• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

[Opgelost] Laptop hl traag

Status
Niet open voor verdere reacties.

Wildchild_Laiho

Gevestigd lid
Lid geworden
12 mrt 2008
Berichten
439
Waarderingsscore
1
Hallo,

Naar aanleiding van het feit dat de laptop van mijn nicht extreem traag werkte toen ik daar iets op wou proberen heb ik besloten deze eens op te schonen. Het duurde echt minuten lang om een bepaald venster te openen dus deze had dringend een poetsbeurt nodig dacht ik. Je kon niet meer normaal werken op deze laptop. Intussen heeft ze wel zelf al een hele boel zaken van haar laptop verwijderd alvorens ze deze aan mij gaf en lijkt het allemaal toch alweer iets vlotter te lopen. Misschien heeft ze zelfs de hulp van iemand anders ingeschakeld maar daar ben ik niet van op de hoogte. De laptop loopt alleszins weer verdacht goed. Toen ik ging kijken bij de genstalleerde programma's zag ik echter wel dat er - zoals u in onderstaande foto kan zien - nog maar 10 onderdelen genstalleerd zijn op deze laptop waarvan de grote meerderheid op 3 en 4 augustus. Dit is geen nieuwe laptop overigens & Ik weet niet of het normaal is dat hier maar zo weinig onderdelen staan... Als ik naar m'n eigen laptop kijk zie ik daar (bij configuratie-instellingen --> programma's en onderdelen) echt een hele lijst van tientallen genstalleerde onderdelen staan. Maar bon, ik weet niet of jullie iets met deze informatie zijn maar dacht "ik vermeld het toch even".



Verder zag ik ook dat ze BitLord op genstalleerd heeft. Uit nieuwsgierigheid ben ik eens gaan googlen wat dit programma doet en ik vind redelijk wat webpagina's terug waarop beweerd wordt dat dit programma malware bevat en best vermeden wordt. Ik heb zonet de laptop uitgebreid gescand met windows defender en deze heeft geen schadelijke bestanden gevonden. Ik heb BitLord voorlopig nog op de laptop laten staan omdat ik niet weet wat ik er best mee doe.

Dus omdat het grootste probleem van de trage laptop al opgelost is is deze forumpost enkel bedoeld om het geheel nog eens na te kijken om te weten te komen wat ik best met BitLord doe en of er verder nog andere zaken zijn die ervoor kunnen zorgen dat ik deze laptop nog meer kan opschonen. Ziehier de logjes:

FRST-logje
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 28-08-2016
Gestart door vanro (Beheerder) op DESKTOP-JONDQHA (29-08-2016 16:21:10)
Gestart vanaf C:\Users\vanro\Desktop
Geladen Profielen: vanro (Beschikbare Profielen: vanro)
Platform: Windows 10 Home Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184 2015-09-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-05] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3800281865-630423061-795813576-1002\...\RunOnce: [Uninstall C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3800281865-630423061-795813576-1002\...\RunOnce: [Uninstall C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
Startup: C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-08-12]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe ()

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.130.2 195.130.131.2
Tcpip\..\Interfaces\{4dc0d72b-7d43-40da-b530-14e972f11cf7}: [DhcpNameServer] 195.130.130.2 195.130.131.2

Internet Explorer:
==================

FireFox:
========

Addition-logje
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 28-08-2016
Gestart door vanro (29-08-2016 16:21:44)
Gestart vanaf C:\Users\vanro\Desktop
Windows 10 Home Versie 1511 (X64) (2016-08-03 13:53:53)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3800281865-630423061-795813576-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3800281865-630423061-795813576-503 - Limited - Disabled)
Gast (S-1-5-21-3800281865-630423061-795813576-501 - Limited - Disabled)
vanro (S-1-5-21-3800281865-630423061-795813576-1002 - Administrator - Enabled) => C:\Users\vanro

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Genstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.4-308 - House of Life)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MyPC Backup 1.0.0 (HKLM\...\MyPC Backup) (Version: 1.0.0 - MyPC Backup) <==== AANDACHT
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3800281865-630423061-795813576-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {2CC0F982-82BB-4E30-9C25-C1BF6C571AA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {419A89BF-A69F-4F7C-B5CD-8C03A8E2B71E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {D7D44646-7333-4420-9230-C0B75F09FE92} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {E721EA9E-EF90-4A4D-A6A5-E5BE4109CE5E} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2016-03-14] () <==== AANDACHT
Task: {E946E98A-3E40-49C9-A110-F5E9E228916F} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

==================== Geladen Modules (gefilterd) ==============

2016-08-12 13:13 - 2016-03-14 19:05 - 00049152 _____ () C:\Program Files (x86)\MyPC Backup\BackupStack.exe
2016-08-12 13:13 - 2016-03-14 19:05 - 01468928 _____ () C:\Program Files (x86)\MyPC Backup\Shared Stack.dll
2016-08-12 13:13 - 2016-03-14 18:54 - 00193536 _____ () C:\Program Files (x86)\MyPC Backup\MPCBClient.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2016-08-12 13:13 - 2016-03-14 18:54 - 00044544 _____ () C:\Program Files (x86)\MyPC Backup\UIKit.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00236032 _____ () C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-12 23:49 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-03 15:59 - 2016-08-03 15:59 - 00959168 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-12 23:49 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-28 16:22 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:51 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-15 23:24 - 2016-08-15 23:24 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-15 23:24 - 2016-08-15 23:24 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-03 18:39 - 2016-08-03 18:39 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-03 18:33 - 2016-08-03 18:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-03 18:35 - 2016-08-03 18:36 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00741376 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2016-07-12 23:49 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:49 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:49 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:49 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-08-23 10:32 - 2016-08-23 10:32 - 01383616 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-23 10:32 - 2016-08-23 10:32 - 00118976 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00013312 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00389632 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00079872 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01153536 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00081422 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00107520 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00583168 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00198144 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 58528217 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01113088 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00150016 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00699392 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00150016 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00401920 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00160768 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00123904 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01133568 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 152290307 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\App.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 28078543 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01081856 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\iconv_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00379904 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 04493240 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 02121656 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:10 - 2015-10-30 20:10 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:10 - 2015-10-30 20:10 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2016-08-03 14:40 - 2016-08-03 14:38 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-3800281865-630423061-795813576-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\vanro\OneDrive\Afbeeldingen\2016\vriendinnetjes\13883905_536858896514746_1638966924_n.jpg
DNS Servers: 195.130.130.2 - 195.130.131.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)


==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4D90DCFA-C21D-4646-9D01-B831B7D14991}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{B0F77285-D7D8-454A-A84D-97520C59B972}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{006CE940-6D87-4402-9CC9-D43C34254E5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

17-08-2016 22:32:57 Windows Update

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (08/29/2016 04:19:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma MyPC Backup.exe, versie 1.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm.

Proces-id: 10dc

Starttijd: 01d1fd18ca3839e5

Eindtijd: 4294967295

Toepassingspad: C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

Rapport-id: 924ba8f8-6df3-11e6-83a8-00266c14a37f

Volledige pakketnaam met fout:

Relatieve toepassings-id van pakket met fout:

Error: (08/29/2016 02:44:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.BingWeather_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/23/2016 10:37:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.WindowsMaps_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/19/2016 03:31:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/18/2016 11:09:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147024865. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.


Systeemfouten:
=============
Error: (08/22/2016 06:47:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JONDQHA)
Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Host synchroniseren_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/19/2016 03:31:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JONDQHA)
Description: De server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (08/18/2016 11:09:08 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-JONDQHA)
Description: Kan DCOM Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding
"31"
is opgetreden bij het uitvoeren van de opdracht
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (08/18/2016 11:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.

Error: (08/17/2016 10:44:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_41fe0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/17/2016 10:44:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_41fe0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.


CodeIntegrity:
===================================
Date: 2016-08-18 23:05:33.477
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-12 13:15:35.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-12 13:14:50.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-10 12:47:53.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-09 22:43:22.903
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 21:34:43.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 00:40:52.822
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage geheugen in gebruik: 35%
Totaal fysiek RAM-geheugen: 6106.8 MB
Beschikbaar fysiek RAM-geheugen: 3931.75 MB
Totaal Virtueel geheugen: 7130.8 MB
Beschikbaar Virtual geheugen: 4585.36 MB

==================== Schijven ================================

Drive c: (TI30886900A) (Fixed) (Total:447.63 GB) (Free:416.55 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 2B729CAD)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=447.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=810 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.9 GB) - (Type=17)

==================== Eind van Addition.txt ============================

Alvast bedankt voor jullie tijd :)
 
Re: Laptop hl traag

Als jij wil dat ik help - dan wel graag de gehele logs posten en niet een stukje daaruit.
Dus graag nogmaals.
 
Re: Laptop hl traag

FRST-logje
Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 28-08-2016
Gestart door vanro (Beheerder) op DESKTOP-JONDQHA (29-08-2016 16:21:10)
Gestart vanaf C:\Users\vanro\Desktop
Geladen Profielen: vanro (Beschikbare Profielen: vanro)
Platform: Windows 10 Home Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
() C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Mobile.exe
() C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Money.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft) C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Msn.Weather.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_3.6.23941.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184 2015-09-09] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-05] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3800281865-630423061-795813576-1002\...\RunOnce: [Uninstall C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3800281865-630423061-795813576-1002\...\RunOnce: [Uninstall C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509"
Startup: C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk [2016-08-12]
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe ()

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)

Tcpip\Parameters: [DhcpNameServer] 195.130.130.2 195.130.131.2
Tcpip\..\Interfaces\{4dc0d72b-7d43-40da-b530-14e972f11cf7}: [DhcpNameServer] 195.130.130.2 195.130.131.2

Internet Explorer:
==================

FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-03] (Google Inc.)

Chrome:
=======
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Presentaties) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-03]
CHR Extension: (Google Documenten) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-03]
CHR Extension: (Google Drive) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-03]
CHR Extension: (YouTube) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-03]
CHR Extension: (Google Spreadsheets) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-03]
CHR Extension: (Offline Documenten) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-03]
CHR Extension: (Search Manager) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakgmokehmecofodopaddfhdblmjnod [2016-08-03]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-03]
CHR Extension: (Gmail) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-03]
CHR Extension: (Chrome Media Router) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-29]

==================== Services (gefilterd) ========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [49152 2016-03-14] () [Bestand niet getekend] <==== AANDACHT
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472 2015-09-09] (Synaptics Incorporated)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [511488 2015-10-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)
S2 RtkAudioService; "C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" [X]

