veel spam : FRST scan

[janneke dust2]

Volgend bericht met addition.txt

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17.03.2019
Gestart door jcarn (Beheerder) op PCI5LIVING (03-04-2019 15:14:15)
Gestart vanaf H:\UpdatePCsoft\PC-beveiliging\FarbarRecoveryScanTool\versie-20190403
Geladen Profielen: jcarn (Beschikbare Profielen: jcarn & Sem & Lucy)
Platform: Windows 10 Pro Versie 1809 17763.379 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: FF
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Canon Inc. -> CANON INC.) C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe
(Digital Wave Ltd -> Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
(Canon Inc. -> ) C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Photodex Corporation -> ) C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(Tenorshare Co,Ltd) [Bestand niet getekend] C:\Users\jcarn\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.7\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.3-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1903.3-0\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\OUTLOOK.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1794888 2017-11-02] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-09-04] (Canon Inc. -> CANON INC.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Bestand niet getekend]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) [Bestand niet getekend]
HKLM-x32\...\Run: [Erazer MEDION] => C:\Program Files (x86)\Erazer\MEDION Gaming Mouse\Hid.exe [1507840 2012-09-24] (MEDION) [Bestand niet getekend]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1313408 2017-07-05] (Canon Inc. -> CANON INC.)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518656 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\Run: [vidnotifier.exe] => C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\vidnotifier\vidnotifier.exe [1595368 2018-02-21] (Digital Wave Ltd -> Digital Wave Ltd)
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\Run: [Speccy] => C:\Program Files\Speccy\Speccy64.exe [7117464 2018-05-02] (Piriform Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.86\Installer\chrmstp.exe [2019-03-26] (Google LLC -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.8 PE.lnk [2017-11-22]
ShortcutTarget: PHOTOfunSTUDIO 9.8 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation -> Panasonic Corporation)
GroupPolicy: Restrictie ? <==== AANDACHT

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 195.130.131.4 195.130.130.4
Tcpip\..\Interfaces\{c73aad3f-e200-47b5-964a-6555368777ed}: [DhcpNameServer] 195.130.131.4 195.130.130.4

