Re: laptop is traag
Hallo Abraham54,
Hier het frst log:
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 29-06-2016
Gestart door Gebruiker (Beheerder) op ASUS-PC (30-06-2016 10:57:31)
Gestart vanaf C:\Users\Gebruiker\Desktop
Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker)
Platform: Windows 8 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 10 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17280_none_6224eed751126779\TiWorker.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [17008 2016-06-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Geen bestand
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Geen bestand
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Geen bestand
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Geen bestand
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Geen bestand
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Geen bestand
Startup: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2014-11-28]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{6FEFDB26-3315-4A9E-93C8-5F8DE957AD74}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{B9A48904-6CAD-46A9-BDEC-65AA66FB64C2}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-430592883-1932623849-3212149148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Geen bestand
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Geen bestand
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\OseuumEr.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-24] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\OseuumEr.default\Extensions\abs@avira.com [2016-06-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP49CB0591-D950-4E78-B464-F03559282859&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSuggestURL: Default -> hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-30]
CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-30]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-30]
CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Bestand niet getekend]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [25760 2016-06-09] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
===================== Drivers (gefilterd) ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-10] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-26] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation)
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
U0 msahci; geen ImagePath
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-06-30 10:57 - 2016-06-30 10:57 - 00016603 _____ C:\Users\Gebruiker\Desktop\FRST.txt
2016-06-30 10:56 - 2016-06-30 10:56 - 02390016 _____ (Farbar) C:\Users\Gebruiker\Desktop\FRST64.exe
2016-06-30 10:55 - 2016-06-30 10:57 - 00000000 ____D C:\FRST
2016-06-30 10:55 - 2016-06-30 10:55 - 02390016 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe
2016-06-30 02:35 - 2016-06-30 02:35 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Avira
2016-06-30 02:31 - 2016-06-30 02:31 - 00001163 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-06-30 02:31 - 2016-06-30 02:31 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\AviraSpeedup
2016-06-30 02:31 - 2016-06-30 02:31 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Avira
2016-06-30 02:30 - 2016-06-30 10:54 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-06-30 02:30 - 2016-06-30 02:30 - 00003344 _____ C:\Windows\System32\Tasks\Avira System Speedup Tray
2016-06-30 02:28 - 2016-06-30 02:28 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Mozilla
2016-06-30 02:25 - 2016-04-10 11:03 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-06-30 02:23 - 2016-06-30 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-30 02:23 - 2016-06-30 02:23 - 00001216 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-30 02:22 - 2016-06-30 02:30 - 00000000 ____D C:\ProgramData\Avira
2016-06-30 02:22 - 2016-06-30 02:29 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-30 02:22 - 2016-06-30 02:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 02:14 - 2016-06-30 02:14 - 06466144 _____ C:\Users\Gebruiker\Documents\rmtool-setup-x64.exe
2016-06-30 02:13 - 2016-06-30 02:13 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Gebruiker\Documents\avira_nl_av_5774620b333c8__ws.exe
2016-06-30 01:58 - 2016-01-05 22:16 - 00826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-30 01:58 - 2016-01-05 22:16 - 00176088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-30 01:45 - 2015-10-01 15:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-06-30 01:45 - 2015-10-01 15:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-06-30 00:58 - 2016-06-30 10:52 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-30 00:52 - 2016-06-30 00:52 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-30 00:52 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-30 00:52 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-30 00:52 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-30 00:50 - 2016-06-30 00:51 - 22851472 _____ (Malwarebytes ) C:\Users\Gebruiker\Documents\mbam-setup-2.2.1.1043.exe