===================== Drivers (gefilterd) ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 athr; C:\Windows\System32\drivers\athw10x.sys [4342936 2015-12-10] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-05-28] (Advanced Micro Devices)
S3 dg_ssudbus; C:\Windows\System32\drivers\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [433912 2016-07-13] (Realsil Semiconductor Corporation)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [42184 2015-09-09] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [42696 2015-09-09] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-08-01] (Toshiba Corporation)
S3 tosdbt; C:\Windows\System32\drivers\tosdbt.sys [57344 2007-01-15] (TOSHIBA Corporation)
S3 toshidpt; C:\Windows\system32\drivers\Toshidpt.sys [10232 2012-08-01] (TOSHIBA Corporation.)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een Maand Aangemaakt bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-29 16:21 - 2016-08-29 16:21 - 00008903 _____ C:\Users\vanro\Desktop\FRST.txt
2016-08-29 16:20 - 2016-08-29 16:21 - 00000000 ____D C:\FRST
2016-08-29 15:04 - 2016-08-29 16:20 - 02396672 _____ (Farbar) C:\Users\vanro\Desktop\FRST64.exe
2016-08-29 14:49 - 2016-08-29 14:49 - 00000017 _____ C:\Users\vanro\AppData\Local\resmon.resmoncfg
2016-08-23 10:33 - 2016-08-23 10:33 - 00003342 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2016-08-23 10:32 - 2016-08-23 10:32 - 00000000 ___HD C:\OneDriveTemp
2016-08-23 10:32 - 2016-08-23 10:32 - 00000000 ____D C:\Users\vanro\AppData\Roaming\Skype
2016-08-17 15:12 - 2016-08-03 12:30 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-08-17 15:12 - 2016-08-03 12:23 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-08-17 15:12 - 2016-08-03 12:21 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-08-17 15:12 - 2016-08-03 12:21 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-08-17 15:12 - 2016-08-03 12:13 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-08-17 15:12 - 2016-08-03 12:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-08-17 15:12 - 2016-08-03 12:13 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-08-17 15:12 - 2016-08-03 11:46 - 22384128 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-08-17 15:12 - 2016-08-03 11:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-08-17 15:12 - 2016-08-03 11:41 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-08-17 15:12 - 2016-08-03 11:40 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-08-17 15:12 - 2016-08-03 11:35 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-08-17 15:12 - 2016-08-03 11:31 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-08-17 15:12 - 2016-08-03 11:30 - 24613888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-08-17 15:12 - 2016-08-03 11:30 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-08-17 15:12 - 2016-08-03 11:29 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-08-17 15:12 - 2016-08-03 11:29 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-08-17 15:12 - 2016-08-03 11:20 - 13390336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-08-17 15:12 - 2016-08-03 11:18 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-08-17 15:12 - 2016-08-03 11:18 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-08-17 15:12 - 2016-08-03 11:17 - 02175488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-08-17 15:12 - 2016-08-03 11:14 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-08-17 15:12 - 2016-08-03 11:13 - 03025920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-08-17 15:12 - 2016-08-03 11:13 - 02280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-08-17 15:12 - 2016-08-03 07:34 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-08-17 15:12 - 2016-08-03 07:31 - 02921368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-08-17 15:12 - 2016-08-03 07:30 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-08-17 15:12 - 2016-08-03 07:30 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-08-17 15:12 - 2016-08-03 07:30 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-08-17 15:12 - 2016-08-03 06:39 - 19351040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-08-17 15:12 - 2016-08-03 06:37 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-08-17 15:12 - 2016-08-03 06:34 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-08-17 15:12 - 2016-08-03 06:29 - 12133376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-08-17 15:12 - 2016-08-03 06:28 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-08-17 15:12 - 2016-08-03 06:22 - 02501120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-08-17 15:12 - 2016-08-03 06:22 - 01502208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-08-17 15:11 - 2016-08-03 13:14 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-08-17 15:11 - 2016-08-03 13:14 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-08-17 15:11 - 2016-08-03 13:14 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-08-17 15:11 - 2016-08-03 12:36 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-08-17 15:11 - 2016-08-03 12:36 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-08-17 15:11 - 2016-08-03 12:36 - 00037744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-08-17 15:11 - 2016-08-03 12:23 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-08-17 15:11 - 2016-08-03 12:22 - 01322760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-08-17 15:11 - 2016-08-03 12:22 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-08-17 15:11 - 2016-08-03 12:22 - 00465248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-08-17 15:11 - 2016-08-03 12:22 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-08-17 15:11 - 2016-08-03 12:22 - 00058408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-08-17 15:11 - 2016-08-03 12:21 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-08-17 15:11 - 2016-08-03 12:21 - 00566112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-08-17 15:11 - 2016-08-03 12:20 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-08-17 15:11 - 2016-08-03 12:20 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-08-17 15:11 - 2016-08-03 12:19 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-08-17 15:11 - 2016-08-03 12:19 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-08-17 15:11 - 2016-08-03 12:11 - 00422744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-08-17 15:11 - 2016-08-03 11:51 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-08-17 15:11 - 2016-08-03 11:51 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-08-17 15:11 - 2016-08-03 11:44 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-08-17 15:11 - 2016-08-03 11:44 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-08-17 15:11 - 2016-08-03 11:43 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-08-17 15:11 - 2016-08-03 11:41 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-08-17 15:11 - 2016-08-03 11:41 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-08-17 15:11 - 2016-08-03 11:41 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-08-17 15:11 - 2016-08-03 11:40 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-08-17 15:11 - 2016-08-03 11:40 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2016-08-17 15:11 - 2016-08-03 11:40 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-08-17 15:11 - 2016-08-03 11:40 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-08-17 15:11 - 2016-08-03 11:39 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-08-17 15:11 - 2016-08-03 11:39 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-08-17 15:11 - 2016-08-03 11:38 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-08-17 15:11 - 2016-08-03 11:38 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-08-17 15:11 - 2016-08-03 11:37 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-08-17 15:11 - 2016-08-03 11:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-08-17 15:11 - 2016-08-03 11:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-08-17 15:11 - 2016-08-03 11:36 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-08-17 15:11 - 2016-08-03 11:35 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-08-17 15:11 - 2016-08-03 11:34 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-08-17 15:11 - 2016-08-03 11:33 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-08-17 15:11 - 2016-08-03 11:33 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-08-17 15:11 - 2016-08-03 11:31 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-08-17 15:11 - 2016-08-03 11:31 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2016-08-17 15:11 - 2016-08-03 11:30 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-08-17 15:11 - 2016-08-03 11:29 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-08-17 15:11 - 2016-08-03 11:29 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-08-17 15:11 - 2016-08-03 11:29 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-08-17 15:11 - 2016-08-03 11:29 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-08-17 15:11 - 2016-08-03 11:29 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-08-17 15:11 - 2016-08-03 11:28 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-08-17 15:11 - 2016-08-03 11:28 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-08-17 15:11 - 2016-08-03 11:28 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-08-17 15:11 - 2016-08-03 11:27 - 07536640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-08-17 15:11 - 2016-08-03 11:27 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-08-17 15:11 - 2016-08-03 11:27 - 01717760 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-08-17 15:11 - 2016-08-03 11:27 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-08-17 15:11 - 2016-08-03 11:18 - 06974464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-08-17 15:11 - 2016-08-03 11:16 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-08-17 15:11 - 2016-08-03 11:16 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-08-17 15:11 - 2016-08-03 11:16 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-08-17 15:11 - 2016-08-03 11:16 - 01732096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-08-17 15:11 - 2016-08-03 11:15 - 07833088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-08-17 15:11 - 2016-08-03 11:14 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-08-17 15:11 - 2016-08-03 11:12 - 02746368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-08-17 15:11 - 2016-08-03 11:11 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-08-17 15:11 - 2016-08-03 07:52 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-08-17 15:11 - 2016-08-03 07:34 - 00501592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-08-17 15:11 - 2016-08-03 07:33 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-08-17 15:11 - 2016-08-03 07:31 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-08-17 15:11 - 2016-08-03 07:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-08-17 15:11 - 2016-08-03 06:57 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-08-17 15:11 - 2016-08-03 06:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-08-17 15:11 - 2016-08-03 06:47 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-08-17 15:11 - 2016-08-03 06:44 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-08-17 15:11 - 2016-08-03 06:44 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-08-17 15:11 - 2016-08-03 06:42 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-08-17 15:11 - 2016-08-03 06:40 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-08-17 15:11 - 2016-08-03 06:37 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-08-17 15:11 - 2016-08-03 06:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-08-17 15:11 - 2016-08-03 06:35 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2016-08-17 15:11 - 2016-08-03 06:34 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-08-17 15:11 - 2016-08-03 06:33 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-08-17 15:11 - 2016-08-03 06:33 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-08-17 15:11 - 2016-08-03 06:33 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-08-17 15:11 - 2016-08-03 06:32 - 12585984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-08-17 15:11 - 2016-08-03 06:32 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-08-17 15:11 - 2016-08-03 06:32 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-08-17 15:11 - 2016-08-03 06:32 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-08-17 15:11 - 2016-08-03 06:31 - 06743040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-08-17 15:11 - 2016-08-03 06:31 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-08-17 15:11 - 2016-08-03 06:25 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-08-17 15:11 - 2016-08-03 06:25 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-08-17 15:11 - 2016-08-03 06:23 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-08-17 15:11 - 2016-08-03 06:23 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-08-17 15:11 - 2016-08-03 06:21 - 01708032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-08-17 15:11 - 2016-08-03 06:19 - 02180096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-08-17 10:14 - 2016-08-17 10:14 - 00000000 __SHD C:\found.000
2016-08-13 22:29 - 2016-08-13 22:40 - 00000000 ____D C:\Users\vanro\Downloads\Step Up All In (2014) [1080p]
2016-08-13 21:50 - 2016-08-13 22:50 - 00000000 ____D C:\Users\vanro\Downloads\Step Up Revolution (2012) [1080p]
2016-08-13 13:08 - 2016-08-14 04:15 - 00000000 ____D C:\Users\vanro\Downloads\Step Up (2006) 1080p x264 DD5.1 EN NL Subs [Asian Torrenz]
2016-08-13 13:06 - 2016-08-13 13:20 - 00000000 ____D C:\Users\vanro\Downloads\Step Up 3D (2010)
2016-08-13 13:03 - 2016-08-13 13:35 - 00000000 ____D C:\Users\vanro\Downloads\Furious 6 (2013) [1080p]
2016-08-12 23:25 - 2016-08-13 13:12 - 00000000 ____D C:\Users\vanro\Downloads\Step Up 2 The Streets (2008) 1080p x264 DD5.1 EN NL Subs [Asian Torrenz]
2016-08-12 23:02 - 2016-08-13 13:09 - 00000000 ____D C:\Users\vanro\Downloads\Los.Bandoleros.2009.DVDRip.XviD-WBZ
2016-08-12 20:14 - 2016-08-13 13:07 - 00000000 ____D C:\Users\vanro\Downloads\Fast and Furious (2009) [1080p]
2016-08-12 18:13 - 2016-08-12 19:43 - 00000000 ____D C:\Users\vanro\Downloads\The Fast and the Furious (2001) [1080p]
2016-08-12 13:14 - 2016-08-12 13:14 - 00004124 _____ C:\WINDOWS\System32\Tasks\LaunchApp
2016-08-12 13:13 - 2016-08-17 14:39 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2016-08-12 13:13 - 2016-08-12 13:13 - 00002049 _____ C:\Users\vanro\Desktop\Sync Folder.lnk
2016-08-12 13:13 - 2016-08-12 13:13 - 00000000 ____D C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2016-08-07 11:33 - 2016-08-07 11:33 - 00000000 ____D C:\Users\vanro\AppData\LocalLow\Temp
2016-08-05 14:26 - 2016-08-05 14:26 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-08-05 13:46 - 2016-08-12 19:04 - 00000000 ____D C:\Users\vanro\Downloads\The.Fault.In.Our.Stars.2014.DVDRip.x264-COCAIN[et]
2016-08-05 13:28 - 2016-08-05 13:28 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-08-04 00:51 - 2016-07-01 07:05 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2016-08-04 00:50 - 2016-08-04 00:50 - 00000000 ____D C:\ProgramData\USOShared
2016-08-04 00:49 - 2016-08-18 23:04 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\Users\All Users
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\ProgramData\Sjablonen
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programma's
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\ProgramData\Menu Start
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\ProgramData\Documenten
2016-08-04 00:49 - 2016-08-04 00:49 - 00000000 _SHDL C:\ProgramData\Bureaublad
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\Sjablonen
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\Netwerkprinteromgeving
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\Mijn documenten
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\Menu Start
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default\AppData\Local\Geschiedenis
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Geschiedenis
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Users\Default User
2016-08-04 00:48 - 2016-08-04 00:48 - 00000000 _SHDL C:\Documents and Settings
2016-08-04 00:44 - 2016-08-04 00:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-08-04 00:43 - 2016-08-04 00:43 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2016-08-04 00:43 - 2016-08-04 00:43 - 00000000 ____D C:\Program Files\ATI Technologies
2016-08-04 00:43 - 2016-08-04 00:43 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2016-08-04 00:43 - 2016-08-03 20:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\Program Files\Realtek
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\Program Files\Common Files\Atheros
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\Program Files\AMD
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 ____D C:\AMD
2016-08-04 00:42 - 2016-08-04 00:42 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-08-04 00:38 - 2016-08-09 22:41 - 00194288 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-08-04 00:38 - 2016-08-04 00:38 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2016-08-03 20:44 - 2016-08-12 16:05 - 00001945 _____ C:\Users\vanro\Desktop\BitLord.lnk
2016-08-03 20:44 - 2016-08-08 23:31 - 00000000 ____D C:\Users\vanro\AppData\Roaming\BitLord
2016-08-03 20:44 - 2016-08-03 20:45 - 00001216 _____ C:\Users\vanro\Desktop\Doorgaan met de installatie van BitLord.lnk
2016-08-03 20:44 - 2016-08-03 20:44 - 01015384 _____ (Larecakog ) C:\Users\vanro\Downloads\BitlordSetup (1).exe
2016-08-03 20:44 - 2016-08-03 20:44 - 00000000 ____D C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
2016-08-03 20:44 - 2016-08-03 20:44 - 00000000 ____D C:\Users\vanro\AppData\Local\BitLord
2016-08-03 20:44 - 2016-08-03 20:44 - 00000000 ____D C:\Users\vanro\AppData\Local\AMD
2016-08-03 20:44 - 2016-08-03 20:44 - 00000000 ____D C:\Users\vanro\.QtWebEngineProcess
2016-08-03 20:44 - 2016-08-03 20:44 - 00000000 ____D C:\Users\vanro\.BitLord
2016-08-03 20:43 - 2016-08-03 20:44 - 00000000 ____D C:\Program Files (x86)\BitLord
2016-08-03 20:43 - 2016-08-03 20:43 - 00000000 ____D C:\Users\vanro\OneDrive\Documenten\BitLord
2016-08-03 20:42 - 2016-08-12 13:13 - 00001149 _____ C:\Users\vanro\Desktop\MyPC Backup.lnk
2016-08-03 20:42 - 2016-08-03 20:42 - 00004106 _____ C:\WINDOWS\System32\Tasks\LaunchPreSignup
2016-08-03 20:39 - 2016-08-03 20:40 - 01015384 _____ (Larecakog ) C:\Users\vanro\Downloads\BitlordSetup.exe
2016-08-03 19:47 - 2016-08-03 19:47 - 00001320 _____ C:\Users\vanro\Desktop\Facebook.lnk
2016-08-03 19:19 - 2016-08-03 21:34 - 00000120 ____R C:\Users\vanro\OneDrive\Documenten\Notitieblok van Melissa.url
2016-08-03 19:03 - 2016-08-08 23:13 - 00002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-03 19:03 - 2016-08-08 23:13 - 00002291 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-03 19:01 - 2016-08-29 16:12 - 00001096 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-03 19:01 - 2016-08-23 10:31 - 00001092 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-03 19:01 - 2016-08-03 21:35 - 00000000 ____D C:\Users\vanro\AppData\Local\Google
2016-08-03 19:01 - 2016-08-03 19:07 - 00004154 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-03 19:01 - 2016-08-03 19:07 - 00003922 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-03 19:01 - 2016-08-03 19:03 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-03 18:28 - 2016-08-03 19:00 - 00987728 _____ (Google Inc.) C:\Users\vanro\Downloads\ChromeSetup.exe
2016-08-03 18:27 - 2016-08-03 18:27 - 00001420 _____ C:\Users\vanro\Desktop\Twitter.lnk
2016-08-03 18:26 - 2016-07-27 21:25 - 00504488 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-08-03 18:23 - 2016-08-17 22:36 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-03 18:23 - 2016-08-17 22:33 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-03 18:09 - 2016-08-03 18:09 - 00000000 ____D C:\Users\vanro\AppData\Roaming\Macromedia
2016-08-03 17:41 - 2016-08-03 17:44 - 00000000 ____D C:\Users\vanro\AppData\Local\MicrosoftEdge
2016-08-03 17:40 - 2016-08-03 17:40 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-08-03 16:37 - 2016-08-03 16:37 - 00000000 _____ C:\Recovery.txt
2016-08-03 15:59 - 2016-08-03 15:59 - 00000000 ____D C:\Users\vanro\AppData\Local\NetworkTiles
2016-08-03 15:59 - 2014-10-20 18:40 - 00027797 _____ C:\Users\vanro\OneDrive\Documenten\Presentatie.pptx
2016-08-03 15:58 - 2016-08-23 10:33 - 00002394 _____ C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-08-03 15:58 - 2016-08-23 10:33 - 00000000 ___RD C:\Users\vanro\OneDrive
2016-08-03 15:58 - 2016-08-03 18:21 - 00000000 ____D C:\Users\vanro\AppData\Local\Comms
2016-08-03 15:58 - 2016-08-03 15:58 - 00000000 ____D C:\Users\vanro\AppData\Roaming\ATI
2016-08-03 15:58 - 2016-08-03 15:58 - 00000000 ____D C:\Users\vanro\AppData\Local\ATI
2016-08-03 15:58 - 2016-08-03 15:58 - 00000000 ____D C:\Users\vanro\AppData\Local\ActiveSync
2016-08-03 15:58 - 2016-08-03 15:58 - 00000000 ____D C:\ProgramData\ATI
2016-08-03 15:57 - 2016-08-03 15:57 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-08-03 15:56 - 2016-08-18 23:06 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-08-03 15:56 - 2016-08-14 15:47 - 00000000 ____D C:\Users\vanro\AppData\Local\PackageStaging
2016-08-03 15:56 - 2016-08-14 15:47 - 00000000 ____D C:\Users\vanro\AppData\Local\Packages
2016-08-03 15:56 - 2016-08-03 15:56 - 00000000 ____D C:\Users\vanro\AppData\Roaming\Adobe
2016-08-03 15:56 - 2016-08-03 15:56 - 00000000 ____D C:\Users\vanro\AppData\Local\VirtualStore
2016-08-03 15:56 - 2016-08-03 15:56 - 00000000 ____D C:\Users\vanro\AppData\Local\TileDataLayer
2016-08-03 15:56 - 2016-08-03 15:56 - 00000000 ____D C:\Users\vanro\AppData\Local\Publishers
2016-08-03 15:55 - 2016-08-23 10:29 - 01847504 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-03 15:55 - 2016-08-17 14:36 - 00000000 ____D C:\Users\vanro
2016-08-03 15:55 - 2016-08-03 15:55 - 00000020 ___SH C:\Users\vanro\ntuser.ini
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\Sjablonen
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\Netwerkprinteromgeving
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\Mijn documenten
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\Menu Start
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2016-08-03 15:55 - 2016-08-03 15:55 - 00000000 _SHDL C:\Users\vanro\AppData\Local\Geschiedenis
2016-08-03 14:50 - 2016-08-03 15:57 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-08-03 14:50 - 2016-08-03 15:53 - 00000000 ___DC C:\WINDOWS\Panther
2016-08-03 14:50 - 2016-08-03 14:51 - 00000000 ____D C:\WINDOWS\InfusedApps
2016-08-03 14:50 - 2016-08-03 14:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2016-08-03 14:49 - 2016-08-03 14:49 - 00000000 ____D C:\Program Files\Synaptics
2016-08-03 14:48 - 2016-08-03 14:48 - 00000000 ____D C:\WINDOWS\Setup
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\WINDOWS\OCR
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\Program Files\Reference Assemblies
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\Program Files\MSBuild
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-08-03 14:45 - 2016-08-03 14:45 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-08-03 14:44 - 2016-08-23 10:29 - 00818858 _____ C:\WINDOWS\system32\perfh013.dat
2016-08-03 14:44 - 2016-08-23 10:29 - 00159472 _____ C:\WINDOWS\system32\perfc013.dat
2016-08-03 14:44 - 2016-08-03 14:44 - 00347468 _____ C:\WINDOWS\system32\perfi013.dat
2016-08-03 14:44 - 2016-08-03 14:44 - 00045378 _____ C:\WINDOWS\system32\perfd013.dat
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\nl
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\winrm
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\WCN
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\slmgr
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\nl
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\0409
2016-08-03 14:44 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\DigitalLocker
2016-08-03 14:41 - 2016-07-02 06:37 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-08-03 14:41 - 2016-07-02 06:37 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-08-03 14:40 - 2016-08-29 14:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-03 14:40 - 2016-08-29 14:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-03 14:40 - 2016-08-17 22:46 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-08-03 14:40 - 2016-08-17 22:46 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-08-03 14:40 - 2016-08-17 22:46 - 00000000 ____D C:\Program Files\Windows Journal
2016-08-03 14:40 - 2016-08-12 13:13 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-08-03 14:40 - 2016-08-12 13:10 - 00000000 ____D C:\WINDOWS\appcompat
2016-08-03 14:40 - 2016-08-10 12:49 - 00000000 ____D C:\WINDOWS\rescache
2016-08-03 14:40 - 2016-08-10 12:46 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-03 14:40 - 2016-08-09 22:38 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-08-03 14:40 - 2016-08-09 22:37 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 __RSD C:\WINDOWS\Media
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\WINDOWS\Provisioning
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files\Windows Defender
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-08-03 14:40 - 2016-08-09 22:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-08-03 14:40 - 2016-08-08 23:33 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-08-03 14:40 - 2016-08-04 09:49 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-08-03 14:40 - 2016-08-04 00:51 - 00000000 ____D C:\WINDOWS\system32\spool
2016-08-03 14:40 - 2016-08-04 00:51 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2016-08-03 14:40 - 2016-08-04 00:50 - 00000000 ____D C:\ProgramData\USOPrivate
2016-08-03 14:40 - 2016-08-04 00:49 - 00000000 ____D C:\Program Files\Windows NT
2016-08-03 14:40 - 2016-08-04 00:47 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-08-03 14:40 - 2016-08-03 16:37 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2016-08-03 14:40 - 2016-08-03 15:56 - 00000000 ___RD C:\WINDOWS\MiracastView
2016-08-03 14:40 - 2016-08-03 15:55 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2016-08-03 14:40 - 2016-08-03 14:45 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2016-08-03 14:40 - 2016-08-03 14:45 - 00000000 ____D C:\WINDOWS\system32\MUI
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ___SD C:\WINDOWS\system32\dsc
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\setup
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\system32\Com
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\IME
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\Help
2016-08-03 14:40 - 2016-08-03 14:44 - 00000000 ____D C:\Program Files\Common Files\System
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 __SHD C:\Program Files\Windows Sidebar
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 __RHD C:\Users\Public\Libraries
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___SD C:\WINDOWS\system32\Nui
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Web
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Vss
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\tracing
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\TAPI
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SystemResources
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SystemApps
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\winevt
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\ras
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\IME
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\icsxml
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\ias
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\GroupPolicy
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\downlevel
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\System
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SKB
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\ShellNew
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\security
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\schemas
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\SchCache
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Resources
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Registration
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\PLA
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Performance
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\ModemLogs
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\L2Schemas
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\InputMethod
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Globalization
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Cursors
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\Branding
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\addins
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\ProgramData\Comms
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\Program Files\Common Files\Services
2016-08-03 14:40 - 2016-08-03 14:40 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-08-03 14:40 - 2016-08-03 14:38 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2016-08-03 14:40 - 2016-08-03 14:38 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2016-08-03 14:40 - 2016-08-03 14:38 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2016-08-03 14:40 - 2016-08-03 14:38 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2016-08-03 14:40 - 2016-08-03 14:38 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2016-08-03 14:40 - 2016-08-03 14:38 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2016-08-03 14:40 - 2016-08-03 14:38 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2016-08-03 14:40 - 2016-08-03 14:38 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2016-08-03 14:40 - 2016-08-03 14:38 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2016-08-03 14:40 - 2016-08-03 14:38 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2016-08-03 14:40 - 2016-08-03 14:38 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2016-08-03 14:40 - 2016-08-03 14:38 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2016-08-03 14:40 - 2016-08-03 14:38 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2016-08-03 14:40 - 2016-08-03 14:38 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2016-08-03 14:40 - 2016-08-03 14:38 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2016-08-03 14:40 - 2016-08-03 14:37 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2016-08-03 14:40 - 2016-08-03 14:37 - 00000219 _____ C:\WINDOWS\system.ini
2016-08-03 14:40 - 2016-08-03 14:37 - 00000092 _____ C:\WINDOWS\win.ini
2016-08-03 14:38 - 2016-08-23 10:29 - 00000000 ____D C:\WINDOWS\INF
2016-08-03 14:31 - 2016-08-17 22:32 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-03 14:22 - 2016-08-18 23:02 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-03 14:22 - 2016-08-04 00:50 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-03 14:22 - 2016-08-03 14:44 - 00000000 ____D C:\WINDOWS\servicing
2016-08-03 14:22 - 2016-08-03 14:40 - 00000000 ____D C:\WINDOWS\system32\SMI
2016-08-03 14:22 - 2015-10-30 08:33 - 00000164 _____ C:\WINDOWS\system32\config\FP

==================== Een Maand Gewijzigd bestanden en mappen ========

(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)