Internet Explorer:
==================
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2016-02-23] (Canon Inc. -> CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-02-04] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-02-04] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2016-02-23] (Canon Inc. -> CANON INC.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-03-19] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 2x9ttnr2.default-1547885907791
FF ProfilePath: C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791 [2019-04-03]
FF Homepage: Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791 -> hxxps://www.hln.be/|hxxps://www.seniorennet.be/ ... .id=TaalNL
FF Extension: (Disconnect) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\2.0@disconnect.me.xpi [2019-04-03]
FF Extension: (eID België) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\belgiumeid@eid.belgium.be.xpi [2019-01-19]
FF Extension: (I don’t care about cookies) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2019-03-13]
FF Extension: (Beste Prijs - Test Aankoop) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\{cd9c77fb-d9ac-4ca6-826e-fdc913cab733}.xpi [2019-01-19]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-12] (Adobe Systems Incorporated -> )
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2017-10-17] (CANON INC.) [Bestand niet getekend]
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-02-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-02-04] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-03-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2018-04-26] ( ) [Bestand niet getekend]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default [2019-04-03]
CHR Extension: (Presentaties) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-04]
CHR Extension: (Documenten) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-07]
CHR Extension: (Google Drive) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-07]
CHR Extension: (YouTube) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-07]
CHR Extension: (Adobe Acrobat) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-12-04]
CHR Extension: (Spreadsheets) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-04]
CHR Extension: (Offline Documenten) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-07]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-12-04]
CHR Extension: (Gmail) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-07]
CHR Extension: (Chrome Media Router) - C:\Users\jcarn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 CIJSRegister; C:\Program Files (x86)\Canon\IJ Scan Utility\SETEVENT.exe [144464 2015-02-19] (Canon Inc. -> CANON INC.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11129928 2019-03-06] (Microsoft Corporation -> Microsoft Corporation)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [440808 2018-02-21] (Digital Wave Ltd -> Digital Wave Ltd.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [397256 2018-11-19] (Canon Inc. -> )
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2018-03-24] (Photodex Corporation -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381128 2019-03-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Bestand niet getekend]
R2 TenorshareWinAdService; C:\Users\jcarn\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe [40448 2017-11-28] (Tenorshare Co,Ltd) [Bestand niet getekend]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\NisSrv.exe [3856504 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MsMpEng.exe [113984 2019-03-31] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 cpuz143; C:\Users\jcarn\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-03-22] (CPUID -> CPUID) <==== AANDACHT
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [34368 2018-01-17] (CHENGDU YIWO Tech Development Co., Ltd. -> )
R0 EPMVolFlt; C:\WINDOWS\System32\drivers\EPMVolFlt.sys [30320 2017-11-23] (CHENGDU YIWO Tech Development Co., Ltd. -> Windows (R) Codename Longhorn DDK provider)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2016-07-11] (CHENGDU YIWO Tech Development Co., Ltd. -> ) [Bestand niet getekend]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-10-16] (Corel Corporation -> Corel Corporation)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 qcusbwwan; C:\WINDOWS\System32\drivers\qcusbwwan.sys [557112 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated)
S3 RTL8192su; C:\WINDOWS\System32\drivers\RTL8192su.sys [687616 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
R3 SGIDGMS; C:\WINDOWS\system32\drivers\SGIDGMS.sys [25600 2012-09-19] (G-SPY Co., Ltd. -> )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-03-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343520 2019-03-31] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [68576 2019-03-31] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-04-03 14:54 - 2019-04-03 14:54 - 000000559 _____ C:\Users\jcarn\Desktop\JRT.txt
2019-03-28 00:03 - 2019-03-28 09:23 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-03-19 00:16 - 2019-03-19 00:16 - 000002253 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2019-03-19 00:16 - 2019-03-19 00:16 - 000002241 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
2019-03-14 23:09 - 2019-03-14 23:09 - 000000000 ____D C:\WINDOWS\LastGood
2019-03-13 13:30 - 2019-03-13 13:30 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 020814848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 019023872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 007882240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 006069760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 005436184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 004689408 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 003923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 003744256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 003551408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 001200920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2019-03-13 13:30 - 2019-03-13 13:30 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-03-13 13:30 - 2019-03-13 13:30 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srumsvc.dll
2019-03-13 13:29 - 2019-03-13 13:30 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 015224320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 012857856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 009683256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 006548168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 004588744 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 003382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 003378488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 002926904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 002776712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 002488320 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 002275680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 002187776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 002021584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001701376 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001604096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 001043256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000895048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000726416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000655160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000649272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-03-13 13:29 - 2019-03-13 13:29 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-03-13 13:29 - 2019-03-13 13:29 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-03-13 13:29 - 2019-03-13 13:29 - 000419128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-03-13 13:29 - 2019-03-13 13:29 - 000402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\srumsvc.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdfs.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\npfs.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-03-13 13:29 - 2019-03-13 13:29 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msfs.sys
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-03-13 13:29 - 2019-03-13 13:29 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-03-12 11:26 - 2019-03-12 11:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicoZip
2019-03-12 11:26 - 2019-03-12 11:26 - 000000000 ____D C:\Program Files (x86)\PicoZipRT
2019-03-11 23:13 - 2019-03-11 23:13 - 000000000 ____D C:\Users\jcarn\.swt
2019-03-10 17:35 - 2019-03-10 17:35 - 000817492 _____ C:\Users\jcarn\Downloads\casio-voorkeur-qw5161.pdf
2019-03-07 01:15 - 2019-03-07 01:15 - 024616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 019284480 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 009670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 008875008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007897088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007688088 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007647256 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007556392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 007251456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 005915936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 004920832 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 004245280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 003761664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003729808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 003660288 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003652656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003504128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003427840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002871312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002766648 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002752360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002720768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002637312 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002447360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002278240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002199864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002141184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.ModernAppAgent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002044416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002013696 _____ C:\WINDOWS\system32\rdpnano.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 002001408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001969152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001931264 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001893888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001751352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001742104 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001711616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001697744 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-03-07 01:15 - 2019-03-07 01:15 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001644048 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001612600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001572176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001563336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001522488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001481488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001479480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001468440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 001457544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001403920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 001341880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-03-07 01:15 - 2019-03-07 01:15 - 001332224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001296576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001294856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001289192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001272552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 001258808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-03-07 01:15 - 2019-03-07 01:15 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001179168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 001177088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.CommonBridge.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001176064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplySettingsTemplateCatalog.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 001098128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001078072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001077912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001072720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001047040 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001008128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2019-03-07 01:15 - 2019-03-07 01:15 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000918032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2019-03-07 01:15 - 2019-03-07 01:15 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000866152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000865568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2019-03-07 01:15 - 2019-03-07 01:15 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000833064 _____ C:\WINDOWS\system32\InputHost.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000831288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000817464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000808464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000790328 _____ (Microsoft Corporation) C:\WINDOWS\system32\upshared.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000772408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.PrinterCustomActions.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000735760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000732160 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCacheProvider.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000661816 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000652824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000649528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000646632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000619832 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000605496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000604336 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000591832 _____ C:\WINDOWS\SysWOW64\InputHost.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000548864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000525312 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000511800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000505656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000484976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000460304 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000449368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000423936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000421688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistSh.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000395064 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000355360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDistSh.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000336744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000330464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000322576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000279376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000262456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000246584 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistCleaner.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\smbwmiv2.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDist.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000202552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PeerDist.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\PeerDistWSDDiscoProv.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000178688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngctasks.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000174392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatialAudioLicenseSrv.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000147256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatialAudioLicenseSrv.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000138960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000132096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000115152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000071184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Uev.Common.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UevAppMonitor.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialMigrationHandler.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys
2019-03-07 01:15 - 2019-03-07 01:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-03-07 01:15 - 2019-03-07 01:15 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureBioSysprep.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rfxvmt.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-03-07 01:15 - 2019-03-07 01:15 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-03-06 21:20 - 2019-03-06 21:22 - 000000000 ____D C:\Muziek-mail-geluiden