2016-06-24 12:34 - 2015-12-08 17:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-24 12:34 - 2015-12-08 17:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-24 12:34 - 2015-12-04 02:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-24 12:34 - 2015-12-03 23:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-24 12:33 - 2015-12-31 01:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-24 12:33 - 2015-11-16 16:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-24 12:33 - 2015-11-16 16:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-24 12:33 - 2015-11-16 16:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-06-24 12:33 - 2015-11-16 16:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-24 12:33 - 2015-11-16 16:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-24 12:33 - 2015-11-16 16:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-24 12:33 - 2015-09-22 19:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-24 12:33 - 2015-09-22 19:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-24 12:32 - 2015-11-16 16:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-24 12:32 - 2015-11-16 16:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-24 12:32 - 2015-11-16 16:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-24 12:32 - 2015-11-16 16:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-24 12:32 - 2015-09-23 15:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-24 12:31 - 2015-08-05 15:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2016-06-24 12:31 - 2015-08-04 15:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-24 12:31 - 2015-08-04 15:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 02307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2016-06-24 12:31 - 2015-08-01 18:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-24 12:31 - 2015-08-01 17:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-24 12:31 - 2015-08-01 15:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-24 12:31 - 2015-08-01 15:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-24 12:31 - 2015-08-01 15:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-24 12:30 - 2016-06-30 10:35 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-24 12:30 - 2016-06-30 02:20 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-24 12:30 - 2015-09-02 15:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-24 12:30 - 2015-09-02 15:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-24 12:30 - 2015-09-02 01:25 - 04065280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-24 12:30 - 2015-08-28 23:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-24 12:30 - 2015-08-27 20:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-06-30 10:41 - 2014-07-26 20:16 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps
2016-06-30 10:41 - 2012-08-02 15:33 - 00000000 ____D C:\Windows\Log
2016-06-30 10:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MsDtc
2016-06-30 07:21 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2016-06-30 06:19 - 2013-12-15 15:59 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-30 06:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2016-06-30 05:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-06-30 05:14 - 2013-12-14 18:42 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-430592883-1932623849-3212149148-1001
2016-06-30 04:59 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-30 02:25 - 2012-08-03 01:15 - 00796920 _____ C:\Windows\system32\perfh013.dat
2016-06-30 02:25 - 2012-08-03 01:15 - 00159176 _____ C:\Windows\system32\perfc013.dat
2016-06-30 02:25 - 2012-07-26 09:28 - 01792392 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 02:25 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-06-30 02:19 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 02:09 - 2015-02-01 16:45 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-30 01:56 - 2015-03-23 20:06 - 00449264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-30 01:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2016-06-30 01:43 - 2013-12-26 22:30 - 00000000 ____D C:\Windows\system32\MRT
2016-06-30 01:36 - 2013-12-26 22:30 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-30 01:14 - 2013-04-26 01:17 - 00000000 ____D C:\Windows\it
2016-06-30 01:13 - 2013-11-13 18:21 - 00000000 ____D C:\Users\Gebruiker
2016-06-29 23:38 - 2013-04-26 01:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-29 23:37 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-29 23:21 - 2015-02-01 16:46 - 00000000 ____D C:\ProgramData\ProductData
2016-06-29 23:19 - 2014-07-14 10:49 - 00000000 ____D C:\ProgramData\Norton
2016-06-29 23:18 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-29 23:08 - 2012-07-26 10:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-29 23:05 - 2013-12-27 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-29 23:00 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-29 23:00 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-24 12:30 - 2016-02-18 22:11 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-24 12:30 - 2016-02-18 22:11 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-22 15:07 - 2015-02-01 16:46 - 00000000 ____D C:\Users\Gebruiker\AppData\LocalLow\IObit
2016-06-22 15:07 - 2015-02-01 16:45 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\IObit
2016-06-22 15:07 - 2015-02-01 16:45 - 00000000 ____D C:\ProgramData\IObit
==================== Bestanden in de root van sommige mappen =======
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Sommige bestanden in TEMP:
====================
C:\Users\Gebruiker\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2016-06-30 05:21
==================== Eind van FRST.txt ============================
hier het ADDITION LOG:
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 29-06-2016
Gestart door Gebruiker (2016-06-30 10:58:09)
Gestart vanaf C:\Users\Gebruiker\Desktop
Windows 8 (X64) (2013-11-13 16:21:05)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-430592883-1932623849-3212149148-500 - Administrator - Disabled)
Gast (S-1-5-21-430592883-1932623849-3212149148-501 - Limited - Disabled)