2016-08-03 16:37 - 2015-09-11 09:49 - 00000000 ___HD C:\$SysReset

==================== Bestanden in de root van sommige mappen =======

2016-08-29 14:49 - 2016-08-29 14:49 - 0000017 _____ () C:\Users\vanro\AppData\Local\resmon.resmoncfg

Sommige bestanden in TEMP:
====================
C:\Users\vanro\AppData\Local\Temp\7za.exe
C:\Users\vanro\AppData\Local\Temp\ICReinstall_BitlordSetup (1).exe
C:\Users\vanro\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap =================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend


LastRegBack: 2016-08-29 15:59

==================== Eind van FRST.txt ============================


Addition-logje
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 28-08-2016
Gestart door vanro (29-08-2016 16:21:44)
Gestart vanaf C:\Users\vanro\Desktop
Windows 10 Home Versie 1511 (X64) (2016-08-03 13:53:53)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3800281865-630423061-795813576-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3800281865-630423061-795813576-503 - Limited - Disabled)
Gast (S-1-5-21-3800281865-630423061-795813576-501 - Limited - Disabled)
vanro (S-1-5-21-3800281865-630423061-795813576-1002 - Administrator - Enabled) => C:\Users\vanro

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Genstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)

AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.4-308 - House of Life)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MyPC Backup 1.0.0 (HKLM\...\MyPC Backup) (Version: 1.0.0 - MyPC Backup) <==== AANDACHT
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.16.3 - Synaptics Incorporated)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3800281865-630423061-795813576-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {2CC0F982-82BB-4E30-9C25-C1BF6C571AA2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {419A89BF-A69F-4F7C-B5CD-8C03A8E2B71E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-03] (Google Inc.)
Task: {D7D44646-7333-4420-9230-C0B75F09FE92} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {E721EA9E-EF90-4A4D-A6A5-E5BE4109CE5E} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2016-03-14] () <==== AANDACHT
Task: {E946E98A-3E40-49C9-A110-F5E9E228916F} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== AANDACHT

(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Snelkoppelingen =============================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

==================== Geladen Modules (gefilterd) ==============

2016-08-12 13:13 - 2016-03-14 19:05 - 00049152 _____ () C:\Program Files (x86)\MyPC Backup\BackupStack.exe
2016-08-12 13:13 - 2016-03-14 19:05 - 01468928 _____ () C:\Program Files (x86)\MyPC Backup\Shared Stack.dll
2016-08-12 13:13 - 2016-03-14 18:54 - 00193536 _____ () C:\Program Files (x86)\MyPC Backup\MPCBClient.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00270336 _____ () C:\Program Files (x86)\MyPC Backup\AlphaFS.dll
2016-08-12 13:13 - 2016-03-14 18:54 - 00044544 _____ () C:\Program Files (x86)\MyPC Backup\UIKit.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00060928 _____ () C:\Program Files (x86)\MyPC Backup\LinqBridge.dll
2016-08-12 13:13 - 2016-03-14 18:53 - 00236032 _____ () C:\Program Files (x86)\MyPC Backup\websocket-sharp.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-07-12 23:49 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-08-03 15:59 - 2016-08-03 15:59 - 00959168 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-07-12 23:49 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-02-28 16:22 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-12 23:51 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-15 23:24 - 2016-08-15 23:24 - 00017408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-08-15 23:24 - 2016-08-15 23:24 - 13475840 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-08-03 18:39 - 2016-08-03 18:39 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-08-03 18:33 - 2016-08-03 18:34 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.722.10060.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-08-03 18:35 - 2016-08-03 18:36 - 10256384 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11602.1.26.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00741376 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinUAPEntry.exe
2016-07-12 23:49 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-12 23:49 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-12 23:49 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-12 23:49 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00218456 _____ () c:\windows\system32\WerEtw.dll
2016-08-23 10:32 - 2016-08-23 10:32 - 01383616 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-08-23 10:32 - 2016-08-23 10:32 - 00118976 _____ () C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncViews.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-08-03 18:42 - 2016-08-03 18:43 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00013312 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WP8MSVCCommon.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00389632 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WP8MSVCBridge.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00079872 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinPhoneBridge_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01153536 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\System_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00081422 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\unwind_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00107520 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\pthreadVC_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00583168 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\CrossPortability_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00198144 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\system_malloc_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 58528217 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01113088 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\c++_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00150016 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\exif_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00699392 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\ffmpeg_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:19 - 00150016 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\z_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00401920 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\SystemResources_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00160768 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WinMediaFoundation_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00123904 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\EGL_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01133568 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\GLESv2_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 152290307 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\App.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 28078543 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebCore_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 01081856 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\iconv_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 00379904 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\OpenAL_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 04493240 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebKit_osmeta.dll
2016-08-18 23:13 - 2016-08-18 23:18 - 02121656 _____ () C:\Program Files\WindowsApps\Facebook.Facebook_62.557.41308.0_x86__8xx8rvfyw5nnt\WebKitLegacy_osmeta.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:10 - 2015-10-30 20:10 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingFinance_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 00958464 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\SQLite3Wrapper.dll
2015-10-30 20:10 - 2015-10-30 20:10 - 00645120 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Aria.ClientTelemetry.dll
2016-08-23 10:37 - 2016-08-23 10:37 - 03312024 _____ () C:\Program Files\WindowsApps\Microsoft.BingWeather_4.13.47.0_x86__8wekyb3d8bbwe\Microsoft.Advertising.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)


==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)


==================== Hosts inhoud: ===============================

(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)

2016-08-03 14:40 - 2016-08-03 14:38 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-3800281865-630423061-795813576-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\vanro\OneDrive\Afbeeldingen\2016\vriendinnetjes\13883905_536858896514746_1638966924_n.jpg
DNS Servers: 195.130.130.2 - 195.130.131.2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

(Momenteel is er geen automatische fix voor dit onderdeel.)


==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4D90DCFA-C21D-4646-9D01-B831B7D14991}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{B0F77285-D7D8-454A-A84D-97520C59B972}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
FirewallRules: [{006CE940-6D87-4402-9CC9-D43C34254E5C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Herstelpunten =========================

17-08-2016 22:32:57 Windows Update

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (08/29/2016 04:19:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Het programma MyPC Backup.exe, versie 1.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Beveiliging en onderhoud van het Configuratiescherm.

Proces-id: 10dc

Starttijd: 01d1fd18ca3839e5

Eindtijd: 4294967295

Toepassingspad: C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

Rapport-id: 924ba8f8-6df3-11e6-83a8-00266c14a37f

Volledige pakketnaam met fout:

Relatieve toepassings-id van pakket met fout:

Error: (08/29/2016 02:44:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.BingWeather_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/23/2016 10:37:55 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.WindowsMaps_8wekyb3d8bbwe!App is mislukt door de fout -2144927148. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/22/2016 06:45:31 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Fingersoft.HillClimbRacing_r6rtpscs7gwyg!App is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/19/2016 03:31:59 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (08/18/2016 11:09:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-JONDQHA)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI is mislukt door de fout -2147024865. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.


Systeemfouten:
=============
Error: (08/22/2016 06:47:25 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JONDQHA)
Description: De server {D63B10C5-BB46-4990-A94F-E40B9D520160} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/22/2016 06:47:19 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Host synchroniseren_6904c-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/19/2016 03:31:59 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-JONDQHA)
Description: De server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (08/18/2016 11:09:08 PM) (Source: DCOM) (EventID: 10001) (User: DESKTOP-JONDQHA)
Description: Kan DCOM Server CortanaUI.AppXtpp90jhw9p0njjb85kvhxpppgrqfp117.mca niet starten als Niet beschikbaar/Niet beschikbaar. Foutmelding
"31"
is opgetreden bij het uitvoeren van de opdracht
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca

Error: (08/18/2016 11:04:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De RtkAudioService-service kan vanwege de volgende fout niet worden gestart:
Het systeem kan het opgegeven bestand niet vinden.

Error: (08/17/2016 10:44:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_41fe0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.

Error: (08/17/2016 10:44:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_41fe0-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.


CodeIntegrity:
===================================
Date: 2016-08-18 23:05:33.477
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-12 13:15:35.354
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-12 13:14:50.444
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-10 12:47:53.594
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-09 22:43:22.903
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-03 21:34:43.923
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-08-04 00:40:52.822
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage geheugen in gebruik: 35%
Totaal fysiek RAM-geheugen: 6106.8 MB
Beschikbaar fysiek RAM-geheugen: 3931.75 MB
Totaal Virtueel geheugen: 7130.8 MB
Beschikbaar Virtual geheugen: 4585.36 MB

==================== Schijven ================================

Drive c: (TI30886900A) (Fixed) (Total:447.63 GB) (Free:416.55 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 2B729CAD)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=447.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=810 MB) - (Type=27)
Partition 4: (Not Active) - (Size=15.9 GB) - (Type=17)

==================== Eind van Addition.txt ============================
 
Re: Laptop hl traag

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programmas\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de volgende (blauwe tekst in het code-venster) in het lege kladblokvenster.

Code:
[B][color=#0000FF]
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

C:\Program Files (x86)\MyPC Backup
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakgmokehmecofodopaddfhdb lmjnod [2016-08-03]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [49152 2016-03-14] () [Bestand niet getekend] <==== AANDACHT
MyPC Backup 1.0.0 (HKLM\...\MyPC Backup) (Version: 1.0.0 - MyPC Backup) <==== AANDACHT

cmd: ipconfig /flushdns
cmd: netsh winsock reset
[/COLOR][/B]

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Re: Laptop hl traag

Na het opstarten verkreeg ik volgende melding:

"Je bestand met voorkeuren is beschadigd of ongeldig. Google Chrome kan je instellingen niet herstellen."

Ziehier de fixlog:
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 29-08-2016
Gestart door vanro (29-08-2016 22:42:50) Run:1
Gestart vanaf C:\Users\vanro\Desktop
Geladen Profielen: vanro (Beschikbare Profielen: vanro)
Boot Modus: Normal
==============================================

fixlist inhoud:
*****************
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

C:\Program Files (x86)\MyPC Backup
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Extension: (Search Manager) - C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakgmokehmecofodopaddfhdb lmjnod [2016-08-03]
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [49152 2016-03-14] () [Bestand niet getekend] <==== AANDACHT
MyPC Backup 1.0.0 (HKLM\...\MyPC Backup) (Version: 1.0.0 - MyPC Backup) <==== AANDACHT

cmd: ipconfig /flushdns
cmd: netsh winsock reset
*****************

Herstelpunt is succesfol gemaakt.
Proces succesvol afgesloten.
C:\Program Files (x86)\MyPC Backup => is succesvol verplaatst.
Chrome DefaultSearchURL => is succesvol verwijderd.
Chrome DefaultSuggestURL => is succesvol verwijderd.
C:\Users\vanro\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpakgmokehmecofodopaddfhdb lmjnod => niet gevonden
BackupStack => dienst is succesvol verwijderd.
MyPC Backup 1.0.0 (HKLM\...\MyPC Backup) (Version: 1.0.0 - MyPC Backup) <==== AANDACHT => Fout: Geen automatische fix gevonden voor dit item.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= Eind van CMD: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= Eind van CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 4150761 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8429745 B
Java, Flash, Steam htmlcache => 684 B
Windows/system/drivers => 6129855 B
Edge => 7028386 B
Chrome => 486276977 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 56714 B
vanro => 75208189 B

RecycleBin => 359865 B
EmptyTemp: => 560.4 MB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Eind van Fixlog 22:43:23 ====
 
Re: Laptop hl traag

Download
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware.

Let op bij de installatie van MBAM: in het laatste installatievenster staan twee vinkjes bij de meldingen,
haal nu het bovenste vinkje weg (MBAM als volledige demo-versie gebruiken) en maak de installatie af.
Daarna kan je Malwarebytes MBAM als gratis versie telken opnieuw gebruiken!

  • Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
  • Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".
  • Klik in het menu van Malwarebytes ANTI-MALWARE op nstellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
    5557b93ba94ab-Malwarebytes_Exporteer_ScanLog.png
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    532aab157609a-MBAM-Scan.png

MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.
 
Re: Laptop hl traag

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 30/08/2016
Scantijd: 14:02
Logboekbestand: MBAM scanlog.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2016.08.30.07
Rootkit-database: v2016.08.15.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 10
Processor: x64
Bestandssysteem: NTFS
Gebruiker: vanro

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 289873
Verstreken tijd: 11 min, 8 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 5
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\TRACING\MyPC Backup_RASAPI32, In quarantaine, [0a35222f613954e2c39a20b5ae55d32d],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\TRACING\MyPC Backup_RASMANCS, In quarantaine, [b98676dbafeb54e25d009e3704ff8d73],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E946E98A-3E40-49C9-A110-F5E9E228916F}, Verwijder-bij-herstart, [5ce3db76504aae88d2af668911f247b9],
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\LaunchPreSignup, Verwijder-bij-herstart, [5ae57dd47129f64043afd3d9ae5507f9],
PUP.Optional.InstallCore, HKU\S-1-5-21-3800281865-630423061-795813576-1002\SOFTWARE\csastats, In quarantaine, [310ef35e2b6f50e6545036c453b0ed13],

Registerwaarden: 1
PUP.Optional.MyPCBackup, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E946E98A-3E40-49C9-A110-F5E9E228916F}|Path, \LaunchPreSignup, Verwijder-bij-herstart, [5ce3db76504aae88d2af668911f247b9]

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 1
PUP.Optional.MyPCBackup, C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup, In quarantaine, [84bb80d1009a60d6e7070ba1c142a25e],

Bestanden: 6
PUP.Optional.InstallCore, C:\Users\vanro\Downloads\BitlordSetup (1).exe, In quarantaine, [ba85ef62dac0fb3b134962499470768a],
PUP.Optional.InstallCore, C:\Users\vanro\Downloads\BitlordSetup.exe, In quarantaine, [be81044d1981dd59c79501aab054768a],
PUP.Optional.MyPCBackup, C:\Users\vanro\Desktop\MyPC Backup.lnk, In quarantaine, [94abc1908317e551905dfab27d86857b],
PUP.Optional.MyPCBackup, C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup\MyPC Backup.lnk, In quarantaine, [84bb80d1009a60d6e7070ba1c142a25e],
PUP.Optional.MyPCBackup, C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk, In quarantaine, [b6891e334e4ccb6b27c8dbd133d0ae52],
PUP.Optional.MyPCBackup, C:\Windows\System32\Tasks\LaunchPreSignup, In quarantaine, [c9760f420f8b0d29529e0ba1f50ede22],

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 
Re: Laptop hl traag

Graag de twee logs in n keer posten - gebruik de tools in de volgorde zoals aangegeven.

Stap 1
Download
51e281a62c183-Junkware_Removal_Tool_icon_Canned_1351185104.png.jpg
Junkware Removal Tool by Thisisu.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Het is raadzaam de actieve beveiligingssoftware te de-activeren, zodat mogelijke conflicten met JRT.exe uitgsloten worden.:
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.
  • Dat tijdens de scan van JRT.exe tijdelijk de snelkoppelingen verdwijnen van het bureaublad, is normaal.
Junkware Removal Tool by Thisisu opstarten:
  • Windows 2000 en Windows XP: dubbelklik op JRT.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op JRT.exe en kies voor "Als Administrator uitvoeren".
  • JRT.exe zal daarna Windows gaan scannen.
  • Deze scan kan afhankelijk van de systeemspecificaties soms vrij lang duren, wees dus geduldig.
  • Indien de scan voltooid is, zal een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch openen.
  • Post de inhoud van dit log in je volgende bericht.

Stap 2
Download
52186926180a1-adwcleaner_nieuw.png
AdwCleaner by Xplode.
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
AdwCleaner opstarten:
  • Windows 2000 en Windows XP: dubbelklik op adwcleaner.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op adwcleaner.exe en kies voor "Als Administrator uitvoeren".
AdwCleaner is opgestart:
  • Klik op de knop Scan
  • Is de scan gereed, klik dan op de knop Verwijderen
  • Klik bij AdwCleaner Afsluiting van de programma's op OK
  • Klik bij AdwCleaner Herstarten noodzakelijk op OK
AdwCleaner logbestand:
  • Nadat de PC opnieuw is opgestart, opent een logfile.
  • Ingeval het log niet opent, is dit alsnog terug te vinden in C:\AdwCleaner\AdwCleaner[R0, of 1, of 2].txt
  • Post vervolgens de inhoud van dit log in je volgende bericht.
 
Re: Laptop hl traag

JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by vanro (Administrator) on di 30/08/2016 at 14:43:48,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\search.lnk (Shortcut)
Successfully deleted: C:\Users\vanro\Desktop\facebook.lnk (Shortcut)
Successfully deleted: C:\Users\vanro\Desktop\twitter.lnk (Shortcut)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 30/08/2016 at 14:45:02,66
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ADWCleaner

# AdwCleaner v6.010 - Logbestand aangemaakt 30/08/2016 op 14:49:22
# *Updated on 12/08/2016 by ToolsLib
# Gebruik lokale database : 2016-08-30.1 [*Server]
# Besturingssysteem : Windows 10 Home (X64)
# Gebruikersnaam : vanro - DESKTOP-JONDQHA
# Gestart vanuit : C:\Users\vanro\Desktop\adwcleaner_6.010.exe
# Verwijderen
# Ondersteuning : https://toolslib.net/forum



***** [ *Services ] *****



***** [ Mappen ] *****



***** [ Bestanden ] *****

[-] hersteldC:\Users\vanro\Desktop\Sync Folder.lnk


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Snelkoppelingen ] *****



***** [ Geplande taken ] *****



***** [ Register ] *****

[-] hersteldHKU\S-1-5-21-3800281865-630423061-795813576-1002\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[#] *Key deleted on reboot: HKCU\Software\Classes\AppXrh6feys59dqfzsv9p3s9p6aep0hwtb23
[-] hersteld[x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
[-] hersteldHKU\S-1-5-21-3800281865-630423061-795813576-1002\Software\PRODUCTSETUP
[#] *Key deleted on reboot: HKCU\Software\PRODUCTSETUP


***** [ Internetbrowsers ] *****



*************************

:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [1285 bytes] - [30/08/2016 14:49:22]
C:\AdwCleaner\AdwCleaner[S0].txt - [1517 bytes] - [30/08/2016 14:47:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [1431 bytes] ##########
 
Re: Laptop hl traag

Download ZHPDiag naar het bureaublad.
Attentie:
  • Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen.