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-04-03 15:14 - 2017-11-27 11:43 - 000000000 ____D C:\FRST
2019-04-03 15:11 - 2017-11-02 21:14 - 000000000 ____D C:\Users\jcarn\AppData\LocalLow\Mozilla
2019-04-03 15:04 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-03 14:44 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-04-03 10:26 - 2017-11-02 19:18 - 000000000 ____D C:\Users\jcarn\AppData\Local\Packages
2019-04-03 09:54 - 2018-10-03 14:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-03 00:33 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-03 00:33 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-02 18:26 - 2017-11-03 15:17 - 000000000 ____D C:\Users\jcarn\ProShowProducerV5-psh
2019-04-02 17:59 - 2017-11-02 20:58 - 000000000 ____D C:\ProgramData\CanonIJPLM
2019-03-31 13:10 - 2018-02-21 18:17 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-03-28 09:23 - 2017-11-09 12:21 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 09:23 - 2017-11-09 12:21 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-28 00:15 - 2018-10-03 14:40 - 000003574 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 00:15 - 2018-10-03 14:40 - 000003450 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-26 00:28 - 2018-12-04 16:39 - 000002321 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-03-26 00:28 - 2018-12-04 16:39 - 000002280 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-03-22 17:51 - 2018-10-03 14:41 - 001779806 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-03-22 17:51 - 2018-09-15 18:44 - 000789134 _____ C:\WINDOWS\system32\perfh013.dat
2019-03-22 17:51 - 2018-09-15 18:44 - 000155258 _____ C:\WINDOWS\system32\perfc013.dat
2019-03-22 17:43 - 2018-10-03 14:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-03-22 17:43 - 2017-11-13 23:27 - 000000000 ____D C:\Program Files\Microsoft Office
2019-03-22 17:42 - 2018-09-15 08:09 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-03-22 13:27 - 2018-10-03 14:40 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-03-22 13:27 - 2018-03-24 11:00 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-03-22 11:54 - 2018-06-09 09:29 - 000000000 ____D C:\Users\jcarn\AppData\Local\D3DSCache
2019-03-21 11:18 - 2017-11-13 23:57 - 000000000 ____D C:\Users\jcarn\AppData\Local\ElevatedDiagnostics
2019-03-21 00:06 - 2017-11-02 16:07 - 000000000 ____D C:\Users\jcarn\AppData\Local\VirtualStore
2019-03-19 23:24 - 2019-01-15 10:59 - 000000000 ____D C:\Users\jcarn\AppData\Roaming\vlc
2019-03-19 00:16 - 2017-11-18 23:40 - 000000000 ____D C:\Program Files\Google
2019-03-14 23:09 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-03-13 13:31 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-03-13 13:30 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-03-13 13:27 - 2017-11-02 16:45 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-03-13 13:25 - 2017-11-02 16:45 - 127411920 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-03-13 13:23 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-03-12 22:29 - 2018-12-04 16:49 - 000004688 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-12 22:29 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-03-12 22:29 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-03-11 23:13 - 2018-10-03 14:16 - 000000000 ____D C:\Users\jcarn
2019-03-10 15:49 - 2019-02-18 01:25 - 000908054 _____ C:\Users\jcarn\Downloads\casio-wva-m650.pdf
2019-03-08 10:33 - 2018-12-23 13:46 - 000000000 ____D C:\Users\jcarn\AppData\Local\CrashDumps
2019-03-08 10:33 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-03-07 01:18 - 2017-11-02 19:23 - 000000000 ___RD C:\Users\jcarn\3D Objects
2019-03-07 01:18 - 2015-09-10 07:36 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-03-07 01:17 - 2018-10-03 14:33 - 005035104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-03-07 01:17 - 2018-09-15 18:46 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-03-07 01:17 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-03-07 01:17 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-03-07 01:17 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-03-07 01:17 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-03-07 01:17 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-03-07 01:15 - 2018-10-03 14:34 - 002865152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

==================== Bestanden in de root van sommige mappen =======

2017-11-06 15:36 - 2017-11-06 15:38 - 000007605 _____ () C:\Users\jcarn\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\dllhost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\dllhost.exe => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

==================== Einde van FRST.txt ============================

[janneke dust2]

Addition.txt

Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17.03.2019
Gestart door jcarn (03-04-2019 15:15:12)
Gestart vanaf H:\UpdatePCsoft\PC-beveiliging\FarbarRecoveryScanTool\versie-20190403
Windows 10 Pro Versie 1809 17763.379 (X64) (2018-10-03 12:40:27)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1127049525-478323742-3338971903-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1127049525-478323742-3338971903-503 - Limited - Disabled)
Gast (S-1-5-21-1127049525-478323742-3338971903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1127049525-478323742-3338971903-1003 - Limited - Enabled)
jcarn (S-1-5-21-1127049525-478323742-3338971903-1001 - Administrator - Enabled) => C:\Users\jcarn
Sem & Lucy (S-1-5-21-1127049525-478323742-3338971903-1004 - Limited - Enabled) => C:\Users\Sem & Lucy
WDAGUtilityAccount (S-1-5-21-1127049525-478323742-3338971903-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