Gebruiker (S-1-5-21-430592883-1932623849-3212149148-1001 - Administrator - Enabled) => C:\Users\Gebruiker
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Genstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-245 - House of Life)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{EA9BAE1A-2D68-4160-81E6-14B712435D66}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.03 - Portforward, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6804 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {070DECC2-7768-4BF5-A608-3FB3CF40C053} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {0FE90F9C-8600-40E5-9176-4C9244236CDA} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-06-09] (Avira Operations GmbH & Co. KG)
Task: {18207F23-EDE5-4D73-90B1-483B4A2085CA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {26802D74-E8EB-4899-92E9-1A81EE6AF534} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage -> Geen bestand <==== AANDACHT
Task: {4DBFB318-3824-43F0-AA83-187830AB3A7C} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {6EBD8982-E766-4560-B2BA-93F19AC6BF3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {7DF71B50-2761-44DE-8C5C-327E1A46D692} - System32\Tasks\ASC8_SkipUac_Gebruiker => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {8859A3A6-BA21-4930-8423-7FEA7E0E740C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {8F8E4470-31F4-4E72-8D15-941E48967299} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {945D120A-DD89-4B60-84F5-ABDC9AA2963A} - \Advanced System Optimizer -> Geen bestand <==== AANDACHT
Task: {9DC83B41-30F7-4B9E-8E79-D41F150905AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-30] (Microsoft Corporation)
Task: {9F6788DF-77B5-44A7-B59D-8CB6FEC4A8D9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-24] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask -> Geen bestand <==== AANDACHT
Task: {B5D4ABF1-D826-4F92-8AEB-B0C3EDE8421C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {B6270E04-80C7-4BB5-9CBD-9F8BF9564FFB} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {B9007C8A-C388-48C3-9816-F0B4D825FDF6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {DA4FF129-E5A6-4D2C-A7BA-9D4E6E2AAD11} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek)
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\Windows\Tasks\ASC8_SkipUac_Gebruiker.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-06-29 23:03 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-01 16:46 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-09-11 15:01 - 2012-09-11 15:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-09-17 11:46 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\100sexlinks.com -> 100sexlinks.com
Er zijn 4788 Meer websites.
==================== Hosts inhoud: ===============================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
DNS Servers: 192.168.2.254 - 213.75.63.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk"
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{335A01C2-4E5C-4590-ABD4-C580CCC78910}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D7E85E7C-35CC-4343-BCFE-727DDE6B41AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C1A23934-3870-4642-92A5-5BD469B03CE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0F72D744-ECCA-48FA-8CE3-28CEE2C03367}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Herstelpunten =========================
31-10-2015 18:52:34 Windows Update
30-06-2016 01:23:46 Windows Update
30-06-2016 10:40:16 Avira System Speedup optimalisatie
==================== Defecte Apparaatbeheer Apparaten =============
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:52:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:52:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Systeemfouten:
=============
Error: (06/30/2016 03:33:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Windows Installer-service kan vanwege de volgende fout niet worden gestart:
%%1053 = De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (06/30/2016 03:33:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Windows Installer.
Error: (06/30/2016 02:20:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De RBClientService-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 15000 milliseconden worden uitgevoerd: Service opnieuw starten.
Error: (06/30/2016 02:19:59 AM) (Source: DCOM) (EventID: 10016) (User: ASUS-PC)
Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ASUS-PCGebruikerS-1-5-21-430592883-1932623849-3212149148-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar
Error: (06/30/2016 02:19:59 AM) (Source: DCOM) (EventID: 10016) (User: ASUS-PC)
Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ASUS-PCGebruikerS-1-5-21-430592883-1932623849-3212149148-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar
Error: (06/30/2016 02:17:03 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:16:50 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:37 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:24 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:17 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
==================== Geheugen info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage geheugen in gebruik: 29%
Totaal fysiek RAM-geheugen: 3981.67 MB
Beschikbaar fysiek RAM-geheugen: 2814.73 MB
Totaal Virtueel geheugen: 6137.18 MB
Beschikbaar Virtual geheugen: 4190.32 MB
==================== Schijven ================================
Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:122.01 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:397.91 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 0FE4DC0A)
Partition: GPT.