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Schakel de antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPDiag.
  • Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

ZHPDiag 2015 opstarten:
  • Windows 2000 en Windows XP: dubbelklik op ZHPDiag3.exe.
  • Windows Vista, Windows 7, B]Windows 8[/B] en Windows 10: via rechtsklik op ZHPDiag3.exe en kies voor "Als Administrator uitvoeren".

ZHPDiag 2015 gebruiken:

55ab5f19f2486-ZHPDiad_2015.jpg


  • Klik op de grote knop "Scanner" (Knop met vergrootglas).
  • De scan start en kan even duren, heb dus geduld.
  • Nadat de scan klaar is, klik dan op de grote knop "Rapport" (Knop met letter T) en dat zal dan het scanlog openen.
  • Op het bureaublad vindt u dat zelfde log ook opgeslagen als ZHPDiag.txt

ZHPDiag 2015-Log posten:
  • Post de inhoud van ZHPDiag.txt in jouw volgende bericht.
 
Re: Laptop hl traag

~ ZHPDiag v2016.8.30.146 Door Nicolas Coolman (2016/08/30)
~ gestart door vanro (Administrator) (2016/08/30 16:22:01)
~ Web: https://www.nicolascoolman.com
~ Blog: https://www.anti-malware.top
~ Facebook: https://www.facebook.com/nicolascoolman1
~ Versie de status: Versie OK
~ Modus: Scanner
~ Rapport: C:\Users\vanro\Desktop\ZHPDiag.txt
~ Rapport: C:\Users\vanro\AppData\Roaming\ZHP\ZHPDiag.txt
~ UAC: Activate
~ Opstarten van het systeem: Normal (Normal boot)
Windows 10 Home, 64-bit (Build 10586) =>.Microsoft Corporation

---\\ Internet-browsers (2) - 0s
GCIE: Google Chrome v52.0.2743.116
MSIE: Internet Explorer v11.545.10586.0

---\\ Windows productinformatie (3) - 3s
~ Windows Server License Manager Script : OK
~ Licence Script File Gnration : OK
Windows Automatic Updates : OK

---\\ Software om het systeem te beveiligen (2) - 1s
Malwarebytes Anti-Malware versie 2.2.1.1043
Windows Defender (Activate)

---\\ Informatie over het systeem (6) - 0s
~ Operating System: Intel64 Family 6 Model 42 Stepping 7, GenuineIntel
~ Operating System: 64-bit
~ Boot mode: Normal (Normal boot)
Total RAM: 6253.364 MB (75% free)
System Restore: Activ (Enable)
System drive C: has 427 GB () free of 458 GB

---\\ Verbinding met het systeem-modus (3) - 0s
~ Computer Name: DESKTOP-JONDQHA
~ User Name: vanro
~ Logged in as Administrator

---\\ Overzicht vaste en verwisselbare stations (1) - 0s
~ Drive C: has 427 GB free of 458 GB (System)

---\\ Staat van het Windows Security Center (7) - 0s
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: Modified
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK
[HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK

---\\ Zoeken naar bepaalde algemene bestanden (24) - 1s
[MD5.E396258CFD8F84E8F2C24930E6D88C67] - 01/07/2016 - (.Microsoft Corporation - Windows Verkenner.) -- C:\WINDOWS\Explorer.exe [4515256] =>.Microsoft Windows
[MD5.0DCB89B1F3689BC6262FF30BBD603171] - 30/10/2015 - (.Microsoft Corporation - Windows-hostproces (Rundll32).) -- C:\WINDOWS\System32\rundll32.exe [59392] =>.Microsoft Corporation
[MD5.C1C81AAF533552B3C4D9F11A5FF97700] - 23/04/2016 - (.Microsoft Corporation - Windows Toepassing Opstarten.) -- C:\WINDOWS\System32\Wininit.exe [291360] =>.Microsoft Windows Publisher
[MD5.312C36630E019D8D0E8BF9D314291C7E] - 03/08/2016 - (.Microsoft Corporation - Internetuitbreidingen voor Win32.) -- C:\WINDOWS\System32\wininet.dll [3025920] =>.Microsoft Corporation
[MD5.5C156EC4E44E30331BCC865A3B61D839] - 23/04/2016 - (.Microsoft Corporation - Toepassing Windows-aanmelden.) -- C:\WINDOWS\System32\Winlogon.exe [585728] =>.Microsoft Corporation
[MD5.9EEAA1B69DC3FD620AE576CC8F4147DC] - 30/10/2015 - (.Microsoft Corporation - Software Licensing-bibliotheek.) -- C:\WINDOWS\System32\sppcomapi.dll [430592] =>.Microsoft Corporation
[MD5.9A3E17CDB177913C2A111C80F3D0DBB4] - 29/03/2016 - (.Microsoft Corporation - API DLL van DNS Client.) -- C:\WINDOWS\System32\dnsapi.dll [686976] =>.Microsoft Windows
[MD5.6A7ACABAE92C837F5C1330188EAE36AE] - 29/03/2016 - (.Microsoft Corporation - API DLL van DNS Client.) -- C:\WINDOWS\Syswow64\dnsapi.dll [535080] =>.Microsoft Windows
[MD5.70148EFA9A562E7185B75BBE7D376BF7] - 05/11/2015 - (.Microsoft Corporation - Ondersteunend functiestuurprogramma van Win.) -- C:\WINDOWS\System32\drivers\AFD.sys [578912] =>.Microsoft Windows
[MD5.492B99D2E3D5D7BFD5F0AE1BE7BD37DD] - 30/10/2015 - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) -- C:\WINDOWS\System32\drivers\atapi.sys [28512] =>.Microsoft Windows
[MD5.7F9C7226D743B232907ED2537B8A574F] - 30/10/2015 - (.Microsoft Corporation - CD-ROM File System Driver.) -- C:\WINDOWS\System32\drivers\Cdfs.sys [92672] =>.Microsoft Corporation
[MD5.82D97776BF982AA143BDC7DFB5054EA8] - 30/10/2015 - (.Microsoft Corporation - SCSI CD-ROM Driver.) -- C:\WINDOWS\System32\drivers\Cdrom.sys [173568] =>.Microsoft Corporation
[MD5.935823F79CBEDB91637B63D37E3A5A36] - 29/03/2016 - (.Microsoft Corporation - DFS Namespace Client Driver.) -- C:\WINDOWS\System32\drivers\DfsC.sys [148480] =>.Microsoft Corporation
[MD5.84BC034B6BB763733C1949B7B9BAF976] - 30/10/2015 - (.Microsoft Corporation - High Definition Audio Bus Driver.) -- C:\WINDOWS\System32\drivers\HDAudBus.sys [79872] =>.Microsoft Corporation
[MD5.53FDD9E69189E546DE4740F8C4D8AB2F] - 30/10/2015 - (.Microsoft Corporation - i8042-poortstuurprogramma.) -- C:\WINDOWS\System32\drivers\i8042prt.sys [114688] =>.Microsoft Corporation
[MD5.9E5E8F2A1996F23B7E9687846AA81B01] - 30/10/2015 - (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\drivers\IpNat.sys [143360] =>.Microsoft Corporation
[MD5.0B3B0C1D86050355676640488FA897D3] - 23/02/2016 - (.Microsoft Corporation - Windows NT SMB Minirdr.) -- C:\WINDOWS\System32\drivers\MRxSmb.sys [430944] =>.Microsoft Windows
[MD5.C03E926B0E7D66D68994067231DC3246] - 28/05/2016 - (.Microsoft Corporation - MBT Transport driver.) -- C:\WINDOWS\System32\drivers\netBT.sys [278528] =>.Microsoft Corporation
[MD5.19BD8A88AAC580592668B070AC0727D9] - 29/03/2016 - (.Microsoft Corporation - NT-bestandssysteemstuurprogramma.) -- C:\WINDOWS\System32\drivers\ntfs.sys [2152280] =>.Microsoft Windows
[MD5.7D0FC96264C0F8F2C1321E33E8EB646C] - 30/10/2015 - (.Microsoft Corporation - Stuurprogramma voor parallelle poort.) -- C:\WINDOWS\System32\drivers\Parport.sys [96768] =>.Microsoft Corporation
[MD5.E3C82823B22463BC38AA4F8ADA852624] - 23/02/2016 - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) -- C:\WINDOWS\System32\drivers\Rasl2tp.sys [104960] =>.Microsoft Corporation
[MD5.1DC2CC74B51E4DC4CD5A20C1021E4010] - 30/10/2015 - (.Microsoft Corporation - Microsoft RDP Device redirector.) -- C:\WINDOWS\System32\drivers\rdpdr.sys [173056] =>.Microsoft Corporation
[MD5.91D3F2A6253EF83EFBD7903028F58C4D] - 05/11/2015 - (.Microsoft Corporation - TDI Translation Driver.) -- C:\WINDOWS\System32\drivers\tdx.sys [118624] =>.Microsoft Windows
[MD5.E1F91A727A04C9F8199D04FF3BBBF63C] - 30/10/2015 - (.Microsoft Corporation - Volume Shadow Copy-stuurprogramma.) -- C:\WINDOWS\System32\drivers\volsnap.sys [414560] =>.Microsoft Windows

---\\ Niet-Microsoft NT services die niet uitgeschakeld zijn (4) - 1s
O23 - Service: (AMD External Events Utility) . (.AMD - AMD External Events Service Module.) - C:\WINDOWS\system32\atiesrxx.exe =>.AMD
O23 - Service: Google Update-service (gupdate) (gupdate) . (.Google Inc. - Google Installer.) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
O23 - Service: Realtek Audio Service (RtkAudioService) . (...) - C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (.not file.)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated

---\\ Niet-Microsoft services (GSR) (SR = Running, SS = gestopt) (5) - 12s

SR - Auto [18/12/2015] [ 255472] (AMD External Events Utility) . (.AMD.) - C:\Windows\System32\atiesrxx.exe =>.AMD
SS - Auto [03/08/2016] [ 154440] Google Update-service (gupdate) (gupdate) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
SS - Demand [03/08/2016] [ 154440] Google Update-service (gupdatem) (gupdatem) . (.Google Inc..) - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe =>.Google Inc
SR - Auto [09/09/2015] [ 246472] SynTPEnh Caller Service (SynTPEnhService) . (.Synaptics Incorporated.) - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe =>.Synaptics Incorporated

---\\ Taken die zijn gepland in de automatische modus (7) - 4s
[MD5.00000000000000000000000000000000] [APT] [TaskName] (...) -- Task To Run (.not file.) [0] (.Activate.) =>.Superfluous.Empty
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc
[MD5.750446ED76A5D13E902174DDDDA1A62B] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440] (.Activate.) =>.Google Inc
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job [1092] =>.Google Inc
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job [1096] =>.Google Inc
O39 - APT: GoogleUpdateTaskMachineCore - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore [3922] =>.Google Inc
O39 - APT: GoogleUpdateTaskMachineUA - (.Google Inc..) -- C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA [4154] =>.Google Inc

---\\ Gestarte processen (11) - 2s
[MD5.BBADD85854BFB5D43C60B7AC8EEA3DBA] - (.AMD - AMD External Events Service Module.) -- C:\Windows\System32\atiesrxx.exe [255472] [PID.448] =>.Microsoft Windows Hardware Compatibility Publisher
[MD5.B3AB2D5B98E67EC56ED4EB9D2A3199BF] - (.AMD - AMD External Events Client Module.) -- C:\Windows\System32\atieclxx.exe [683504] [PID.1388] =>.Microsoft Windows Hardware Compatibility Publisher
[MD5.0B8D4A6329C874C303A41C1EC6E7A4FA] - (.Synaptics Incorporated - 64-bit Synaptics Pointing Enhance Service.) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [246472] [PID.1916] =>.Synaptics Incorporated
[MD5.D9310C25B167AA7162FE2107D7F1F488] - (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3946184] [PID.3068] =>.Synaptics Incorporated
[MD5.9DDD4DE2838C4BAB72AE11C3A3486BEF] - (.Synaptics Incorporated - Synaptics Pointing Device Helper.) -- C:\PROGRAM FILES\SYNAPTICS\SynTP\SYNTPHELPER.EXE [210120] [PID.3300] =>.Synaptics Incorporated
[MD5.65E8545F1297CD83534C354A7BED1848] - (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696] [PID.1900] =>.Realtek Semiconductor Corp
[MD5.01C915A06DCD038C79705DCC556ABAB6] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe [307400] [PID.2704] =>.Advanced Micro Devices, Inc.
[MD5.F7F43570449082C5A6B5FFAC21C1F79D] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Host application.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe [307912] [PID.5140] =>.Advanced Micro Devices, Inc.
[MD5.C3EF139378171D8BB852BEB6E759B7F1] - (...) -- C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe [144384] [PID.5748]
[MD5.83A7349CB85635074D283C3256C33F5D] - (...) -- C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe [2100064] [PID.7024] =>.Microsoft Windows
[MD5.F949522C33E32188CA1D38F3A354D16F] - (.Nicolas Coolman - ZHPDiag.) -- C:\Users\vanro\Desktop\ZHPDiag3.exe [2308608] [PID.5700] =>.Nicolas Coolman

---\\ Google Chrome, start, zoeken, extensies (12) - 0s
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ajax.googleapis.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://chs03.cookie-script.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://media.nationaalcomputerforum.nl
G0 - GCSP: Preferences [User Data\Default][HomePage] http://nationaalcomputerforum.nl
G0 - GCSP: Preferences [User Data\Default][HomePage] http://smartbase.cdnservices.net
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.nationaalcomputerforum.nl
G0 - GCSP: Preferences [User Data\Default][HomePage] http://apis.google.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://ssl.gstatic.com
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.google.be
G0 - GCSP: Preferences [User Data\Default][HomePage] http://www.gstatic.com
G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Chrome manifest =>.Google Inc.
G2 - GCE: Preference [User Data\Default] [pkedcjkdefgpdelpbcmbmeomcjbeemfm] Chrome Media Router =>.Google Inc.

---\\ IE, start, zoeken, URLSearchHook, Phishing (17) - 0s
R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons
R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk
R3 - URLSearchHook: (no name) - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} Orphan =>.Microsoft Internet Explorer
R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1
R4 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\PhishingFilter,EnabledV9 = 1

---\\ Internet Explorer, proxybeheer (2) - 0s
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0
R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

---\\ Analyse - IniFiles, Autoloading programma's (3) - 0s
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: Shell=C:\WINDOWS\explorer.exe (.Microsoft Corporation.) =>.Microsoft Corporation
F2 - REG:system.ini: VMApplet=

---\\ Hosts-bestand omleiding (1) - 0s
~ Le fichier hte est sain (The hosts file is clean) (21)

---\\ Toepassingen gelanceerd tijdens het opstarten van het systeem (7) - 0s
O4 - HKLM\..\Run: [RtHDVCpl] . (.Realtek Semiconductor - Realtek HD Audio configuratie.) -- C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe =>.Realtek Semiconductor Corp
O4 - HKLM\..\Run: [SynTPEnh] . (.Synaptics Incorporated - Synaptics TouchPad 64-bit Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe =>.Synaptics Incorporated
O4 - HKCU\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation
O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc.
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\syswow64\OneDriveSetup.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] . (.Microsoft Corporation - Microsoft OneDrive Setup.) -- C:\Windows\syswow64\OneDriveSetup.exe =>.Microsoft Corporation
O4 - HKUS\S-1-5-21-3800281865-630423061-795813576-1002\..\Run: [OneDrive] . (.Microsoft Corporation - Microsoft OneDrive.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\OneDrive.exe =>.Microsoft Corporation

---\\ Algemene snelkoppelingen opstarten (17) - 2s
O4 - GS\Desktop [Administrator]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [Administrator]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_BitlordSetup (1).exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [Administrator]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\vanro\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\TaskBar [Administrator]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\Desktop [Gast]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [Gast]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_BitlordSetup (1).exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [Gast]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\vanro\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\TaskBar [Gast]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\Desktop [vanro]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [vanro]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_BitlordSetup (1).exe =>PUP.Optional.WhenUSave
O4 - GS\Desktop [vanro]: ZHPDiag.lnk . (.Nicolas Coolman - ZHPDiag.) C:\Users\vanro\AppData\Roaming\ZHP\ZHPDiag3.exe =>.Nicolas Coolman
O4 - GS\Quicklaunch [vanro]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\TaskBar [vanro]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\CommonDesktop [Public]: Google Chrome.lnk . (.Google Inc. - Google Chrome.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O4 - GS\CommonDesktop [Public]: Malwarebytes Anti-Malware.lnk . (.Malwarebytes - Malwarebytes Anti-Malware.) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe =>.Malwarebytes Corporation

---\\ Domeinadres wijzigingen van de DNS (2) - 0s
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 195.130.130.2 195.130.131.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{4dc0d72b-7d43-40da-b530-14e972f11cf7}: DhcpNameServer = 195.130.130.2 195.130.131.2

---\\ Aanvullend Protocol (22) - 0s
O18 - Handler: about [64Bits] - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\syswow64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: cdl [64Bits] - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: dvd [64Bits] - {12D51199-0DB5-46FE-A120-47A3D7D937CC} . (.Microsoft Corporation - ActiveX-besturingselement voor videostreams.) -- C:\Windows\syswow64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: file [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ftp [64Bits] - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: http [64Bits] - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: https [64Bits] - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\syswow64\itss.dll =>.Microsoft Corporation
O18 - Handler: javascript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\syswow64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: local [64Bits] - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: mailto [64Bits] - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\syswow64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: mhtml [64Bits] - {05300401-BCBC-11d0-85E3-00C04FD85AB4} . (.Microsoft Corporation - Microsoft Internet Messaging API Resources.) -- C:\Windows\syswow64\inetcomm.dll =>.Microsoft Corporation
O18 - Handler: mk [64Bits] - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} . (.Microsoft Corporation - OLE32-extensies voor Win32.) -- C:\Windows\syswow64\urlmon.dll =>.Microsoft Corporation
O18 - Handler: ms-its [64Bits] - {9D148291-B9C8-11D0-A4CC-0000F80149F6} . (.Microsoft Corporation - Microsoft InfoTech Storage System Library.) -- C:\Windows\syswow64\itss.dll =>.Microsoft Corporation
O18 - Handler: res [64Bits] - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\syswow64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\syswow64\tbauth.dll =>.Microsoft Corporation
O18 - Handler: tv [64Bits] - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} . (.Microsoft Corporation - ActiveX-besturingselement voor videostreams.) -- C:\Windows\syswow64\MSVidCtl.dll =>.Microsoft Corporation
O18 - Handler: vbscript [64Bits] - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} . (.Microsoft Corporation - Microsoft (R) HTML-viewer.) -- C:\Windows\syswow64\mshtml.dll =>.Microsoft Corporation
O18 - Handler: windows.tbauth [64Bits] - {14654CA6-5711-491D-B89A-58E571679951} . (.Microsoft Corporation - TBAuth protocol handler.) -- C:\Windows\syswow64\tbauth.dll =>.Microsoft Corporation
O18 - Filter: application/octet-stream [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\syswow64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-complus [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\syswow64\mscoree.dll =>.Microsoft Corporation
O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\syswow64\mscoree.dll =>.Microsoft Corporation