A.F.7 Merge your files 1.3 (HKLM-x32\...\{C576C82C-EE87-11D6-B031-0000CB597465}) (Version: 1.3.0.0 - Alex Fauland)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Belgium e-ID middleware 4.3.2 (build 3551) (HKLM\...\{DB942AEA-93D6-4FE4-8862-180D35A73551}) (Version: 4.3.3551 - Belgian Government)
Belgium e-ID viewer 4.2.11 (build 3344) (HKLM-x32\...\{F3DC7F06-92FF-4C98-87F5-72C0B7863344}) (Version: 4.2.3344 - Belgian Government)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.7.0 - Canon Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.7.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.20.13 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 6.0.1 - Canon Inc.)
Canon MG5700 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5700_series) (Version: 1.00 - Canon Inc.)
Canon MG5700 series On-screen Manual (HKLM-x32\...\Canon MG5700 series On-screen Manual) (Version: 7.8.0 - Canon Inc.)
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.6.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.3.0 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.8.5 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
CanoScan 8800F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.55 - Piriform)
EaseUS Partition Master 12.9 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS)
eID Web Browser Middleware (HKLM-x32\...\eID Web Browser Middleware) (Version: 1.1.11 - e-Contract.be BVBA)
Erazer MEDION Gamingmuis stuurprogramma V1.0 (HKLM-x32\...\{9F5E2400-A6E8-4B88-B997-06787EC38186}_is1) (Version: 1.00.00.05 - )
Free YouTube To MP3 Converter (HKLM-x32\...\Free YouTube To MP3 Converter_is1) (Version: 4.1.70.220 - Digital Wave Ltd)
G Suite Migration For Microsoft Outlook® 4.0.117.0 (HKLM\...\{A192D75D-8490-405F-82C5-A29906B8DA95}) (Version: 4.0.117.0 - Google, Inc.)
G Suite Sync™ for Microsoft Outlook® 4.0.19.0 (HKLM\...\{9DDC306E-C5D6-4EC6-95C1-9A7F8CA16DD9}) (Version: 4.0.19.0 - Google, Inc.)
Gadwin PrintScreen (64-Bit) (HKLM\...\{9D41A5E9-499A-4B98-8F05-CAB1C879E046}) (Version: 5.8.5.0 - Gadwin Systems)
Gebruikersregistratie voor Canon MG5700 series (HKLM-x32\...\Gebruikersregistratie voor Canon MG5700 series) (Version: - ‭Canon Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.86 - Google Inc.)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KB4023057 (HKLM\...\{B977A833-7734-41A5-B820-1F23D81DC87B}) (Version: 2.6.0.0 - Microsoft Corporation)
Kernel OST Viewer ver 15.0 (HKLM-x32\...\Kernel OST Viewer_is1) (Version: - Lepide Software Pvt.Ltd.)
Kernel Outlook PST Viewer ver 11.05.01 (HKLM-x32\...\Kernel Outlook PST Viewer_is1) (Version: - Lepide Software Pvt. Ltd.)
K-Lite Codec Pack 14.2.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.2.5 - KLCP)
Malwarebytes versie 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
MediaInfo 18.03 (HKLM\...\MediaInfo) (Version: 18.03 - MediaArea.net)
Microsoft Office Professional Plus 2016 - nl-nl (HKLM\...\ProPlusRetail - nl-nl) (Version: 16.0.11328.20158 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\OneDriveSetup.exe) (Version: 18.143.0717.0002 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.11.25325 (HKLM-x32\...\{6c6356fe-cbfa-4944-9bed-a9e99f45cb7a}) (Version: 14.11.25325.0 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 nl) (HKLM\...\Mozilla Firefox 66.0.2 (x64 nl)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0413-1000-0000000FF1CE}) (Version: 16.0.11328.20158 - Microsoft Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
PHOTOfunSTUDIO 9.8 PE (HKLM-x32\...\{E2893B75-5EB3-4ED2-AA60-3727A1177EC6}) (Version: 9.08.706.1033 - Panasonic Corporation)
PicoZip Recovery Tool 1.02 (HKLM-x32\...\PicoZip Recovery Tool 1.02) (Version: 1.02 - Softchitect)
ProfiCAD 8.0.3 (HKLM-x32\...\ProfiCAD_is1) (Version: - )
ProShow MediaSource - Wedding Essentials (HKLM-x32\...\ProShow MediaSource - Wedding Essentials) (Version: - )
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Ultimate ZIP Cracker II, evaluation version (HKLM-x32\...\{B2CB0545-B638-4D0B-8B48-275450D82CE1}) (Version: - )
UpdateAssistant (HKLM-x32\...\{DE45508F-369E-4476-8F19-088F4933340E}) (Version: 1.8.0.0 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
WinRAR 5.61 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.61.0 - win.rar GmbH)
Xirrus Wi-Fi Inspector (HKLM-x32\...\{8CED67B5-AB51-4D12-AAA5-395303922641}) (Version: 1.0.0 - Xirrus)
XnViewMP 0.92 (HKLM\...\XnViewMP_is1) (Version: 0.92 - Gougelet Pierre-e)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-1127049525-478323742-3338971903-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-09-30] (win.rar GmbH -> Alexander Roshal)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {0069F02B-20FA-4C77-88C8-D21F7296A0A3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {049EAA50-F4D3-485D-8AAC-EC2954618971} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe
Task: {1530C610-936D-4965-B0DF-37E21FFBE540} - System32\Tasks\RunSpeccy => C:\Program Files\Speccy\Speccy64.exe (Piriform Ltd -> Piriform Ltd)
Task: {4CF28D0C-A72C-4640-81DA-E4CAF9073CFE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {529823B0-8B65-4ED5-BB52-DF9CD8D0206C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {68FE5A0E-F8B3-4597-8AC3-2E5BDB16AE95} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {6E486399-18E8-406D-9B0C-4440753BFFC2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {7B939E9F-02A1-49DB-AFAF-72363F1B9E6B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {80EB4D29-5D16-4A69-85EA-43BD0093BD7C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {915D1015-B758-49D0-841A-F0A9EDECB6AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {934FF49E-DA75-4593-99C0-48878D3BE417} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {940CC785-87F9-4DA1-834E-648AD9A97998} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {96889C61-EFF6-447D-8CA6-0B138B4918DE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {9ACBA58F-A843-4FFA-9989-34AAFB1FE2DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A5A48177-7319-4622-990B-05DEDB158670} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {A83BEB72-8B0E-4975-897D-40003E013BEA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {BC361E9B-B913-4BEC-9FF2-1EF7A4D0190C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {BDF7128A-BB6A-4FC8-818F-7F14FDF4E8F3} - System32\Tasks\S-1-5-21-1127049525-478323742-3338971903-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe (Microsoft Windows -> Microsoft Corporation)
Task: {CCFCB9D2-7F88-4359-8F81-CA0079ED3391} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {CF60A2E0-D23B-4A62-B6E0-DD004BD8D5C5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.3-0\MpCmdRun.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {DD770C13-E7D1-4E51-A756-043D02A64AA8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
Task: {ED7289B5-BF29-4DFF-B6FC-D30E437B3E2F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F14B80BA-1338-4275-BC47-1A6D0983F582} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {F189806A-8734-4933-92D5-116CEE0C097F} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe (Samsung Electronics Co., Ltd. -> Samsung Electronics Co. Ltd.)
Task: {FB5E5008-2846-48EF-BDFA-02849C142400} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