==================== Eind van Addition.txt ============================
--- Update ---
Hallo Abraham54,
Hier het frst log:
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 29-06-2016
Gestart door Gebruiker (Beheerder) op ASUS-PC (30-06-2016 10:57:31)
Gestart vanaf C:\Users\Gebruiker\Desktop
Geladen Profielen: Gebruiker (Beschikbare Profielen: Gebruiker)
Platform: Windows 8 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 10 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processen (gefilterd) =================
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.17280_none_6224eed751126779\TiWorker.exe
==================== Register (gefilterd) ===========================
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM\...\Run: [ACMON] => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [107192 2012-09-11] (ASUS)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [17008 2016-06-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Geen bestand
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Geen bestand
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Geen bestand
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\ASUSWSShellExt64.dll [2012-09-27] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Geen bestand
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Geen bestand
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Geen bestand
Startup: C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk [2014-11-28]
ShortcutTarget: Verzenden naar OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (gefilterd) ====================
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{6FEFDB26-3315-4A9E-93C8-5F8DE957AD74}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{B9A48904-6CAD-46A9-BDEC-65AA66FB64C2}: [DhcpNameServer] 192.168.2.254
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restrictie <======= AANDACHT
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-430592883-1932623849-3212149148-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> Geen bestand
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-24] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-24] (Microsoft Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL => Geen bestand
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\OseuumEr.default
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-01-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-24] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-24] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-10-12] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\OseuumEr.default\Extensions\abs@avira.com [2016-06-30]
Chrome:
=======
CHR HomePage: Default -> hxxp://google.com/
CHR StartupUrls: Default -> "hxxp://google.com/"
CHR DefaultSearchURL: Default -> hxxp://search.conduit.com/Results.aspx?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP49CB0591-D950-4E78-B464-F03559282859&q={searchTerms}&SSPV=
CHR DefaultSearchKeyword: Default -> search.conduit.com
CHR DefaultSuggestURL: Default -> hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-06]
CHR Extension: (Google Drive) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-31]
CHR Extension: (YouTube) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-30]
CHR Extension: (Offline Documenten) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-06-30]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-30]
CHR Extension: (Gmail) - C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Services (gefilterd) ========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-10] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] () [Bestand niet getekend]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [25760 2016-06-09] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16024 2015-01-31] (Microsoft Corporation)
===================== Drivers (gefilterd) ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [62848 2012-11-20] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-10] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3265256 2013-04-26] (Broadcom Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44024 2015-01-31] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [275712 2015-01-31] (Microsoft Corporation)
S4 IMFFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\IMFFilter.sys [X]
U0 msahci; geen ImagePath
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
==================== NetSvcs (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Een Maand Aangemaakt bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-06-30 10:57 - 2016-06-30 10:57 - 00016603 _____ C:\Users\Gebruiker\Desktop\FRST.txt
2016-06-30 10:56 - 2016-06-30 10:56 - 02390016 _____ (Farbar) C:\Users\Gebruiker\Desktop\FRST64.exe
2016-06-30 10:55 - 2016-06-30 10:57 - 00000000 ____D C:\FRST
2016-06-30 10:55 - 2016-06-30 10:55 - 02390016 _____ (Farbar) C:\Users\Gebruiker\Downloads\FRST64.exe
2016-06-30 02:35 - 2016-06-30 02:35 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Avira
2016-06-30 02:31 - 2016-06-30 02:31 - 00001163 _____ C:\Users\Public\Desktop\Avira System Speedup.lnk