---\\ Genstalleerde software (8) - 2s
O42 - Logiciel: AMD Catalyst Control Center - (.AMD.) [HKLM][64Bits] -- WUCCCApp =>.Advanced Micro Devices, Inc.
O42 - Logiciel: BitLord 2.4 - (.House of Life.) [HKLM][64Bits] -- BitLord =>PUP.Optional.WhenUSave
O42 - Logiciel: Google Chrome - (.Google Inc..) [HKLM][64Bits] -- Google Chrome =>.Google Inc
O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM][64Bits] -- {60EC980A-BDA2-4CB6-A427-B07A5498B4CA} =>.Google Inc.
O42 - Logiciel: Malwarebytes Anti-Malware versie 2.2.1.1043 - (.Malwarebytes.) [HKLM][64Bits] -- Malwarebytes Anti-Malware_is1 =>.Malwarebytes
O42 - Logiciel: Realtek Card Reader - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {5BC2B5AB-80DE-4E83-B8CF-426902051D0A} =>.Realtek Semiconductor Corp
O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM][64Bits] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC} =>.Realtek Semiconductor Corp
O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics Incorporated.) [HKLM][64Bits] -- SynTPDeinstKey =>.Synaptics Incorporated

---\\ HKCU & HKLM Software Keys (23) - 2s
HKLM\SOFTWARE\Wow6432Node\ATI =>.ATI
HKLM\SOFTWARE\Wow6432Node\ATI Technologies =>.ATI Technologies
HKLM\SOFTWARE\Wow6432Node\Google =>.Google
HKLM\SOFTWARE\Wow6432Node\Intel =>.Intel
HKLM\SOFTWARE\Wow6432Node\Khronos =>.Khronos
HKLM\SOFTWARE\Wow6432Node\Macromedia =>.Macromedia
HKLM\SOFTWARE\Wow6432Node\Malwarebytes' Anti-Malware
HKLM\SOFTWARE\Wow6432Node\MozillaPlugins =>.MozillaPlugins
HKLM\SOFTWARE\Wow6432Node\Nuance
HKLM\SOFTWARE\Wow6432Node\ODBC
HKLM\SOFTWARE\Wow6432Node\RegisteredApplications
HKCU\SOFTWARE\AppDataLow
HKCU\SOFTWARE\ATI =>.ATI
HKCU\SOFTWARE\bitlord.com =>PUP.Optional.WhenUSave
HKCU\SOFTWARE\Google =>.Google
HKCU\SOFTWARE\QtProject
HKCU\SOFTWARE\Realtek =>.Realtek
HKCU\SOFTWARE\RegisteredApplications
HKCU\SOFTWARE\Synaptics =>.Synaptics
HKCU\SOFTWARE\SyncEngines
HKCU\SOFTWARE\Wow6432Node
HKCU\SOFTWARE\ZebHelpProcess Helper
HKCU\SOFTWARE\AppDataLow\Software

---\\ Inhoud van mappen programma (103) - 19s
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files\AMD =>.Advanced Micro Devices, Inc.
O43 - CFD: 04/08/2016 - [] AD -- C:\Program Files\ATI Technologies =>.Advanced Micro Devices, Inc.
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files\Common Files
O43 - CFD: 17/08/2016 - [] D -- C:\Program Files\Internet Explorer
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\MSBuild
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files\Realtek =>.Andrea Electronics
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\Reference Assemblies
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files\Synaptics =>.Synaptics Incorporated
O43 - CFD: 04/08/2016 - [0] HD -- C:\Program Files\Uninstall Information
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Defender
O43 - CFD: 17/08/2016 - [] D -- C:\Program Files\Windows Journal
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Mail
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Media Player
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Multimedia Platform
O43 - CFD: 04/08/2016 - [] D -- C:\Program Files\Windows NT
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files\Windows Portable Devices
O43 - CFD: 03/08/2016 - [] SHD -- C:\Program Files\Windows Sidebar
O43 - CFD: 29/08/2016 - [] HD -- C:\Program Files\WindowsApps =>.Microsoft Corporation
O43 - CFD: 03/08/2016 - [] SD -- C:\Program Files\WindowsPowerShell
O43 - CFD: 04/08/2016 - [] AD -- C:\Program Files (x86)\ATI Technologies =>.ATI Technologies
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Common Files
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Google =>.Google Inc
O43 - CFD: 17/08/2016 - [] D -- C:\Program Files (x86)\Internet Explorer
O43 - CFD: 30/08/2016 - [] D -- C:\Program Files (x86)\Malwarebytes Anti-Malware =>.Malwarebytes Corporation
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Microsoft.NET =>.Microsoft.NET
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\MSBuild
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Reference Assemblies
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Windows Defender
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Windows Mail
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Windows Media Player
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Windows Multimedia Platform
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Windows NT
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Windows Photo Viewer =>.Microsoft Corporation
O43 - CFD: 09/08/2016 - [] D -- C:\Program Files (x86)\Windows Portable Devices
O43 - CFD: 03/08/2016 - [] SHD -- C:\Program Files (x86)\Windows Sidebar
O43 - CFD: 03/08/2016 - [] SD -- C:\Program Files (x86)\WindowsPowerShell
O43 - CFD: 09/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 09/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 03/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/08/2016 - [] D -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
O43 - CFD: 03/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
O43 - CFD: 09/08/2016 - [] RD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 03/08/2016 - [0] RHD -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
O43 - CFD: 04/08/2016 - [0] SHD -- C:\ProgramData\Application Data
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\ATI =>.ATI
O43 - CFD: 04/08/2016 - [0] SHD -- C:\ProgramData\Bureaublad
O43 - CFD: 03/08/2016 - [0] D -- C:\ProgramData\Comms
O43 - CFD: 04/08/2016 - [0] SHD -- C:\ProgramData\Documenten
O43 - CFD: 30/08/2016 - [] D -- C:\ProgramData\Malwarebytes =>.Malwarebytes
O43 - CFD: 04/08/2016 - [0] SHD -- C:\ProgramData\Menu Start
O43 - CFD: 29/08/2016 - [] SD -- C:\ProgramData\Microsoft =>.Microsoft
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\Microsoft OneDrive
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\Package Cache
O43 - CFD: 03/08/2016 - [] D -- C:\ProgramData\regid.1991-06.com.microsoft
O43 - CFD: 04/08/2016 - [0] SHD -- C:\ProgramData\Sjablonen
O43 - CFD: 03/08/2016 - [0] D -- C:\ProgramData\SoftwareDistribution
O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\USOPrivate
O43 - CFD: 04/08/2016 - [] D -- C:\ProgramData\USOShared
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Common Files\Microsoft Shared
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Common Files\Services
O43 - CFD: 03/08/2016 - [] D -- C:\Program Files (x86)\Common Files\System
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\Adobe =>.Adobe
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\ATI =>.ATI
O43 - CFD: 08/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\Macromedia =>.Macromedia
O43 - CFD: 29/08/2016 - [] SD -- C:\Users\vanro\AppData\Roaming\Microsoft =>.Microsoft
O43 - CFD: 23/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\Skype =>.Skype
O43 - CFD: 30/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\ZHP
O43 - CFD: 03/08/2016 - [0] D -- C:\Users\vanro\AppData\Local\ActiveSync
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\AMD =>.AMD
O43 - CFD: 03/08/2016 - [0] SHD -- C:\Users\vanro\AppData\Local\Application Data
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\ATI =>.ATI
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Comms
O43 - CFD: 03/08/2016 - [0] SHD -- C:\Users\vanro\AppData\Local\Geschiedenis
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Google =>.Google
O43 - CFD: 29/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\MicrosoftEdge
O43 - CFD: 03/08/2016 - [0] D -- C:\Users\vanro\AppData\Local\NetworkTiles
O43 - CFD: 14/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Packages
O43 - CFD: 14/08/2016 - [0] D -- C:\Users\vanro\AppData\Local\PackageStaging
O43 - CFD: 30/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Programs
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Publishers
O43 - CFD: 30/08/2016 - [] D -- C:\Users\vanro\AppData\Local\Temp
O43 - CFD: 03/08/2016 - [0] SHD -- C:\Users\vanro\AppData\Local\Temporary Internet Files
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Local\TileDataLayer
O43 - CFD: 03/08/2016 - [0] D -- C:\Users\vanro\AppData\Local\VirtualStore
O43 - CFD: 30/08/2016 - [0] D -- C:\Users\vanro\AppData\Local\Programs\Common
O43 - CFD: 03/08/2016 - [] RD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
O43 - CFD: 03/08/2016 - [] RD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
O43 - CFD: 18/08/2016 - [] RD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
O43 - CFD: 03/08/2016 - [] D -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
O43 - CFD: 30/08/2016 - [] RD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
O43 - CFD: 03/08/2016 - [] RD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
O43 - CFD: 03/08/2016 - [] RSD -- C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\DataSharing
O43 - CFD: 03/08/2016 - [] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Microsoft =>.Microsoft
O43 - CFD: 0 - [0] D -- C:\WINDOWS\System32\Config\systemprofile\AppData\Local\Packages

---\\ Laatste bestanden die zijn gemaakt in Windows Prefetcher (5) - 7s
O45 - LFCP:[MD5.065923D7AB680744CB01A5AAE52AC6E1] 12/08/2016 A -- C:\WINDOWS\Prefetch\BITLORD.EXE-58596C29.pf =>PUP.Optional.WhenUSave
O45 - LFCP:[MD5.36A664C72A488AC6967CF45A0EF001AD] 03/08/2016 A -- C:\WINDOWS\Prefetch\BITLORDSETUP (1).EXE-10343C99.pf =>PUP.Optional.WhenUSave
O45 - LFCP:[MD5.D21619B0E9257FB38A570BA9703BFC53] 03/08/2016 A -- C:\WINDOWS\Prefetch\BITLORDSETUP.EXE-9E95FA97.pf =>PUP.Optional.WhenUSave
O45 - LFCP:[MD5.66D16716E677CBE9F3D5F1D44592B561] 29/08/2016 A -- C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-102E9A3D.pf =>PUP.Optional.MyPCBackup
O45 - LFCP:[MD5.C1DBE12B603DE6EF93627126D61CA254] 23/08/2016 A -- C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-98FB306F.pf =>PUP.Optional.MyPCBackup

---\\ ShellIconOverlayIdentifiers (SIOI) (5) - 0s
O106 - SIOI: ErrorOverlayHandler Class [ OneDrive1] - {BBACC218-34EA-4666-9D7A-C78F2274A524}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll =>.Microsoft Corporation
O106 - SIOI: SharedOverlayHandler Class [ OneDrive2] - {5AB7172C-9C11-405C-8DD5-AF20F3606282}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll =>.Microsoft Corporation
O106 - SIOI: SharedSyncingOverlayHandler Class [ OneDrive3] - {A78ED123-AB77-406B-9962-2A5D9D2F7F30}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll =>.Microsoft Corporation
O106 - SIOI: UpToDateOverlayHandler Class [ OneDrive4] - {F241C880-6982-4CE5-8CF7-7085BA96DA5A}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll =>.Microsoft Corporation
O106 - SIOI: SyncingOverlayHandler Class [ OneDrive5] - {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}. (.Microsoft Corporation - Microsoft OneDrive Shell Extension.) -- C:\Users\vanro\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileSyncShell.dll =>.Microsoft Corporation