==================== Geladen Modules (gefilterd) ==============

2019-02-26 00:01 - 2017-11-28 18:08 - 000040448 _____ (Tenorshare Co,Ltd) [Bestand niet getekend] C:\Users\jcarn\AppData\Roaming\Tenorshare\Service\configs\TenorshareWinAdService.exe
2017-11-17 21:51 - 2017-11-17 21:51 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2017-11-17 21:51 - 2017-11-17 21:51 - 000000000 ____LMicrosoft Corporation C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2017-11-02 20:58 - 2017-12-07 12:25 - 000219648 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJPLM\cnmpu2.dll
2017-11-02 20:58 - 2017-12-07 12:25 - 000123904 _____ (CANON INC.) [Bestand niet getekend] C:\Program Files (x86)\Canon\IJPLM\cnmpu.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)


==================== Hosts inhoud: ===============================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2015-07-31 00:42 - 2017-11-03 16:22 - 000000858 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Google\Google Apps Sync\;C:\Program Files\Google\Google Apps Sync\;C:\Program Files\Google\Google Apps Migration\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jcarn\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 195.130.131.4 - 195.130.130.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

Als een item is opgenomen in de fixlist, zal het worden verwijderd.

HKLM\...\StartupApproved\StartupFolder: => "PHOTOfunSTUDIO 9.8 PE.lnk"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "chrome"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\StartupApproved\Run: => "AdobeBridge"
HKU\S-1-5-21-1127049525-478323742-3338971903-1001\...\StartupApproved\Run: => "vidnotifier.exe"

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [{1C3F47FF-079F-42E8-AA30-F7AB8CFB6CEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D8212BDE-516A-47C9-98D9-13E217DD1F91}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{04941041-5EFD-4E1F-A9D5-627438B75E8E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C42587A1-B41B-41F4-A913-096D8D783835}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1E483904-BFD4-483C-B580-43965BB439A2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{69DE9F1E-75F6-4803-9113-E7EFC1E33FEC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{40A4C5BF-7DBD-4010-BC59-794D98A3FF82}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67DFAD54-57B9-4B47-A558-B706579C3562}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2C881973-D632-4659-94D4-EBE25319E2AA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{94C46DED-C9CE-4BF6-839B-33CD6A1E90A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8668049D-67EA-410B-A652-338AC0E6CAF3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DD7D2936-4F72-4F94-A509-0CC931E7FE25}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Herstelpunten =========================

13-03-2019 13:24:42 Windows Update
22-03-2019 13:35:27 JRT Pre-Junkware Removal
31-03-2019 22:15:29 Gepland controlepunt
03-04-2019 14:52:00 JRT Pre-Junkware Removal

