polls
Tijden zijn in CET (Europa)
BELANGRIJK:
SeniorenNet heeft GEEN banden met de auteurs van berichten op dit Forum.
SeniorenNet is commercieel, religieus en politiek volledig onafhankelijk.
De mening, inhoud, gevolg, informatie of doel van de berichten vertegenwoordigt enkel deze van de auteur van het bericht en dus niet noodzakelijk deze van SeniorenNet.