2016-06-30 02:31 - 2016-06-30 02:31 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\AviraSpeedup
2016-06-30 02:31 - 2016-06-30 02:31 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\Avira
2016-06-30 02:30 - 2016-06-30 10:54 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-06-30 02:30 - 2016-06-30 02:30 - 00003344 _____ C:\Windows\System32\Tasks\Avira System Speedup Tray
2016-06-30 02:28 - 2016-06-30 02:28 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\Mozilla
2016-06-30 02:25 - 2016-04-10 11:03 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-06-30 02:25 - 2016-04-10 11:03 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-06-30 02:23 - 2016-06-30 02:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-30 02:23 - 2016-06-30 02:23 - 00001216 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-30 02:22 - 2016-06-30 02:30 - 00000000 ____D C:\ProgramData\Avira
2016-06-30 02:22 - 2016-06-30 02:29 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-30 02:22 - 2016-06-30 02:22 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 02:14 - 2016-06-30 02:14 - 06466144 _____ C:\Users\Gebruiker\Documents\rmtool-setup-x64.exe
2016-06-30 02:13 - 2016-06-30 02:13 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Gebruiker\Documents\avira_nl_av_5774620b333c8__ws.exe
2016-06-30 01:58 - 2016-01-05 22:16 - 00826328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-30 01:58 - 2016-01-05 22:16 - 00176088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-30 01:45 - 2015-10-01 15:10 - 00869568 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2016-06-30 01:45 - 2015-10-01 15:09 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2016-06-30 00:58 - 2016-06-30 10:52 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-30 00:52 - 2016-06-30 00:52 - 00001120 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-30 00:52 - 2016-06-30 00:52 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-30 00:52 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-30 00:52 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-30 00:52 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-30 00:50 - 2016-06-30 00:51 - 22851472 _____ (Malwarebytes ) C:\Users\Gebruiker\Documents\mbam-setup-2.2.1.1043.exe
2016-06-24 12:34 - 2015-12-08 17:43 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-06-24 12:34 - 2015-12-08 17:16 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-06-24 12:34 - 2015-12-04 02:55 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-06-24 12:34 - 2015-12-03 23:47 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2016-06-24 12:33 - 2015-12-31 01:29 - 06972760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-24 12:33 - 2015-11-16 16:42 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-24 12:33 - 2015-11-16 16:29 - 00961536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-06-24 12:33 - 2015-11-16 16:29 - 00452608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2016-06-24 12:33 - 2015-11-16 16:28 - 00668160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-24 12:33 - 2015-11-16 16:27 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2016-06-24 12:33 - 2015-11-16 16:26 - 01282560 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 01043968 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00588800 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00439808 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00318464 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-24 12:33 - 2015-11-16 16:26 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-24 12:33 - 2015-09-22 19:53 - 01405408 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-06-24 12:33 - 2015-09-22 19:53 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-06-24 12:32 - 2015-11-16 16:29 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-24 12:32 - 2015-11-16 16:29 - 00178688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-24 12:32 - 2015-11-16 16:29 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-24 12:32 - 2015-11-16 16:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-24 12:32 - 2015-11-16 16:26 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-24 12:32 - 2015-09-23 15:10 - 00570256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-24 12:31 - 2015-08-05 15:52 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 08858112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 02038784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 01229824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 00356352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-06-24 12:31 - 2015-08-04 16:42 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncInfo.dll
2016-06-24 12:31 - 2015-08-04 15:54 - 10116608 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-24 12:31 - 2015-08-04 15:54 - 01399808 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 02307584 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-06-24 12:31 - 2015-08-04 15:53 - 00128512 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncInfo.dll