==================== Defecte Apparaatbeheer Apparaten =============

Name: Realtek RTL8191SU Wireless LAN 802.11n USB 2.0 Network Adapter
Description: Realtek RTL8191SU RTL8192SU Wireless LAN 802.11n USB 2.0-netwerkadapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8192su
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (03/31/2019 01:10:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: MsMpEng.exe, versie: 4.18.1902.2, tijdstempel: 0xbeb43a5e
Naam van module met fout: ntdll.dll, versie: 10.0.17763.348, tijdstempel: 0xca65c822
Uitzonderingscode: 0xc0000409
Foutmarge: 0x000000000008fb3f
Id van proces met fout: 0x248c
Starttijd van toepassing met fout: 0x01d4e7b24dac1840
Pad naar toepassing met fout: C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1902.2-0\MsMpEng.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: f11e342c-4754-4c53-a908-728dd4883b2a
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (03/20/2019 04:20:59 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PCI5LIVING)
Description: KeesingMediaGroup.Denksport_xv7qama73e49e-2147024891

Error: (03/15/2019 11:30:16 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: PCI5LIVING)
Description: Microsoft.WindowsFeedbackHub_8wekyb3d8bbwe-2147024891

Error: (03/07/2019 09:52:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.17763.1, tijdstempel: 0x6fe3727f
Naam van module met fout: ntdll.dll, versie: 10.0.17763.348, tijdstempel: 0xca65c822
Uitzonderingscode: 0xc0000374
Foutmarge: 0x00000000000faf49
Id van proces met fout: 0x1978
Starttijd van toepassing met fout: 0x01d4d4baa8e2f98c
Pad naar toepassing met fout: C:\WINDOWS\system32\backgroundTaskHost.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: 28cf3770-8847-4da6-8627-f633d4184d3b
Volledige pakketnaam met fout: tiempo.com.ElTiempo14das_3.2.10.0_x64__1jw6nrrrzn4a6
Relatieve toepassings-id van pakket met fout: App

Error: (03/06/2019 07:52:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: smartscreen.exe, versie: 10.0.17763.1, tijdstempel: 0x0eee9872
Naam van module met fout: smartscreen.exe, versie: 10.0.17763.1, tijdstempel: 0x0eee9872
Uitzonderingscode: 0xc0000409
Foutmarge: 0x000000000008718e
Id van proces met fout: 0x2ab0
Starttijd van toepassing met fout: 0x01d4d444affc961f
Pad naar toepassing met fout: C:\Windows\System32\smartscreen.exe
Pad naar module met fout: C:\Windows\System32\smartscreen.exe
Rapport-id: 6f36500d-e3d9-40d5-bcae-a17898c32bf6
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (03/06/2019 07:48:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: CNQMUPDT.EXE, versie: 2.8.5.0, tijdstempel: 0x595c7036
Naam van module met fout: CNMDWLD.DLL, versie: 1.0.0.0, tijdstempel: 0x4f5eedc8
Uitzonderingscode: 0xc0000005
Foutmarge: 0x000023c6
Id van proces met fout: 0x18cc
Starttijd van toepassing met fout: 0x01d4d444bdfc218b
Pad naar toepassing met fout: C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
Pad naar module met fout: C:\Program Files (x86)\Canon\Quick Menu\CNMDWLD.DLL
Rapport-id: 3ad47485-b733-4931-8296-87ebd6963316
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (02/24/2019 05:28:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: backgroundTaskHost.exe, versie: 10.0.17763.1, tijdstempel: 0x6fe3727f
Naam van module met fout: ntdll.dll, versie: 10.0.17763.292, tijdstempel: 0x7ded7809
Uitzonderingscode: 0xc0000374
Foutmarge: 0x00000000000faf49
Id van proces met fout: 0x3244
Starttijd van toepassing met fout: 0x01d4cc55a1701f87
Pad naar toepassing met fout: C:\WINDOWS\system32\backgroundTaskHost.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: 8be90175-16b5-4bba-89a4-c6ee1458801c
Volledige pakketnaam met fout: tiempo.com.ElTiempo14das_3.2.10.0_x64__1jw6nrrrzn4a6
Relatieve toepassings-id van pakket met fout: App

Error: (02/18/2019 12:56:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: Bridge.exe, versie: 4.0.0.529, tijdstempel: 0x4b963c03
Naam van module met fout: Bridge.exe, versie: 4.0.0.529, tijdstempel: 0x4b963c03
Uitzonderingscode: 0xc0000005
Foutmarge: 0x003475e4
Id van proces met fout: 0xdd0
Starttijd van toepassing met fout: 0x01d4c77898b1361b
Pad naar toepassing met fout: C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
Pad naar module met fout: C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
Rapport-id: e31d5160-82f4-47c1-a0c4-7381bde73392
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:


Systeemfouten:
=============
Error: (04/03/2019 03:11:34 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 03:11:33 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 03:11:33 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 03:11:15 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 03:11:15 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 03:11:14 PM) (Source: DCOM) (EventID: 10016) (User: PCI5LIVING)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker PCI5LIVING\jcarn SID (S-1-5-21-1127049525-478323742-3338971903-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (04/03/2019 02:52:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De NVIDIA Display Driver Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.