---\\ Overzicht van de drivers (69) - 14s
O58 - SDL:2015/10/30 09:17:22 A . (.LSI - LSI 3ware SCSI Storport Driver.) -- C:\WINDOWS\System32\drivers\3ware.sys [107360] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.PMC-Sierra - PMC-Sierra Storport Driver For SPC8x6G SAS.) -- C:\WINDOWS\System32\drivers\adp80xx.sys [1135456] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.Advanced Micro Devices - AHCI 1.3 Device Driver.) -- C:\WINDOWS\System32\drivers\amdsata.sys [83296] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.AMD Technologies Inc. - AMD Technology AHCI Compatible Controller D.) -- C:\WINDOWS\System32\drivers\amdsbs.sys [259424] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.Advanced Micro Devices - Storage Filter Driver.) -- C:\WINDOWS\System32\drivers\amdxata.sys [26976] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.PMC-Sierra, Inc. - Adaptec SAS RAID WS03 Driver.) -- C:\WINDOWS\System32\drivers\arcsas.sys [131936] =>.Microsoft Windows
O58 - SDL:2015/12/10 17:46:59 A . (.Qualcomm Atheros Communications, Inc. - Qualcomm Atheros Extensible Wireless LAN de.) -- C:\WINDOWS\System32\drivers\athw10x.sys [4342936] =>.WDKTestCert qcaswbld,130129545209614653
O58 - SDL:2015/05/28 07:00:44 A . (.Advanced Micro Devices - AMD High Definition Audio Function Driver.) -- C:\WINDOWS\System32\drivers\AtihdWT6.sys [102912] =>.Advanced Micro Devices
O58 - SDL:2015/12/18 18:58:11 A . (.Advanced Micro Devices, Inc. - ATI Radeon Kernel Mode Driver.) -- C:\WINDOWS\System32\drivers\atikmdag.sys [21648880] =>.Microsoft Windows Hardware Compatibility Publisher
O58 - SDL:2015/12/18 18:58:11 A . (.Advanced Micro Devices, Inc. - AMD multi-vendor Miniport Driver.) -- C:\WINDOWS\System32\drivers\atikmpag.sys [674288] =>.Microsoft Windows Hardware Compatibility Publisher
O58 - SDL:2015/10/30 09:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/10/30 09:17:22 A . (.Windows (R) Win 7 DDK provider - BCM Function 2 Device Driver.) -- C:\WINDOWS\System32\drivers\bcmfn2.sys [9728] =>.Windows (R) Win 7 DDK provider
O58 - SDL:2015/08/01 23:19:17 A . (.Qualcomm Atheros - Qualcomm Atheros BtFilter Driver.) -- C:\WINDOWS\System32\drivers\btfilter.sys [604776] =>.Qualcomm Atheros
O58 - SDL:2015/10/30 09:17:22 A . (.Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) -- C:\WINDOWS\System32\drivers\bxvbda.sys [531296] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.QLogic Corporation - QLogic 10 GigE VBD.) -- C:\WINDOWS\System32\drivers\evbda.sys [3436896] =>.Microsoft Windows
O58 - SDL:2009/07/07 08:51:42 A . (.TOSHIBA Corporation - TOSHIBA Firmware Linkage 64-bit Driver.) -- C:\WINDOWS\System32\drivers\FwLnk.sys [9216] =>.Toshiba Corporation
O58 - SDL:2012/07/17 18:12:08 A . (.Intel Corporation - Intel(R) Management Engine Interface.) -- C:\WINDOWS\System32\drivers\HECIx64.sys [62784] =>.Intel Corporation
O58 - SDL:2015/10/30 09:17:22 A . (.Hewlett-Packard Company - Smart Array SAS/SATA Controller Media Drive.) -- C:\WINDOWS\System32\drivers\HpSAMD.sys [64352] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:18 A . (.Intel(R) Corporation - Intel(R) Serial IO I2C Driver.) -- C:\WINDOWS\System32\drivers\iai2c.sys [81408] =>.Intel(R) Corporation
O58 - SDL:2015/10/30 09:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Driver v2.) -- C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [165888] =>.Intel Corporation
O58 - SDL:2015/10/30 09:17:18 A . (.Intel Corporation - Intel(R) Serial IO GPIO Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [38128] =>.Intel Corporation - Client Components Group
O58 - SDL:2015/10/30 09:17:18 A . (.Intel Corporation - Intel(R) Serial IO I2C Controller Driver.) -- C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [113152] =>.Intel Corporation
O58 - SDL:2011/11/29 19:40:32 A . (.Intel Corporation - Intel Rapid Storage Technology driver - x64.) -- C:\WINDOWS\System32\drivers\iaStor.sys [568600] =>.Intel Corporation
O58 - SDL:2015/10/30 09:17:22 A . (.Intel Corporation - Intel(R) Rapid Storage Technology driver (i.) -- C:\WINDOWS\System32\drivers\iaStorAV.sys [673120] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:22 A . (.Intel Corporation - Intel Matrix Storage Manager driver - x64.) -- C:\WINDOWS\System32\drivers\iaStorV.sys [412000] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Mellanox - InfiniBand Fabric Bus Driver.) -- C:\WINDOWS\System32\drivers\ibbus.sys [424800] =>.Microsoft Windows
O58 - SDL:2012/01/05 03:58:50 A . (.Intel Corporation - Intel(R) USB 3.0 Host Controller Switch Dri.) -- C:\WINDOWS\System32\drivers\iusb3hcs.sys [16152] =>.Intel Corporation
O58 - SDL:2012/01/05 03:58:50 A . (.Intel Corporation - Intel(R) USB 3.0 Hub Driver.) -- C:\WINDOWS\System32\drivers\iusb3hub.sys [355096] =>.Intel Corporation
O58 - SDL:2012/01/05 03:58:50 A . (.Intel Corporation - Intel(R) USB 3.0 eXtensible Host Controller.) -- C:\WINDOWS\System32\drivers\iusb3xhc.sys [786200] =>.Intel Corporation
O58 - SDL:2015/10/30 09:17:23 A . (.Qualcomm Atheros Co., Ltd. - Qualcomm Atheros Ar81xx series PCI-E Gigabi.) -- C:\WINDOWS\System32\drivers\L1C63x64.sys [121344] =>.Qualcomm Atheros Co., Ltd.
O58 - SDL:2015/10/30 09:17:23 A . (.LSI Corporation - LSI Fusion-MPT SAS Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas.sys [108888] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.LSI Corporation - LSI SAS Gen2 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas2i.sys [104800] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Avago Technologies - Avago SAS Gen3 Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sas3i.sys [99168] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.LSI Corporation - LSI SSS PCIe/Flash Driver (StorPort).) -- C:\WINDOWS\System32\drivers\lsi_sss.sys [82784] =>.Microsoft Windows
O58 - SDL:2016/03/10 14:08:54 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [27008] =>.Malwarebytes Corporation
O58 - SDL:2016/03/10 14:08:58 A . (.Malwarebytes - Malwarebytes Chameleon Protection Driver.) -- C:\WINDOWS\System32\drivers\mbamchameleon.sys [140672] =>.Malwarebytes Corporation
O58 - SDL:2016/08/30 14:24:27 A . (.Malwarebytes - Malwarebytes Anti-Malware.) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [192216] =>.Malwarebytes Corporation
O58 - SDL:2015/10/30 09:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\megasas.sys [59744] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.LSI Corporation, Inc. - LSI MegaRAID Software RAID Driver.) -- C:\WINDOWS\System32\drivers\megasr.sys [575840] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Mellanox - MLX4 Bus Driver.) -- C:\WINDOWS\System32\drivers\mlx4_bus.sys [705376] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Marvell Semiconductor, Inc. - Marvell Flash Controller Driver.) -- C:\WINDOWS\System32\drivers\mvumis.sys [63840] =>.Microsoft Windows
O58 - SDL:2016/03/10 14:09:10 A . (.Malwarebytes Corporation - Malwarebytes Web Access Control.) -- C:\WINDOWS\System32\drivers\mwac.sys [65408] =>.Malwarebytes Corporation
O58 - SDL:2015/10/30 09:17:23 A . (.Mellanox - NetworkDirect Support Filter Driver.) -- C:\WINDOWS\System32\drivers\ndfltr.sys [76128] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.NVIDIA Corporation - NVIDIA nForce(TM) RAID Driver.) -- C:\WINDOWS\System32\drivers\nvraid.sys [150368] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.NVIDIA Corporation - NVIDIA nForce(TM) Sata Performance Driver.) -- C:\WINDOWS\System32\drivers\nvstor.sys [166240] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.LSI Corporation - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas2i.sys [58208] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Avago Technologies - MEGASAS RAID Controller Driver for Windows.) -- C:\WINDOWS\System32\drivers\percsas3i.sys [58720] =>.Microsoft Windows
O58 - SDL:2015/06/24 22:57:00 A . (.Realtek Semiconductor Corp. - Realtek(r) High Definition Audio Function D.) -- C:\WINDOWS\System32\drivers\RTKVHD64.sys [4504320] =>.Realtek Semiconductor Corp
O58 - SDL:2016/07/13 18:09:44 A . (.Realsil Semiconductor Corporation - RTS USB READER Driver.) -- C:\WINDOWS\System32\drivers\RtsUer.sys [433912] =>.Realtek Semiconductor Corp
O58 - SDL:2015/10/30 09:17:23 A . (.Silicon Integrated Systems Corp. - SiS RAID Stor Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid2.sys [44896] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Silicon Integrated Systems - SiS AHCI Stor-Miniport Driver.) -- C:\WINDOWS\System32\drivers\sisraid4.sys [81760] =>.Microsoft Windows
O58 - SDL:2015/09/09 11:34:53 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [42184] =>.Synaptics Incorporated
O58 - SDL:2015/09/09 11:34:53 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_AMDASF_Aux.sys [42184] =>.Synaptics Incorporated
O58 - SDL:2015/09/09 11:34:53 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [42696] =>.Synaptics Incorporated
O58 - SDL:2015/09/09 11:34:53 A . (.Synaptics Incorporated - Synaptics SMBus Driver.) -- C:\WINDOWS\System32\drivers\Smb_driver_Intel_Aux.sys [42696] =>.Synaptics Incorporated
O58 - SDL:2016/07/22 05:51:36 A . (.Samsung Electronics Co., Ltd. - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\System32\drivers\ssudbus.sys [130688] =>.Samsung Electronics CO., LTD.
O58 - SDL:2016/07/22 05:51:40 A . (.Samsung Electronics Co., Ltd. - SAMSUNG Android Modem Device Driver.) -- C:\WINDOWS\System32\drivers\ssudmdm.sys [164992] =>.Samsung Electronics CO., LTD.
O58 - SDL:2015/10/30 09:17:23 A . (.Promise Technology, Inc. - Promise SuperTrak EX Series Driver for Wind.) -- C:\WINDOWS\System32\drivers\stexstor.sys [31072] =>.Microsoft Windows
O58 - SDL:2015/09/09 11:34:55 A . (.Synaptics Incorporated - Synaptics Touchpad Win64 Driver.) -- C:\WINDOWS\System32\drivers\SynTP.sys [618696] =>.Synaptics Incorporated
O58 - SDL:2015/08/01 23:19:29 A . (.Toshiba Corporation - Toshiba Hotkey Driver.) -- C:\WINDOWS\System32\drivers\Thotkey.sys [54424] =>.TOSHIBA CORPORATION
O58 - SDL:2007/01/15 16:53:00 A . (.TOSHIBA Corporation - SD Bluetooth Transport Driver.) -- C:\WINDOWS\System32\drivers\tosdbt.sys [57344] =>.Toshiba Corporation
O58 - SDL:2012/08/01 13:03:22 A . (.TOSHIBA Corporation. - Toshiba Bluetooth HID mini port driver.) -- C:\WINDOWS\System32\drivers\Toshidpt.sys [10232] =>.TOSHIBA CORPORATION
O58 - SDL:2012/07/27 17:54:40 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth Port Emulation Driver.) -- C:\WINDOWS\System32\drivers\tosporte.sys [55288] =>.TOSHIBA CORPORATION
O58 - SDL:2014/06/21 15:56:00 A . (.TOSHIBA Corporation - TOSHIBA Bluetooth EC Driver.) -- C:\WINDOWS\System32\drivers\tosrfec.sys [53624] =>.TOSHIBA CORPORATION
O58 - SDL:2016/07/21 21:24:44 A . (.TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and.) -- C:\WINDOWS\System32\drivers\TVALZ_O.SYS [53888] =>.TOSHIBA CORPORATION
O58 - SDL:2015/10/30 09:17:23 A . (.VIA Technologies Inc.,Ltd - VIA RAID DRIVER FOR AMD-X86-64.) -- C:\WINDOWS\System32\drivers\vsmraid.sys [166752] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.VIA Corporation - VIA StorX RAID Controller Driver.) -- C:\WINDOWS\System32\drivers\VSTXRAID.SYS [305504] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Mellanox - Kernel WinMad.) -- C:\WINDOWS\System32\drivers\winmad.sys [26976] =>.Microsoft Windows
O58 - SDL:2015/10/30 09:17:23 A . (.Mellanox - Kernel WinVerbs.) -- C:\WINDOWS\System32\drivers\winverbs.sys [59232] =>.Microsoft Windows

---\\ Meest recente bestanden gewijzigd of gemaakt (gebruiker) (6) - 7s
O61 - LFC: 2016/08/29 15:28:31 A . (..) -- C:\Users\vanro\AppData\Local\Packages\Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy\TempState\TileCache_100_0_Header.bin [17128]
O61 - LFC: 2016/08/30 16:22:49 A . (..) -- C:\Users\vanro\AppData\Local\Packages\Microsoft.Windows.Cortana_cw5n1h2txyewy\LocalState\speech_onecorereg.bin [8192]
O61 - LFC: 2016/08/30 16:18:52 A . (..) -- C:\Users\vanro\AppData\Local\Microsoft\Windows\UPPS\UPPS.bin [16148]
O61 - LFC: 2016/08/30 14:52:45 A . (..) -- C:\Users\vanro\AppData\Local\ATI\ACE\Manifest.Bin [29892]
O61 - LFC: 2016/08/12 14:01:38 A . (..) -- C:\Users\vanro\AppData\Local\AMD\GLCache\21ca9e25b586fafa_19.bin [34524]
O61 - LFC: 2016/08/12 14:01:27 A . (..) -- C:\Users\vanro\AppData\Local\AMD\GLCache\71c81e27a2962808_19.bin [34999]

---\\ Bestandsassociaties mogelijk aangepast (10) - 0s
O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - Windows Control Panel.) -- C:\Windows\System32\control.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.com> <comfile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.evt> <evtfile>[HKLM\..\open\Command] (.Microsoft Corporation - Startprogramma voor de module Logboeken.) -- C:\Windows\System32\eventvwr.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*
O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft Windows Based Script Host.) -- C:\Windows\System32\wscript.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Register-editor.) -- C:\Windows\regedit.exe =>.Microsoft Corporation
O67 - Shell Spawning: <.scr> <scrfile>[HKLM\..\open\Command] (...) -- "%1" /S

---\\ Startmenu Internet (8) - 0s
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\iexplore.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ShowIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ShowIconsCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\ReinstallCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\ReinstallCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation
O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\InstallInfo\HideIconsCommand] (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe =>.Google Inc.
O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\InstallInfo\HideIconsCommand] (.Microsoft Corporation - Hulpprogramma voor initialisatie van IE per.) -- C:\Windows\System32\ie4uinit.exe =>.Microsoft Corporation

---\\ Zoekmachines in internetbrowsers (1) - 0s
O69 - SBI: SearchScopes [HKLM] {0633EE93-D776-472f-A0FF-E1416B8B2E3A} [DefaultScope] - (@ieframe.dll,-12512) - http://www.bing.com/

---\\ Geeft een opsomming van de dienst begin door Svchost (41) - 2s
O83 - Search Svchost Services: CertPropSvc (CertPropSvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\Windows\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: SCPolicySvc (SCPolicySvc) . (.Microsoft Corporation - Microsoft Smartcard Certificate Propagation.) -- C:\WINDOWS\System32\certprop.dll [192000] =>.Microsoft Corporation
O83 - Search Svchost Services: lanmanserver (lanmanserver) . (.Microsoft Corporation - DLL-bestand voor Server-service.) -- C:\WINDOWS\system32\srvsvc.dll [283136] =>.Microsoft Corporation
O83 - Search Svchost Services: gpsvc (gpsvc) . (.Microsoft Corporation - Groepbeleidclient.) -- C:\WINDOWS\System32\gpsvc.dll [1339904] =>.Microsoft Corporation
O83 - Search Svchost Services: IKEEXT (IKEEXT) . (.Microsoft Corporation - IKE-extensie.) -- C:\WINDOWS\System32\ikeext.dll [957952] =>.Microsoft Corporation
O83 - Search Svchost Services: iphlpsvc (iphlpsvc) . (.Microsoft Corporation - Service die IPv6-connectiviteit via een IPv.) -- C:\WINDOWS\System32\iphlpsvc.dll [963072] =>.Microsoft Corporation
O83 - Search Svchost Services: seclogon (seclogon) . (.Microsoft Corporation - Dll-bestand voor de Secondary Logon-service.) -- C:\WINDOWS\system32\seclogon.dll [31232] =>.Microsoft Corporation
O83 - Search Svchost Services: AppInfo (AppInfo) . (.Microsoft Corporation - Application Information-service.) -- C:\WINDOWS\System32\appinfo.dll [94720] =>.Microsoft Corporation
O83 - Search Svchost Services: msiscsi (msiscsi) . (.Microsoft Corporation - iSCSI -detectieservice.) -- C:\WINDOWS\system32\iscsiexe.dll [151040] =>.Microsoft Corporation
O83 - Search Svchost Services: EapHost (EapHost) . (.Microsoft Corporation - Microsoft EAPHost-service.) -- C:\WINDOWS\System32\eapsvc.dll [112640] =>.Microsoft Corporation
O83 - Search Svchost Services: schedule (schedule) . (.Microsoft Corporation - Task Scheduler-service.) -- C:\WINDOWS\system32\schedsvc.dll [1001472] =>.Microsoft Corporation
O83 - Search Svchost Services: winmgmt (winmgmt) . (.Microsoft Corporation - WMI.) -- C:\WINDOWS\system32\wbem\WMIsvc.dll [225280] =>.Microsoft Corporation
O83 - Search Svchost Services: browser (browser) . (.Microsoft Corporation - DLL-bestand voor Computer Browser-service.) -- C:\WINDOWS\System32\browser.dll [134656] =>.Microsoft Corporation
O83 - Search Svchost Services: ProfSvc (ProfSvc) . (.Microsoft Corporation - Userenv.) -- C:\WINDOWS\system32\profsvc.dll [328192] =>.Microsoft Corporation
O83 - Search Svchost Services: SessionEnv (SessionEnv) . (.Microsoft Corporation - Service voor Extern bureaublad-configuratie.) -- C:\Windows\System32\SessEnv.dll [372736] =>.Microsoft Corporation
O83 - Search Svchost Services: wercplsupport (wercplsupport) . (.Microsoft Corporation - Probleemrapporten en oplossingen.) -- C:\WINDOWS\System32\wercplsupport.dll [96256] =>.Microsoft Corporation
O83 - Search Svchost Services: DcpSvc (DcpSvc) . (.Microsoft Corporation - dcpsvc Task.) -- C:\WINDOWS\system32\dcpsvc.dll [186880] =>.Microsoft Corporation
O83 - Search Svchost Services: NetSetupSvc (NetSetupSvc) . (.Microsoft Corporation - Service Netwerk instellen.) -- C:\WINDOWS\System32\NetSetupSvc.dll [211456] =>.Microsoft Corporation
O83 - Search Svchost Services: NcaSvc (NcaSvc) . (.Microsoft Corporation - Microsoft Network Connectivity Assistant-se.) -- C:\WINDOWS\System32\ncasvc.dll [168960] =>.Microsoft Corporation
O83 - Search Svchost Services: wlidsvc (wlidsvc) . (.Microsoft Corporation - Microsoft Account-service.) -- C:\WINDOWS\system32\wlidsvc.dll [2057216] =>.Microsoft Corporation
O83 - Search Svchost Services: dmwappushservice (dmwappushservice) . (.Microsoft Corporation - dmwappushsvc.) -- C:\WINDOWS\system32\dmwappushsvc.dll [57856] =>.Microsoft Corporation
O83 - Search Svchost Services: XboxNetApiSvc (XboxNetApiSvc) . (.Microsoft Corporation - Xbox Live Networking Service.) -- C:\WINDOWS\system32\XboxNetApiSvc.dll [1035776] =>.Microsoft Corporation
O83 - Search Svchost Services: Themes (Themes) . (.Microsoft Corporation - DLL-bestand voor Windows Shell-themaservice.) -- C:\WINDOWS\system32\themeservice.dll [59392] =>.Microsoft Corporation
O83 - Search Svchost Services: UserManager (UserManager) . (.Microsoft Corporation - UserMgr.) -- C:\WINDOWS\System32\usermgr.dll [912384] =>.Microsoft Corporation
O83 - Search Svchost Services: DsmSvc (DsmSvc) . (.Microsoft Corporation - Apparaatinstallatiebeheer.) -- C:\WINDOWS\System32\DeviceSetupManager.dll [205824] =>.Microsoft Corporation
O83 - Search Svchost Services: XblAuthManager (XblAuthManager) . (.Microsoft Corporation - Xbox Live Auth Manager.) -- C:\WINDOWS\System32\XblAuthManager.dll [948736] =>.Microsoft Corporation
O83 - Search Svchost Services: DmEnrollmentSvc (DmEnrollmentSvc) . (.Microsoft Corporation - Windows Managent Service-DLL.) -- C:\Windows\System32\Windows.Internal.Management.dll [278016] =>.Microsoft Corporation
O83 - Search Svchost Services: XblGameSave (XblGameSave) . (.Microsoft Corporation - Xbox Live Game Save Service.) -- C:\WINDOWS\System32\XblGameSave.dll [1139712] =>.Microsoft Corporation
O83 - Search Svchost Services: RetailDemo (RetailDemo) . (.Microsoft Corporation - RDXService.) -- C:\WINDOWS\system32\RDXService.dll [1073152] =>.Microsoft Corporation
O83 - Search Svchost Services: BDESVC (BDESVC) . (.Microsoft Corporation - BDE-service.) -- C:\WINDOWS\System32\bdesvc.dll [361472] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasauto (Rasauto) . (.Microsoft Corporation - Beheer van automatisch inbellen van Externe.) -- C:\WINDOWS\System32\rasauto.dll [106496] =>.Microsoft Corporation
O83 - Search Svchost Services: Rasman (Rasman) . (.Microsoft Corporation - Verbindingsbeheer voor RAS.) -- C:\WINDOWS\System32\rasmans.dll [696320] =>.Microsoft Corporation
O83 - Search Svchost Services: Remoteaccess (Remoteaccess) . (.Microsoft Corporation - Dynamisch interfacebeheer.) -- C:\Windows\System32\mprdim.dll [507904] =>.Microsoft Corporation
O83 - Search Svchost Services: SENS (SENS) . (.Microsoft Corporation - System Event Notification-service (SENS).) -- C:\WINDOWS\System32\sens.dll [73216] =>.Microsoft Corporation
O83 - Search Svchost Services: Sharedaccess (Sharedaccess) . (.Microsoft Corporation - Helper-onderdelen voor Microsoft NAT.) -- C:\WINDOWS\System32\ipnathlp.dll [456704] =>.Microsoft Corporation
O83 - Search Svchost Services: Tapisrv (Tapisrv) . (.Microsoft Corporation - Microsoft Windows(TM) Telefoonserver.) -- C:\Windows\System32\tapisrv.dll [311808] =>.Microsoft Corporation
O83 - Search Svchost Services: wuauserv (wuauserv) . (.Microsoft Corporation - Windows Update-agent.) -- C:\WINDOWS\system32\wuaueng.dll [2280960] =>.Microsoft Corporation
O83 - Search Svchost Services: BITS (BITS) . (.Microsoft Corporation - Background Intelligent Transfer Service.) -- C:\WINDOWS\System32\qmgr.dll [1144320] =>.Microsoft Corporation
O83 - Search Svchost Services: ShellHWDetection (ShellHWDetection) . (.Microsoft Corporation - DLL-bestand voor Windows Shell Services.) -- C:\Windows\System32\shsvcs.dll [608768] =>.Microsoft Corporation
O83 - Search Svchost Services: lfsvc (lfsvc) . (.Microsoft Corporation - Service Geolocatie.) -- C:\Windows\System32\lfsvc.dll [27136] =>.Microsoft Corporation
O83 - Search Svchost Services: UsoSvc (UsoSvc) . (.Microsoft Corporation - Update Session Orchestrator-kerngeheugen.) -- C:\WINDOWS\system32\usocore.dll [379392] =>.Microsoft Corporation

---\\ Lijst van uitzonderingen in de firewall (FirewallRules) (2) - 1s
O87 - FAEL: "{4D90DCFA-C21D-4646-9D01-B831B7D14991}" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
O87 - FAEL: "{B0F77285-D7D8-454A-A84D-97520C59B972}" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave

---\\ Search Tracing Registry Key (4) - 1s
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS =>PUP.Optional.MyPCBackup

---\\ Extra scan (O88) (17) - 0s
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
HKCU\SOFTWARE\bitlord.com =>PUP.Optional.WhenUSave
C:\Program Files (x86)\BitLord =>PUP.Optional.WhenUSave
C:\Users\vanro\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
C:\Users\vanro\AppData\Local\BitLord =>PUP.Optional.WhenUSave
C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\BITLORD.EXE-58596C29.pf =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\BITLORDSETUP (1).EXE-10343C99.pf =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\BITLORDSETUP.EXE-9E95FA97.pf =>PUP.Optional.WhenUSave
C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-102E9A3D.pf =>PUP.Optional.MyPCBackup
C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-98FB306F.pf =>PUP.Optional.MyPCBackup
C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32 =>PUP.Optional.MyPCBackup
HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS =>PUP.Optional.MyPCBackup

---\\ Samenvatting van elementen gevonden op uw werkstation (2) - 0s
https://www.nicolascoolman.com/fr/adware-whenusave/ =>PUP.Optional.WhenUSave
https://www.nicolascoolman.com/fr/pup-mypcbackup/ =>PUP.Optional.MyPCBackup

~ End of the scan, 17576 items in 00h01mn49s (548)
 
Re: Laptop hl traag

Download en installeer ZHPfix
Klik daarvoor op de knop TLCHARCHER.