2016-06-24 12:31 - 2015-08-01 18:21 - 00073352 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2016-06-24 12:31 - 2015-08-01 17:22 - 00063992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2016-06-24 12:31 - 2015-08-01 15:56 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2016-06-24 12:31 - 2015-08-01 15:56 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2016-06-24 12:31 - 2015-08-01 15:56 - 00018432 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2016-06-24 12:30 - 2016-06-30 10:35 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-24 12:30 - 2016-06-30 02:20 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-06-24 12:30 - 2015-09-02 15:48 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-24 12:30 - 2015-09-02 15:38 - 00035328 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-24 12:30 - 2015-09-02 01:25 - 04065280 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-24 12:30 - 2015-08-28 23:59 - 00304128 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-24 12:30 - 2015-08-27 20:41 - 00366592 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
==================== Een Maand Gewijzigd bestanden en mappen ========
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
2016-06-30 10:41 - 2014-07-26 20:16 - 00000000 ____D C:\Users\Gebruiker\AppData\Local\CrashDumps
2016-06-30 10:41 - 2012-08-02 15:33 - 00000000 ____D C:\Windows\Log
2016-06-30 10:41 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\MsDtc
2016-06-30 07:21 - 2012-07-26 09:59 - 00000000 ____D C:\Windows\CbsTemp
2016-06-30 06:19 - 2013-12-15 15:59 - 00002217 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-30 06:15 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2016-06-30 05:18 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2016-06-30 05:14 - 2013-12-14 18:42 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-430592883-1932623849-3212149148-1001
2016-06-30 04:59 - 2012-07-26 10:12 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-30 02:25 - 2012-08-03 01:15 - 00796920 _____ C:\Windows\system32\perfh013.dat
2016-06-30 02:25 - 2012-08-03 01:15 - 00159176 _____ C:\Windows\system32\perfc013.dat
2016-06-30 02:25 - 2012-07-26 09:28 - 01792392 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-30 02:25 - 2012-07-26 07:37 - 00000000 ____D C:\Windows\Inf
2016-06-30 02:19 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-06-30 02:09 - 2015-02-01 16:45 - 00000000 ____D C:\Program Files (x86)\IObit
2016-06-30 01:56 - 2015-03-23 20:06 - 00449264 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-30 01:52 - 2012-07-26 10:12 - 00000000 ___RD C:\Windows\ToastData
2016-06-30 01:43 - 2013-12-26 22:30 - 00000000 ____D C:\Windows\system32\MRT
2016-06-30 01:36 - 2013-12-26 22:30 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-30 01:14 - 2013-04-26 01:17 - 00000000 ____D C:\Windows\it
2016-06-30 01:13 - 2013-11-13 18:21 - 00000000 ____D C:\Users\Gebruiker
2016-06-29 23:38 - 2013-04-26 01:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-29 23:37 - 2012-07-26 10:12 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-29 23:21 - 2015-02-01 16:46 - 00000000 ____D C:\ProgramData\ProductData
2016-06-29 23:19 - 2014-07-14 10:49 - 00000000 ____D C:\ProgramData\Norton
2016-06-29 23:18 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-06-29 23:08 - 2012-07-26 10:12 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-29 23:05 - 2013-12-27 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-29 23:00 - 2012-07-26 10:12 - 00000000 ___HD C:\Windows\ELAMBKUP
2016-06-29 23:00 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-06-24 12:30 - 2016-02-18 22:11 - 00004052 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-24 12:30 - 2016-02-18 22:11 - 00003816 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-06-22 15:07 - 2015-02-01 16:46 - 00000000 ____D C:\Users\Gebruiker\AppData\LocalLow\IObit
2016-06-22 15:07 - 2015-02-01 16:45 - 00000000 ____D C:\Users\Gebruiker\AppData\Roaming\IObit
2016-06-22 15:07 - 2015-02-01 16:45 - 00000000 ____D C:\ProgramData\IObit
==================== Bestanden in de root van sommige mappen =======
2013-04-26 01:15 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2013-04-26 01:15 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2013-04-26 01:15 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS
Sommige bestanden in TEMP:
====================
C:\Users\Gebruiker\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap =================
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
LastRegBack: 2016-06-30 05:21
==================== Eind van FRST.txt ============================
hier het ADDITION LOG:
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 29-06-2016
Gestart door Gebruiker (2016-06-30 10:58:09)
Gestart vanaf C:\Users\Gebruiker\Desktop
Windows 8 (X64) (2013-11-13 16:21:05)
Boot Modus: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-430592883-1932623849-3212149148-500 - Administrator - Disabled)
Gast (S-1-5-21-430592883-1932623849-3212149148-501 - Limited - Disabled)
Gebruiker (S-1-5-21-430592883-1932623849-3212149148-1001 - Administrator - Enabled) => C:\Users\Gebruiker