Error: (04/03/2019 02:44:55 PM) (Source: DCOM) (EventID: 10000) (User: PCI5LIVING)
Description: Kan geen DCOM-server starten: {0358B920-0AC7-461F-98F4-58E32CD89148}. Foutmelding
"0"
is opgetreden bij het uitvoeren van de opdracht
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


Windows Defender:
===================================
Date: 2019-04-01 14:03:55.168
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {87AE723A-60F2-4EFD-A0EC-3CAF81B7217E}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2019-04-01 13:59:04.162
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {A1788202-E1F1-4592-A3B3-C092E96EA3C8}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2019-04-01 13:54:04.693
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {47E9FFC7-8F02-46C6-894D-0F15DDD6E39F}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2019-04-01 13:47:01.009
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {FC8E0000-1D0E-4618-86D7-6A39FD18DFEF}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2019-03-15 12:20:48.410
Description:
Scan van Windows Defender Antivirus is gestopt voordat deze was voltooid.
Scan-id: {7D0CDBF1-9823-4885-9642-9D06A0CFA6CE}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-03-31 13:10:16.172
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:16.161
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:16.094
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:16.082
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:16.069
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:16.053
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\dsreg.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:15.732
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-03-31 13:10:15.712
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Percentage geheugen in gebruik: 55%
Totaal fysiek RAM-geheugen: 8183.11 MB
Beschikbaar fysiek RAM-geheugen: 3617.51 MB
Totaal Virtueel geheugen: 8183.11 MB
Beschikbaar Virtueel geheugen: 3582.41 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:464.44 GB) (Free:32.16 GB) NTFS
Drive h: (Disk-Intern) (Fixed) (Total:931.41 GB) (Free:231.03 GB) NTFS

\\?\Volume{4ef6fcd0-0000-0000-0000-100000000000}\ (Door systeem gereserveerd) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS
\\?\Volume{4ef6fcd0-0000-0000-0000-d03b74000000}\ () (Fixed) (Total:0.83 GB) (Free:0.44 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 4EF6FCD0)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=464.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=845 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: EC37DD14)
Partition 1: (Not Active) - (Size=101 MB) - (Type=42)
Partition 2: (Active) - (Size=931.4 GB) - (Type=42)
Partition 3: (Not Active) - (Size=1752 KB) - (Type=42)

==================== Einde van Addition.txt ============================

[Sony]

janneke dust2 ,

probeer eens met onderstaande extensies uit te schakelen in FireFox:

FF Extension: (I don’t care about cookies) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2019-03-13]
FF Extension: (Beste Prijs - Test Aankoop) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions\{cd9c77fb-d9ac-4ca6-826e-fdc913cab733}.xpi [2019-01-19]

Gebruik CCleaner om de cookies te verwijderen.

Sony

[janneke dust2]

ik heb deze extension verwijderd en opgekuist met CCleaner maar een aantal sites zijn geselecteerd om de cookies te behouden.

[Sony]

janneke dust2,

een aantal sites zijn geselecteerd om de cookies te behouden.

Als je dat zelf beslist hebt o.k. maar bvb. van Avast, piriform en CCleaner
moet je de cookies niet behouden.
Automatische update van CCleaner ook uitschakelen.

Sony

[janneke dust2]

Done

[Sony]

Die spam is dat allemaal reclame of zijn dat ook nieuwsbrieven ?
Nieuwsbrieven kunt je opzeggen, meestal onderaan het bericht.

Sony

[janneke dust2]

Door de telenet spam filter herkent als spam, dus echte spam.
Mijn nieuwsbrieven komen toe op een aparte mailbox.
Ik gebruik 3 mailboxen:
- prive, bank, ...
- nieuwsbrieven
- contacten met forums

idem voor mijn vrouw.

[Sony]

janneke dust2,

Er kan nog een en ander verwijderd worden.

Lees nu eerst de handleiding en voer daarna de fix uit
Handleiding Fix
Note: Dit script is speciaal bedoeld voor deze computer, gebruik dit dan ook niet op andere computers met een gelijkaardig probleem.

Open Kladblok.
Kopieer onderstaande code en plak die in "Kladblok"

Code: Selecteer alles

start
CreateRestorePoint:
GroupPolicy: Restrictie ? <==== AANDACHT
FF Extension: (I don’t care about cookies) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions
\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2019-03-13]
FF Extension: (Beste Prijs - Test Aankoop) - C:\Users\jcarn\AppData\Roaming\Mozilla\Firefox\Profiles\2x9ttnr2.default-1547885907791\Extensions
\{cd9c77fb-d9ac-4ca6-826e-fdc913cab733}.xpi [2019-01-19]
R3 cpuz143; C:\Users\jcarn\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-03-22] (CPUID -> CPUID) <==== AANDACHT
C:\WINDOWS\System32\Tasks\CCleaner Update
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
Task: {DD770C13-E7D1-4E51-A756-043D02A64AA8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software
\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
C:\Program Files\Common Files\AVAST 
Task: {FB5E5008-2846-48EF-BDFA-02849C142400} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
C:\Program Files\CCleaner\CCUpdate.exe 
FirewallRules: [{C42587A1-B41B-41F4-A913-096D8D783835}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1E483904-BFD4-483C-B580-43965BB439A2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{94C46DED-C9CE-4BF6-839B-33CD6A1E90A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8668049D-67EA-410B-A652-338AC0E6CAF3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
hosts:
EmptyTemp:
Reboot:
end 

Ga naar Bestand ==> Opslaan als.
Kies als locatie Bureaublad.
Bij "Bestandsnaam" zet je: fixlist.txt
Bij "Opslaan als type" selecteer je: Alle bestanden.
Als het goed is staat er nu een tekst bestand (fixlist.txt) op je bureaublad ?
Start de Farbar Recovery Scan Tool (vanaf bureaublad)
Als het programma geopend is klik Yes bij de disclaimer. (indien nodig)
Druk op de Fix knop.
Er zal u een logbestand aangemaakt worden (fixlog.txt) op dezelfde plaats vanwaar de 'tool' gestart is.
Verstuur nu dit logje via wetransfer.
plaats de link in het volgend bericht.

Sony

[janneke dust2]

Ik ben nu aan zee, als het weer zo blijft dan blijf ik tot na Pasen. Daarna ik dit script thuis uitvoeren.

[Sony]

Nog een prettige vakantie en hopelijk wordt het weer terug beter.

Sony

[Sony]

janneke dust2,

al resultaat ?

Sony

[janneke dust2]

heb de fixlist licht aangepast omdat bepaalde zaken niet meer in de log's stonden. Daarna de fix uitgevoerd.
Nu afwachten.
hier de log van de fix:
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 24.04.2019
Gestart door jcarn (25-04-2019 11:26:03) Run:1
Gestart vanaf H:\UpdatePCsoft\PC-beveiliging\FarbarRecoveryScanTool\versie-20190403
Geladen Profielen: jcarn (Beschikbare Profielen: jcarn & Sem & Lucy)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start
CreateRestorePoint:
GroupPolicy: Restrictie ? <==== AANDACHT
R3 cpuz143; C:\Users\jcarn\AppData\Local\Temp\cpuz143\cpuz143_x64.sys [48952 2019-04-23] (CPUID -> CPUID) <==== AANDACHT
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
Task: {DD770C13-E7D1-4E51-A756-043D02A64AA8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software
\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software)
C:\Program Files\Common Files\AVAST
Task: {FB5E5008-2846-48EF-BDFA-02849C142400} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{C42587A1-B41B-41F4-A913-096D8D783835}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1E483904-BFD4-483C-B580-43965BB439A2}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{94C46DED-C9CE-4BF6-839B-33CD6A1E90A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{8668049D-67EA-410B-A652-338AC0E6CAF3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
EmptyTemp:
Reboot:
end
*****************

Herstelpunt is succesvol gemaakt.
C:\WINDOWS\system32\GroupPolicy\Machine => is succesvol verplaatst
C:\WINDOWS\system32\GroupPolicy\GPT.ini => is succesvol verplaatst
cpuz143 => Kon service niet stoppen.
HKLM\System\CurrentControlSet\Services\cpuz143 => is succesvol verwijderd
cpuz143 => service is succesvol verwijderd
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => is succesvol verwijderd
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => niet gevonden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{DD770C13-E7D1-4E51-A756-043D02A64AA8}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD770C13-E7D1-4E51-A756-043D02A64AA8}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => is succesvol verwijderd
\Overseer\overseer.exe (AVAST Software s.r.o. -> AVAST Software) => Fout: Geen automatische fix gevonden voor dit item.
"C:\Program Files\Common Files\AVAST" => niet gevonden
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{FB5E5008-2846-48EF-BDFA-02849C142400}" => is succesvol verwijderd
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FB5E5008-2846-48EF-BDFA-02849C142400}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\CCleaner Update => is succesvol verplaatst
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleaner Update" => is succesvol verwijderd
C:\Program Files\CCleaner\CCUpdate.exe => is succesvol verplaatst
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C42587A1-B41B-41F4-A913-096D8D783835}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1E483904-BFD4-483C-B580-43965BB439A2}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{94C46DED-C9CE-4BF6-839B-33CD6A1E90A7}" => is succesvol verwijderd
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{8668049D-67EA-410B-A652-338AC0E6CAF3}" => is succesvol verwijderd

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 376374405 B
Java, Flash, Steam htmlcache => 1124 B
Windows/system/drivers => 3179290 B
Edge => 115630 B
Chrome => 148535 B
Firefox => 1085217811 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 20480 B
LocalService => 0 B
NetworkService => 14654 B
NetworkService => 0 B
jcarn => 38578695 B
Sem & Lucy => 309749 B

RecycleBin => 957274 B
EmptyTemp: => 1.4 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 11:27:34 ====

[Sony]

janneke dust2,

nog resultaat ?

[janneke dust2]

Ik heb lastpass geïnstalleerd en lastpass moeilijke paswoorden laten kiezen voor de websites waar ik me aanmeld. Nu krijg ik geen SPAM meer op dat mailadres.
Het instellen van moeilijke paswoorden loopt wel niet zo eenvoudig als lastpass voorstelt omdat vele sites de automatische aanpassing niet ondersteunen. Sites waar Google iets mee te maken heeft komen ook om de haverklap zeuren omdat ge zit te prutsen aan de paswoorden.