Installatie van ZHPfix:
  • Windows 2000 en Windows XP: dubbelklik op ZHPFix.exe.
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op ZHPFix.exe en kies voor "Als Administrator uitvoeren".
  • Klik enkele keren op Suivant en vervolgens op "Installer" om ZHPfix te installeren.
  • Om de installatie af te sluiten - klik op "Terminer".

Opmerkingen:
  • Alle openstaande programma's en webpagina's dienen afgesloten te zijn.
  • Schakel de antivirus- en antispywareprogramma's tijdelijk uit, deze kunnen namelijk conflicteren met ZHPDiag.


ZHPfix-scrip:
  • Kopieer nu volledig alle tekst die in het code-venster hieronder staat vermeld:

    Code:
    Script ZHPFix
    
    C:\Program Files (x86)\BitLord\BitLord.exe 
    C:\Users\vanro\AppData\Local\Temp\ICReinstall_Bitl ordSetup (1).exe
    C:\Users\vanro\AppData\Local\Temp\ICReinstall_Bitl ordSetup (1).exe
    O4 - GS\Desktop [Administrator]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    O4 - GS\Desktop [Administrator]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_Bitl ordSetup (1).exe =>PUP.Optional.WhenUSave
    O4 - GS\Desktop [Gast]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    O4 - GS\Desktop [Gast]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_Bitl ordSetup (1).exe =>PUP.Optional.WhenUSave
    O4 - GS\Desktop [vanro]: BitLord.lnk . (.House of Life - BitLord.) C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    O4 - GS\Desktop [vanro]: Doorgaan met de installatie van BitLord.lnk . (...) C:\Users\vanro\AppData\Local\Temp\ICReinstall_Bitl ordSetup (1).exe =>PUP.Optional.WhenUSave
    O42 - Logiciel: BitLord 2.4 - (.House of Life.) [HKLM][64Bits] -- BitLord =>PUP.Optional.WhenUSave
    HKCU\SOFTWARE\bitlord.com =>PUP.Optional.WhenUSave
    C:\Users\vanro\AppData\Roaming\BitLord
    C:\Users\vanro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitLord
    O87 - FAEL: "{4D90DCFA-C21D-4646-9D01-B831B7D14991}" [In-None-P6-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    O87 - FAEL: "{B0F77285-D7D8-454A-A84D-97520C59B972}" [In-None-P17-TRUE] .(.House of Life - BitLord.) -- C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI 32 =>PUP.Optional.MyPCBackup
    HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMAN CS =>PUP.Optional.MyPCBackup
    HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32 =>PUP.Optional.MyPCBackup
    HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS =>PUP.Optional.MyPCBackup
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\BitLord =>PUP.Optional.WhenUSave
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curren tVersion\Uninstall\BitLord =>PUP.Optional.WhenUSave
    HKCU\SOFTWARE\bitlord.com =>PUP.Optional.WhenUSave
    C:\Program Files (x86)\BitLord =>PUP.Optional.WhenUSave
    C:\Users\vanro\AppData\Roaming\BitLord =>PUP.Optional.WhenUSave
    C:\Users\vanro\AppData\Local\BitLord =>PUP.Optional.WhenUSave
    C:\Users\vanro\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\BitLord =>PUP.Optional.WhenUSave
    C:\WINDOWS\Prefetch\BITLORD.EXE-58596C29.pf =>PUP.Optional.WhenUSave
    C:\WINDOWS\Prefetch\BITLORDSETUP (1).EXE-10343C99.pf =>PUP.Optional.WhenUSave
    C:\WINDOWS\Prefetch\BITLORDSETUP.EXE-9E95FA97.pf =>PUP.Optional.WhenUSave
    C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-102E9A3D.pf =>PUP.Optional.MyPCBackup
    C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-98FB306F.pf =>PUP.Optional.MyPCBackup
    C:\Program Files (x86)\BitLord\BitLord.exe =>PUP.Optional.WhenUSave
    HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASA PI32 =>PUP.Optional.MyPCBackup
    HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASM ANCS =>PUP.Optional.MyPCBackup
    HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32 =>PUP.Optional.MyPCBackup
    HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS =>PUP.Optional.MyPCBackup

    ZHPfix opstarten:
    Dubbelklik op
    5620bf4568652-Fix_snelkopp..png
    de ZHPfix snelkoppeling
    en ga akkoord met de eventuele Windows melding.

    5620bc2ceb426-ZHPfix.png

  • De gekopieerde scriptcode wordt automatisch in het venster van ZHPFix geplakt.
  • Gebeurt dit niet automatisch, klik dan op de knop "Importeren".
  • Rechtsklik vervolgens in het lege venster van ZHPFix en klik op Plakken.
  • Klik daarna links onderaan op de knop "Go".
  • Wees geduldig totdat er een log opent.
Kopieer de inhoud van het logbestand met de naam "ZHPFix[r1].txt" plak die inhoud in jouw volgende bericht erbij.
 
Re: Laptop hl traag

Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by vanro at 30/08/2016 17:19:05
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (10586)

Papierkorb geleert (00mn 14s)

========== Software ==========
ABWESEND Uninstall Process: c:\program files (x86)\bitlord\bitlord-uninst.exe

========== Prozessspeicher ==========
ENTFERNT: Memory Process: C:\Program Files (x86)\BitLord\BitLord.exe
ENTFERNT: Memory Process: C:\WINDOWS\Prefetch\BITLORD.EXE-58596C29.pf
ENTFERNT: Memory Process: C:\WINDOWS\Prefetch\BITLORDSETUP (1).EXE-10343C99.pf
ENTFERNT: Memory Process: C:\WINDOWS\Prefetch\BITLORDSETUP.EXE-9E95FA97.pf
ENTFERNT: Memory Process: C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-102E9A3D.pf
ENTFERNT: Memory Process: C:\WINDOWS\Prefetch\MYPC BACKUP.EXE-98FB306F.pf

========== Registry-Schlssel ==========
ENTFERNT Logiciel Key: [HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BitLord]
ENTFERNT: HKCU\SOFTWARE\bitlord.com
ENTFERNT:* HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32
ENTFERNT:* HKLM\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS

========== Die Registrierungswerte ==========
ENTFERNT: {4D90DCFA-C21D-4646-9D01-B831B7D14991}
ENTFERNT: {B0F77285-D7D8-454A-A84D-97520C59B972}

========== Ordner ==========
ENTFERNT: c:\users\vanro\appdata\roaming\bitlord
ENTFERNT: c:\users\vanro\appdata\roaming\microsoft\windows\start menu\programs\bitlord
ENTFERNT: c:\program files (x86)\bitlord
ENTFERNT: c:\users\vanro\appdata\local\bitlord

========== Andere ==========
VERTRAG [HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASA PI32]
VERTRAG [HKLM64\SOFTWARE\Microsoft\Tracing\BackupStack_RASM ANCS]
VERTRAG [HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASAPI32]
VERTRAG [HKLM64\SOFTWARE\Microsoft\Tracing\OLBPre_RASMANCS]


========== Zusammenfassung ==========
6 : Prozessspeicher
4 : Registry-Schlssel
2 : Die Registrierungswerte
4 : Ordner
1 : Software
4 : Andere


End of clean in 00mn 23s

========== Pfad zu Datei-Bericht ==========
C:\Users\vanro\AppData\Roaming\ZHP\ZHPFix[R1].txt - 30/08/2016 17:19:20 [2102]
 
Re: Laptop hl traag

Download
51dfb18ac31c6-anti_rootkit_25x25PS.png
Malwarebytes Anti-Rootkit

Allereerst:
  • Na download het gedownloade bestand uitpakken en vervolgens de map met uitgepakte bestanden naar het bureaublad verplaatsen.
Mbar opstarten:
  • Klik nu de map mbar-1.06.0.1004 open en dito ook de map mbar.
  • Windows 2000 en Windows XP: dubbelklik op Mbar/Mbar.exe.
  • Windows Vista en Windows 7: via rechtsklik op Mbar/Mbar.exe en kies voor "Als Administrator uitvoeren".
Mbar is opgestart
  • Klik in het introductiescherm op "next" om door te gaan.
  • Klik in het volgende scherm op Update om Malwarebytes Anti-Rootkit van de nieuwste definities te voorzien.
  • Klik wanneer de update gereed is op "Next" en klik daarna op "Scan".
  • Indien de scan gereed is en er geen malware is gedetecteerd klik dan op "Exit"
  • Wanneer er echter malware wordt gedetecteerd, controleer dan of alle vermelde bestanden zijn aangevinkt en klik vervolgens op "Cleanup" en start daarna de computer opnieuw op.
  • Open na de herstart de map van MBAR en plaats zowel de inhoud van het "mbar-log-2012-11-11 (10-36-04).txt" als ook van het "system-log.txt" in uw nieuwe bericht.
 
Re: Laptop hl traag

MBAR log

Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
main: v2016.08.31.02
rootkit: v2016.08.15.01

Windows 10 x64 NTFS
Internet Explorer 11.545.10586.0
vanro :: DESKTOP-JONDQHA [administrator]

31/08/2016 11:06:04
mbar-log-2016-08-31 (11-06-04).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 289279
Time elapsed: 12 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

system log

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 10.0.9200 Windows 10 x64

Account is Administrative

Internet Explorer version: 11.545.10586.0

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 6403444736, free: 4175589376

Downloaded database version: v2016.08.31.02
Downloaded database version: v2016.08.15.01
Downloaded database version: v2016.08.15.02
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
08/31/2016 11:05:54
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\System32\drivers\ntosext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\System32\drivers\FLTMGR.SYS
\SystemRoot\System32\drivers\ksecdd.sys
\SystemRoot\System32\drivers\clipsp.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\WindowsTrustedRT.sys
\SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\system32\drivers\CEA.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStor.sys
\SystemRoot\System32\drivers\EhStorClass.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\system32\drivers\WdFilter.sys
\SystemRoot\System32\Drivers\NTFS.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\System32\drivers\wfplwfs.sys
\SystemRoot\System32\drivers\iusb3hcs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\TVALZ_O.SYS
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\filecrypt.sys
\SystemRoot\system32\drivers\tbs.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\drivers\vwififlt.sys
\SystemRoot\System32\drivers\pacer.sys
\SystemRoot\system32\drivers\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\gpuenergydrv.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
\SystemRoot\System32\drivers\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\portcls.sys
\SystemRoot\System32\drivers\drmk.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\L1C63x64.sys
\SystemRoot\System32\drivers\athw10x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\System32\drivers\SynTP.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\tosrfec.sys
\SystemRoot\System32\drivers\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\FwLnk.sys
\SystemRoot\System32\drivers\Thotkey.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\AtihdWT6.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_iaStor.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\win32kfull.sys
\SystemRoot\System32\win32kbase.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\drivers\BTHUSB.sys
\SystemRoot\System32\drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\dxgmms2.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\storqosflt.sys
\SystemRoot\system32\drivers\mslldp.sys
\SystemRoot\system32\drivers\lltdio.sys
\SystemRoot\system32\drivers\rspndr.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\ndisuio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\mmcss.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\vwifimp.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\System32\drivers\tunnel.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\mouhid.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
main: v2016.08.31.02
rootkit: v2016.08.15.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0002d561060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0002d561b10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0002d561060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0002d4d2050, DeviceName: \Device\Ide\IAAStorageDevice-1\, DriverName: \Driver\iaStor\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 2B729CAD

Partition information:

Partition 0 type is Other (0x27)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 3072000
Partition is bootable
Partition file system is NTFS

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 3074048 Numsec = 938756956
Partition is not bootable
Partition file system is NTFS

Partition 2 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 941832192 Numsec = 1658880
Partition is not bootable
Partition file system is NTFS

Partition 3 type is HIDDEN (0x17)
Partition is NOT ACTIVE.
Partition starts at LBA: 943491072 Numsec = 33282048
Partition is not bootable
Partition file system is NTFS