==================== Security Center ========================
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Genstalleerde programma's ======================
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.4 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.13 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.36 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0027 - ASUS)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BitLord 2.3 (HKLM-x32\...\BitLord) (Version: 2.3.2-245 - House of Life)
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2875 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MyBitCast 2.0 (HKLM-x32\...\MyBitCast) (Version: 2.0 - ASUS)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{EA9BAE1A-2D68-4160-81E6-14B712435D66}) (Version: 4.01.9714 - Apache Software Foundation)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Port Forward Network Utilities (HKLM-x32\...\{88B1D36C-7B70-4C48-8D2F-AAB956ECF4C3}) (Version: 2.03 - Portforward, LLC)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6804 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse (11/09/2012 1.0.0.153) (HKLM\...\5AB9160B769DD2E134ADCB8010377DECA2479378) (Version: 11/09/2012 1.0.0.153 - ASUS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
==================== Aangepaste CLSID (gefilterd): ==========================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
==================== Geplande Taken (gefilterd) =============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
Task: {070DECC2-7768-4BF5-A608-3FB3CF40C053} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {0FE90F9C-8600-40E5-9176-4C9244236CDA} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-06-09] (Avira Operations GmbH & Co. KG)
Task: {18207F23-EDE5-4D73-90B1-483B4A2085CA} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {26802D74-E8EB-4899-92E9-1A81EE6AF534} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-09-24] (ASUS)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - \Microsoft\Windows\Live\Roaming\SynchronizeWithStorage -> Geen bestand <==== AANDACHT
Task: {4DBFB318-3824-43F0-AA83-187830AB3A7C} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {6EBD8982-E766-4560-B2BA-93F19AC6BF3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {7DF71B50-2761-44DE-8C5C-327E1A46D692} - System32\Tasks\ASC8_SkipUac_Gebruiker => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: {8859A3A6-BA21-4930-8423-7FEA7E0E740C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-17] (Google Inc.)
Task: {8F8E4470-31F4-4E72-8D15-941E48967299} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-08-24] (ASUS)
Task: {945D120A-DD89-4B60-84F5-ABDC9AA2963A} - \Advanced System Optimizer -> Geen bestand <==== AANDACHT
Task: {9DC83B41-30F7-4B9E-8E79-D41F150905AD} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-06-30] (Microsoft Corporation)
Task: {9F6788DF-77B5-44A7-B59D-8CB6FEC4A8D9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-24] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - \Microsoft\Windows\Live\Roaming\MaintenanceTask -> Geen bestand <==== AANDACHT
Task: {B5D4ABF1-D826-4F92-8AEB-B0C3EDE8421C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {B6270E04-80C7-4BB5-9CBD-9F8BF9564FFB} - System32\Tasks\ASC8_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
Task: {B9007C8A-C388-48C3-9816-F0B4D825FDF6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-04-12] (Microsoft Corporation)
Task: {DA4FF129-E5A6-4D2C-A7BA-9D4E6E2AAD11} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2012-11-20] (AsusTek)
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
Task: C:\Windows\Tasks\ASC8_SkipUac_Gebruiker.job => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Snelkoppelingen =============================
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
==================== Geladen Modules (gefilterd) ==============
2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2012-08-24 18:26 - 2012-08-24 18:26 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2016-06-29 23:03 - 2016-04-19 19:26 - 00114888 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-01 16:46 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2012-09-11 15:01 - 2012-09-11 15:01 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-09-17 11:46 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (gefilterd) =========
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
==================== Veilige Modus (gefilterd) ===================
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Bestandskoppeling (gefilterd) ===============
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
==================== Internet Explorer vertrouwde/beperkte toegang ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\100sexlinks.com -> 100sexlinks.com
Er zijn 4788 Meer websites.
==================== Hosts inhoud: ===============================
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Andere gebieden ============================
(Momenteel is er geen automatische fix voor dit onderdeel.)
DNS Servers: 192.168.2.254 - 213.75.63.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
(Momenteel is er geen automatische fix voor dit onderdeel.)
HKLM\...\StartupApproved\Run32: => "RemoteControl10"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKLM\...\StartupApproved\Run32: => "Avira System Speedup User Starter"
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\StartupApproved\StartupFolder: => "Verzenden naar OneNote.lnk"
HKU\S-1-5-21-430592883-1932623849-3212149148-1001\...\StartupApproved\Run: => "Advanced SystemCare 8"
==================== Firewall regels (gefilterd) ===============
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{8F742722-EB63-4B60-8280-435B83C49A8F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{CACDB418-5466-44CB-97EB-234638B11E8D}] => (Allow) LPort=2869
FirewallRules: [{08DF9207-336B-4D4F-B1FD-122BC45D324B}] => (Allow) LPort=1900
FirewallRules: [{335A01C2-4E5C-4590-ABD4-C580CCC78910}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{D7E85E7C-35CC-4343-BCFE-727DDE6B41AA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{C1A23934-3870-4642-92A5-5BD469B03CE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{0F72D744-ECCA-48FA-8CE3-28CEE2C03367}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Herstelpunten =========================
31-10-2015 18:52:34 Windows Update
30-06-2016 01:23:46 Windows Update
30-06-2016 10:40:16 Avira System Speedup optimalisatie
==================== Defecte Apparaatbeheer Apparaten =============
==================== Eventlog fouten: =========================
Applicatiefouten:
==================
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:57:07 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:55:42 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Error: (06/30/2016 10:52:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Het registerbestand voor klassen kan niet worden geladen.
Detail - De configuratieregisterdatabase is beschadigd.
Error: (06/30/2016 10:52:06 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Het register kan niet worden geladen. Dit probleem wordt vaak veroorzaakt door onvoldoende geheugen of onvoldoende beveiligingsrechten.
DETAIL - De configuratieregisterdatabase is beschadigd.
voor C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\\UsrClass.dat
Systeemfouten:
=============
Error: (06/30/2016 03:33:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Windows Installer-service kan vanwege de volgende fout niet worden gestart:
%%1053 = De service heeft de start- of stuuropdracht niet op juiste wijze beantwoord.
Error: (06/30/2016 03:33:50 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Windows Installer.
Error: (06/30/2016 02:20:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De RBClientService-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 15000 milliseconden worden uitgevoerd: Service opnieuw starten.
Error: (06/30/2016 02:19:59 AM) (Source: DCOM) (EventID: 10016) (User: ASUS-PC)
Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ASUS-PCGebruikerS-1-5-21-430592883-1932623849-3212149148-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar
Error: (06/30/2016 02:19:59 AM) (Source: DCOM) (EventID: 10016) (User: ASUS-PC)
Description: toepassingsspecifiekLokaalStarten{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}ASUS-PCGebruikerS-1-5-21-430592883-1932623849-3212149148-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar
Error: (06/30/2016 02:17:03 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:16:50 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:37 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:24 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
Error: (06/30/2016 02:15:17 AM) (Source: DCOM) (EventID: 10005) (User: ASUS-PC)
Description: 1084ShellHWDetectionNiet beschikbaar{DD522ACC-F821-461A-A407-50B198B896DC}
==================== Geheugen info ===========================
Processor: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz
Percentage geheugen in gebruik: 29%
Totaal fysiek RAM-geheugen: 3981.67 MB
Beschikbaar fysiek RAM-geheugen: 2814.73 MB
Totaal Virtueel geheugen: 6137.18 MB
Beschikbaar Virtual geheugen: 4190.32 MB
==================== Schijven ================================
Drive c: (OS) (Fixed) (Total:279.01 GB) (Free:122.01 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]
Drive d: (Data) (Fixed) (Total:398.07 GB) (Free:397.91 GB) NTFS
==================== MBR & Partitietabel ==================
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 0FE4DC0A)
Partition: GPT.
==================== Eind van Addition.txt ============================