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\KERNELBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\apphelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\apphelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\psapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\user32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gdi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\advapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msvcrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sechost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcrt4.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sspicli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCRYPTPRIMITIVES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imm32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shlwapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\combase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shell32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\version.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cfgmgr32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\KERNEL.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SHCore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\powrprof.dll" is sparse (flags = 32768)
File "C:\Windows\System32\powrprof.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ole32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wintrust.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\crypt32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wininet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\imagehlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userenv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sfc_os.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netutils.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ws2_32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\comdlg32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FIREWALLAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FIREWALLAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\oleaut32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winmm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winspool.drv" is sparse (flags = 32768)
File "C:\Windows\System32\davhlpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\davhlpr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINMMBASE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bcrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rsaenh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fwbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fwbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkscli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cscapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\uxtheme.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iertutil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ONDEMANDCONNROUTEHELPER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\IPHLPAPI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winhttp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mswsock.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winnsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winnsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\urlmon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasadhlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FWPUCLNT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FWPUCLNT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msctf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dwmapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dwmapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntmarta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)
File "C:\Windows\System32\clbcatq.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wtsapi32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winsta.dll" is sparse (flags = 32768)
File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)
File "C:\Windows\System32\propsys.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mssprxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mssprxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\smss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\csrss.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wininit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)
File "C:\Windows\System32\winlogon.exe" is sparse (flags = 32768)
File "C:\Windows\System32\services.exe" is sparse (flags = 32768)
File "C:\Windows\System32\services.exe" is sparse (flags = 32768)
File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)
File "C:\Windows\System32\lsass.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\svchost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\dwm.exe" is sparse (flags = 32768)
File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\spoolsv.exe" is sparse (flags = 32768)
File "C:\Program Files\Windows Defender\MsMpEng.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sihost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\TASKHOSTW.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\TASKHOSTW.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\RUNTIMEBROKER.EXE" is sparse (flags = 32768)
File "C:\Windows\explorer.exe" is sparse (flags = 32768)
File "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\SHELLEXPERIENCEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHINDEXER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SETTINGSYNCHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SETTINGSYNCHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\wsock32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wsock32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wer.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wer.dll" is sparse (flags = 32768)
File "C:\Windows\System32\xmllite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\xmllite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cabinet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cabinet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\loadperf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\loadperf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\secur32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\secur32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pdh.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Faultrep.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Faultrep.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbghelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbghelp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ncrypt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbgcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dbgcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntasn1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mlang.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mlang.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msxml6.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msxml6.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DHCPCSVC6.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DHCPCSVC6.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\webio.dll" is sparse (flags = 32768)
File "C:\Windows\System32\webio.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.CONNECTIVITY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.CONNECTIVITY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFTACCOUNTTOKENPROVIDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MICROSOFTACCOUNTTOKENPROVIDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WinTypes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schannel.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schannel.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MSKEYPROTECT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NCRYPTSSLP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sxs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sxs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\npmproxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\npmproxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlanapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlanapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rmclient.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rmclient.dll" is sparse (flags = 32768)
File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\linkinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netprofm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netprofm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efswrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efswrt.dll" is sparse (flags = 32768)
File "C:\Program Files\Windows Defender\MSASCui.exe" is sparse (flags = 32768)
File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\APPLICATIONFRAMEHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" is sparse (flags = 32768)
File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\audiodg.exe" is sparse (flags = 32768)
File "C:\Program Files\Windows Defender\MpCmdRun.exe" is sparse (flags = 32768)
File "C:\Windows\ImmersiveControlPanel\SYSTEMSETTINGS.EXE" is sparse (flags = 32768)
File "C:\Windows\ImmersiveControlPanel\SYSTEMSETTINGS.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\TWINAPI.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TWINAPI.APPCORE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MrmCoreR.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MrmCoreR.dll" is sparse (flags = 32768)
File "C:\Windows\System32\actxprxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\actxprxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\biwinrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\biwinrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SECURITY.AUTHENTICATION.ONLINEID.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SECURITY.AUTHENTICATION.ONLINEID.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\d3d11.dll" is sparse (flags = 32768)
File "C:\Windows\System32\d3d11.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mfplat.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mfplat.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MFREADWRITE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MFREADWRITE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MMDevAPI.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MMDevAPI.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dxgi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dxgi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.HOSTNAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.NETWORKING.HOSTNAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\devobj.dll" is sparse (flags = 32768)
File "C:\Windows\System32\devobj.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RTWorkQ.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RTWorkQ.dll" is sparse (flags = 32768)
File "C:\Windows\System32\THREADPOOLWINRT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THREADPOOLWINRT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.APPLICATIONDATA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STORAGE.APPLICATIONDATA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.DEVICES.ENUMERATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.DEVICES.ENUMERATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICEASSOCIATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICEASSOCIATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVDISPITEMPROVIDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVDISPITEMPROVIDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DDORes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DDORes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFAULTDEVICEMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEFAULTDEVICEMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\avrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\avrt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.BACKGROUND.TIMEBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.BACKGROUND.TIMEBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wshbth.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.BACKGROUND.SYSTEMEVENTSBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.APPLICATIONMODEL.BACKGROUND.SYSTEMEVENTSBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERCLIENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.GLOBALIZATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.GLOBALIZATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BCP47LANGS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wpnapps.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wpnapps.dll" is sparse (flags = 32768)
File "C:\Windows\System32\VoipRT.dll" is sparse (flags = 32768)
File "C:\Windows\System32\VoipRT.dll" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATAPLATFORMHELPERUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATAPLATFORMHELPERUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\vaultcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultcli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TOKENBINDING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TOKENBINDING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MEDIA.DEVICES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MEDIA.DEVICES.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\profext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ChatApis.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ChatApis.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dsclient.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dsclient.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONEUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PHONEUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptnet.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONECALLHISTORYAPIS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PHONECALLHISTORYAPIS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CONTACTAPIS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CONTACTAPIS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATALANGUAGEUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATALANGUAGEUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CONTACTACTIVATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CONTACTACTIVATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATATYPEHELPERUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATATYPEHELPERUTIL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTOWINRT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CRYPTOWINRT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MEDIA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.MEDIA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.UI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.UI.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiPrvSE.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiPrvSE.exe" is sparse (flags = 32768)
File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ucrtbase.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mrt100.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mrt100.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.UI.XAML.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.UI.XAML.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREMESSAGING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREUICOMPONENTS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\COREUICOMPONENTS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\d2d1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\d2d1.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DATAEXCHANGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DATAEXCHANGE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\dcomp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dcomp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINRTTRACING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINRTTRACING.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ROMETADATA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ROMETADATA.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINLANGDB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINLANGDB.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.ACCOUNTSCONTROL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.ACCOUNTSCONTROL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.WEB.HTTP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.WEB.HTTP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DWrite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DWrite.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIRECTMANIPULATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DIRECTMANIPULATION.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\twinapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\twinapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.GRAPHICS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.GRAPHICS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SHELL.SERVICEHOSTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SHELL.SERVICEHOSTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NapiNSP.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NapiNSP.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpnsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpnsp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlaapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winrnr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\winrnr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SYSTEM.LAUNCHER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.SYSTEM.LAUNCHER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPPORTINGLIBRARY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPPORTINGLIBRARY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ieproxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ieproxy.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AudioSes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AudioSes.dll" is sparse (flags = 32768)
File "C:\Windows\System32\CERTENROLL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\CERTENROLL.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\certca.dll" is sparse (flags = 32768)
File "C:\Windows\System32\certca.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Wldap32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Wldap32.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpapi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHPROTOCOLHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWSCODECS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THUMBCACHE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EXPLORERFRAME.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)
File "C:\Windows\System32\edputil.dll" is sparse (flags = 32768)
File "C:\Program Files (x86)\Common Files\Microsoft Shared\ink\tiptsf.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETWORKEXPLORER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETWORKEXPLORER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ntshrui.dll" is sparse (flags = 32768)
File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)
File "C:\Windows\System32\coml2.dll" is sparse (flags = 32768)
File "C:\Windows\syswow64\cmd.exe" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cmdext.dll" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\conhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SEARCHFILTERHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\syswow64\ONEDRIVESETUP.EXE" is sparse (flags = 32768)
File "C:\Windows\syswow64\ONEDRIVESETUP.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\credssp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\userinit.exe" is sparse (flags = 32768)
File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\scecli.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msv1_0.dll" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\1394ohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\flpydisk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspclock.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpiex.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\afd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mpsdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\isapnp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipmi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipmi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\Locator.exe" is sparse (flags = 32768)
File "C:\Windows\System32\Locator.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdk8.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpipagr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\acpitime.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthhfHid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BthhfHid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\asyncmac.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rfcomm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AGP440.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\AGP440.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ahcache.sys" is sparse (flags = 32768)
File "C:\Windows\System32\alg.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\amdppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umpass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\circlass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\circlass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\appid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srv2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\atapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\luafv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ndu.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ndu.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pciide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bowser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\scfilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdFilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdFilter.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifimp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BUTTONCONVERTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthmodem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthmodem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdNisDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdNisDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthpan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bthport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\clfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdfs.sys" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSVCHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSVCHOST.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cdrom.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mup.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CmBatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\cng.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CNGHWASSIST.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\CNGHWASSIST.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dfsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\disk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\dllhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\condrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dam.sys" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\DiagSvcs\DIAGNOSTICSHUB.STANDARDCOLLECTOR.SERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dmvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\drmkaud.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serial.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\dxgkrnl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpip.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORCLASS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\errdev.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fileinfo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\FXSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SpbCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fcvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fcvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILECRYPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILECRYPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmstorfl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipfltdrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FILETRACE.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fltMgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\monitor.sys" is sparse (flags = 32768)
File "C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PRESENTATIONFONTCACHE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\FSDEPENDS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\STORQOSFLT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\fvevol.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\URSCX01000.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\URSCX01000.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sfloppy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\GAGP30KX.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\GAGP30KX.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMGENCOUNTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMGENCOUNTER.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndisuio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOCLX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFRd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFRd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wanarp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\GPUENERGYDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\GPUENERGYDRV.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasl2tp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hdaudbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbatt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wfplwfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidbth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wbengine.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\winusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\winusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidi2c.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\HIDINTERRUPT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidir.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidir.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hidusb.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\http.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hwpolicy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\hyperkbd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\i8042prt.sys" is sparse (flags = 32768)
File "C:\Windows\syswow64\perfhost.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ioqos.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ioqos.sys" is sparse (flags = 32768)
File "C:\Windows\System32\IEETWCOLLECTOR.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\IEETWCOLLECTOR.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelide.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelpep.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\intelppm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\IPMIDrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ipnat.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\irenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\irenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msiscsi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mssmbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\sppsvc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\kbdhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecdd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksecpkg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ksthunk.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\lltdio.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxdav.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxdav.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wimmount.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mmcss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mskssrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\modem.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mspqm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouclass.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mouhid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mountmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb10.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb10.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mrxsmb20.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Ucx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ufx01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\bridge.sys" is sparse (flags = 32768)
File "C:\Windows\System32\msdtc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\msdtc.exe" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\VSSVC.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDKMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDUMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MSHIDUMDF.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\msisadrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mstee.sys" is sparse (flags = 32768)
File "C:\Windows\System32\msiexec.exe" is sparse (flags = 32768)
File "C:\Windows\System32\msiexec.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\mslldp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\MTConfig.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nwifi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbios.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndis.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiscap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiscap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISIMPLATFORM.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tunnel.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tunnel.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndistapi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbhub.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NDISVIRTUALBUS.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ndiswan.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\netbt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\nsiproxy.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NV_AGP.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\NV_AGP.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\parport.sys" is sparse (flags = 32768)
File "C:\Windows\System32\vds.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\partmgr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcw.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pdc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pcmcia.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\PEAuth.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\qwavedrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\qwavedrv.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspptp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\processr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\pacer.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rasacd.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\agilevpn.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\raspppoe.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rassstp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdbss.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdpdr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\RDPVIDEOMINIPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdyboost.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rdyboost.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\rspndr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vms3cap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vms3cap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sbp2port.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sdbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORDATASERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\serenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SerCx2.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\sermouse.sys" is sparse (flags = 32768)
File "C:\Windows\System32\snmptrap.exe" is sparse (flags = 32768)
File "C:\Windows\System32\snmptrap.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Wdf01000.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\srvnet.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volmgrx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storahci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\stornvme.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storufs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\storvsc.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\swenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\swenum.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tcpipreg.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tdx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\tpm.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\terminpt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\terminpt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vdrvroot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\TIERINGENGINESERVICE.EXE" is sparse (flags = 32768)
File "C:\Windows\servicing\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\servicing\TRUSTEDINSTALLER.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\TsUsbFlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\TsUsbFlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UAGP35.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UAGP35.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uaspstor.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\UcmCx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\Udecx.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbccgp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\udfs.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uefi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\uefi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\UI0DETECT.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\UI0DETECT.EXE" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ULIAGPKX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ULIAGPKX.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\umbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbcir.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbcir.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbehci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbohci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbuhci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbprint.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbser.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbvideo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\usbvideo.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VERIFIEREXT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhdmp.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vhf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vmbus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\VMBusHID.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\volsnap.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vpci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vpci.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vsmraid.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwifibus.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\vwififlt.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wacompen.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdBoot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdBoot.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WdiWiFi.sys" is sparse (flags = 32768)
File "C:\Program Files\Windows Defender\NisSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WINDOWSTRUSTEDRT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WINDOWSTRUSTEDRT.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wmiacpi.sys" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WmiApSrv.exe" is sparse (flags = 32768)
File "C:\Program Files\Windows Media Player\wmpnetwk.exe" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wpcfltr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\wpcfltr.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WPDUPFLTR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WPDUPFLTR.SYS" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\ws2ifsl.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFPf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\drivers\WUDFPf.sys" is sparse (flags = 32768)
File "C:\Windows\System32\AJRouter.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AJRouter.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ipnathlp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lsm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpnpmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rpcss.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appinfo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MESSAGINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\appidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\AxInstSv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dcpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dcpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPREADINESS.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.STATEREPOSITORY.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\AUDIOENDPOINTBUILDER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WALLETSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APPXDEPLOYMENTSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\audiosrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RpcEpMap.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bdesvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\BFE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLAUTHMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netman.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVICESETUPMANAGER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cdpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umpo.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qmgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ListSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lltdsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dhcpcore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\browser.dll" is sparse (flags = 32768)
File "C:\Windows\System32\browser.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BthHFSrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\BthHFSrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\profsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\bthserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\provsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\provsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\das.dll" is sparse (flags = 32768)
File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\LICENSEMANAGERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)
File "C:\Windows\System32\certprop.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DMWAPPUSHSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DMWAPPUSHSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ClipSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\cryptsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TETHERINGSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\moshost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\moshost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEFRAGSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVQUERYBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DEVQUERYBROKER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wscsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wscsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WsmSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wersvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wecsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcmsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wkssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dot3svc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\DIAGTRACK.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WINDOWS.INTERNAL.MANAGEMENT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\MPSSVC.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fdPHost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fdPHost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dnsrslvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\dps.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WERCPLSUPPORT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\eapsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\efssvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\EMBEDDEDMODESVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\ENTERPRISEAPPMGMTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FntCache.dll" is sparse (flags = 32768)
File "C:\Windows\System32\es.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sdrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\srvsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FDResPub.dll" is sparse (flags = 32768)
File "C:\Windows\System32\FDResPub.dll" is sparse (flags = 32768)
File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\upnphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\fhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\gpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\hidserv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\IKEEXT.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iphlpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\keyiso.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msdtckrm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\msdtckrm.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lfsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lfsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\lmhsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\iscsiexe.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nsisvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\nlasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ngcsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NcaSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NcaSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NCDAUTOSETUP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NCDAUTOSETUP.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NCBSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\netlogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\trkwks.dll" is sparse (flags = 32768)
File "C:\Windows\System32\trkwks.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETPROFMSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NETSETUPSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\icsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\NGCCTNRSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\APHOSTSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pcasvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\p2psvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\p2psvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PHONESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\PIMINDEXMAINTENANCE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\pla.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\pnrpauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\IPSECSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\qwave.dll" is sparse (flags = 32768)
File "C:\Windows\System32\qwave.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasauto.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\rasmans.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)
File "C:\Windows\System32\mprdim.dll" is sparse (flags = 32768)
File "C:\Windows\System32\regsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\regsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\RDXSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\schedsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SCardSvr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBLGAMESAVE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SCDEVICEENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\seclogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\seclogon.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Sens.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Sens.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SENSORSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\sensrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sensrsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SessEnv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shsvcs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\shsvcs.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TILEOBJSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TILEOBJSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\smphost.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SMSROUTERSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\StorSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sstpsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\ssdpsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiaservc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\svsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\swprv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)
File "C:\Windows\System32\sysmain.dll" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\SYSTEMEVENTSBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\TabSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\termsrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\tapisrv.dll" is sparse (flags = 32768)
File "C:\Windows\System32\THEMESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\THEMESERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TIMEBROKERSERVER.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\TZAUTOUPDATE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\umrdp.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\Unistore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\USERDATASERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usermgr.dll" is sparse (flags = 32768)
File "C:\Windows\System32\usocore.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\vaultsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\w32time.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbiosrvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wwansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WUDFSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WUDFSvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlidsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wlansvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wcncsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WebClnt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WebClnt.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WCSPLUGINSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WCSPLUGINSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wdi.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WEPHOSTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WEPHOSTSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wiarpc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\wbem\WMIsvc.dll" is sparse (flags = 32768)
File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WORKFOLDERSSVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPDBUSENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPDBUSENUM.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WPNSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WSSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\WSSERVICE.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\wuaueng.dll" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\XBOXNETAPISVC.DLL" is sparse (flags = 32768)
File "C:\Windows\System32\unregmp2.exe" is sparse (flags = 32768)
File "C:\Windows\System32\unregmp2.exe" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\Windows\System32\rundll32.exe" is sparse (flags = 32768)
File "C:\Program Files\Windows Mail\WinMail.exe" is sparse (flags = 32768)
File "C:\Windows\System32\ie4uinit.exe" is sparse (flags = 32768)
File "C:\Windows\syswow64\rundll32.exe" is sparse (flags = 32768)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BFBCE9EE47FB6D1E3F3C5977F2631EF70B822EE3.bin.79" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BFBCE9EE47FB6D1E3F3C5977F2631EF70B822EE3.bin.7C" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-BFBCE9EE47FB6D1E3F3C5977F2631EF70B822EE3.bin.83" is compressed (flags = 1)
File "C:\Users\vanro\AppData\Local\Comms\UnistoreDB\store.vol" is sparse (flags = 32768)
File "C:\Windows\System32\config\systemprofile\AppData\Local\DataSharing\Storage\DSTokenDB2.dat" is sparse (flags = 32768)
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-3074048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-2-941832192-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-3-943491072-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 
Laatst bewerkt door een moderator:
Re: Laptop hl traag

Prima gedaan: voor de zekerheid: herhaal nu de de dubbele scan zoals die in bericht #8 staat.
 
Re: Laptop hl traag

Om 1 of andere onverklaarbare reden blijkt de copy-paste functie niet te werken waardoor ik de logjes hier niet kan posten maar ik kan er wel uit afleiden dat alles opgekuist is :)
 
Re: Laptop hl traag

Start
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware.

  • Windows 2000 en Windows XP: dubbelklik op de MBAM-snelkoppeling.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op de MBAM-snelkoppeling en kies voor "Als Administrator uitvoeren".
  • Klik in het menu van Malwarebytes ANTI-MALWARE op nstellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
    5557b93ba94ab-Malwarebytes_Exporteer_ScanLog.png
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    532aab157609a-MBAM-Scan.png

MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.
 
Re: Laptop hl traag

Geen bedreigingen gevonden. Hier het logje:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scandatum: 1/09/2016
Scantijd: 13:51
Logboekbestand: MBAM scanlog 1 sept.txt
Beheerder: Ja

Versie: 2.2.1.1043
Malware-database: v2016.09.01.05
Rootkit-database: v2016.08.15.01
Licentie: Gratis
Malware-bescherming: Uitgeschakeld
Bescherming tegen kwaadaardige websites: Uitgeschakeld
Zelfbescherming: Uitgeschakeld

Besturingssysteem: Windows 10
Processor: x64
Bestandssysteem: NTFS
Gebruiker: vanro

Scantype: Bedreigingsscan
Resultaat: Voltooid
Objecten gescand: 290118
Verstreken tijd: 9 min, 55 sec

Geheugen: Ingeschakeld
Opstarten: Ingeschakeld
Bestandssysteem: Ingeschakeld
Archieven: Ingeschakeld
Rootkits: Ingeschakeld
Heuristiek: Ingeschakeld
POP: Ingeschakeld
POA: Ingeschakeld

Processen: 0
(Geen kwaadaardige items gedetecteerd)

Modules: 0
(Geen kwaadaardige items gedetecteerd)

Registersleutels: 0
(Geen kwaadaardige items gedetecteerd)

Registerwaarden: 0
(Geen kwaadaardige items gedetecteerd)

Registerdata: 0
(Geen kwaadaardige items gedetecteerd)

Mappen: 0
(Geen kwaadaardige items gedetecteerd)

Bestanden: 0
(Geen kwaadaardige items gedetecteerd)

Fysieke Sectoren: 0
(Geen kwaadaardige items gedetecteerd)


(end)
 
Re: Laptop hl traag

Prima.

Download
522adc2487fb5-SecurityCheck_cannednieuw.jpg
Security Check
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden of anders naar het bureaublad verplaatsen!
SecurityCheck.exe opstarten:
  • Windows 2000 en Windows XP: dubbelklik op SecurityCheck.exe.
  • Windows Vista, Windows 7[/color, Windows 8: en Windows 10: rechtsklik op SecurityCheck.exe en kies "Als Administrator uitvoeren".
    [*]Let op de instrukties in het zwarte venster.
    [*]Een Kladblok document genaamd checkup.txt dient automatisch open te gaan; sluit dit document via opslaan op het bureaublad.
    [*]Indien een van je veiligheidstools rapporteert, dat DIG.EXE het internet op wil, sta dit dan toe.

Post de inhoud van checkup.txt in jouw volgende post
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan