• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

In Behandeling Kan windows Defender niet inschakelen.

Status
Niet open voor verdere reacties.

J.van Lieshout

Gewaardeerd
Lid geworden
15 jun 2006
Berichten
1.025
Waarderingsscore
1
Ik heb net mijn virusprogramma verwijderd.(malware enz.) Ik zou nu windows defender activeren. Maar dat gaat helemaal niet. (de app hiervoor is niet actief)Inschakeling lukt dus niet.
 
Goedemiddag Hans, ik heb jouw topic verplaatst.
Ik vermoed dat Groepsrechten hersteld moeten worden.

Download
52063a40e2e64-Farbar_Recovery_Scan_Tool_canned.png
Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen
: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

FRST start op:
  • Wanneer het programma is geopend klik dan op de knop Yes bij de disclaimer.
  • Druk vervolgens op de Scan knop.
  • Aansluitend zal een logbestand - FRST.txt en Addition-txt aangemaakt worden en op het bureaublad opgeslagen worden.
.

Kijk hier: Hoe een bijlage toevoegen?
 
so
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by ellyv (04-12-2018 17:12:39)
Running from C:\Users\ellyv\Downloads
Windows 10 Home Version 1511 10586.1176 (X64) (2016-04-14 03:09:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2735736808-2654838343-107945157-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2735736808-2654838343-107945157-503 - Limited - Disabled)
ellyv (S-1-5-21-2735736808-2654838343-107945157-1001 - Administrator - Enabled) => C:\Users\ellyv
Guest (S-1-5-21-2735736808-2654838343-107945157-501 - Limited - Disabled)
hansv (S-1-5-21-2735736808-2654838343-107945157-1002 - Limited - Enabled) => C:\Users\hansv

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.102 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Photo Creations (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{88540041-fd0c-4588-9b2f-251e29f7c5a1}) (Version: 18.40.4 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16E58023-544D-44B1-B064-5E2D8F6C5645} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {1DC4D167-9EE8-4E31-8C80-2E985B77793D} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\940cba19-db4a-4420-9649-1e72a4b6aaf5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {249F4D09-B379-4FF8-ACAD-8EBD012E9C6E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {2A3234F3-E231-4FAA-8882-B5A1E4422B1A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2B63F229-2ACB-43CC-9769-7E8C4CF15A1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {2F93CBF9-AF2B-471C-93F7-F30BD871A44B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {42F30FB8-49F1-4B3E-B23A-2D16CDB057F4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\dedb3184-3c1e-4d3b-96ca-4f9766dfa675 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {4F6E06A6-2D75-4A15-AAD5-1CACC2F2D97C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-02] (Lenovo)
Task: {567564F6-4A47-4F8A-87A2-2B35CF49FA7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {5B941D15-5217-4163-A22A-D9AEFDEBDB60} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\0319e189-ed46-4a62-ab20-0772cd857e58 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {6CCBBA79-739B-46D6-89B9-CAD84C10AE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {6D009A6D-6F44-486F-97A9-AC8E065343E9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-04-08] (Lenovo)
Task: {70C74E9C-1BEC-4F1B-B63E-17E27FD77BCA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {76F74B65-C124-4042-BCE2-E10A290B4050} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-12-01] (AVG Technologies CZ, s.r.o.)
Task: {86A11964-58D6-44A5-AD9F-5E19BC0F63C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-10] (Dropbox, Inc.)
Task: {8D1121DC-C9C1-4AF8-A697-AF345F84C62C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {99CAD5DC-537C-4A37-B528-E6F4DDFE2EE1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-02] (Lenovo)
Task: {9BDFEE6B-68A3-47D1-9037-F1F606DDC8C7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-10] (Dropbox, Inc.)
Task: {9E2392B8-DB7C-4F06-867C-576AF6E572E2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2735736808-2654838343-107945157-1002 => C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9EDA433F-53AC-4A10-9D12-542B03ED36E4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {A89959B8-2650-4DED-8D74-35F25C87124F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {AD615A98-17DC-4AE9-AF5C-CAC53C15772C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B22764AD-BB02-465F-8BA8-434A1B97DF87} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {C0E311BF-B1B4-4B0C-9AEF-D5E8D7E52133} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {C8D0E116-0033-44A5-8F5B-66AB43098D26} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {CAF0A379-3292-4D9E-AB99-0A223E590CFA} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {D2667C53-B7CB-40F8-97EF-7CE5B4D64D8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {D62A6C29-7F6D-45A3-A70A-185490BFCC86} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {D7CD76D8-8057-498D-B45D-45843274682C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {DCBE5256-01A9-410B-BE17-6765F722E98E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {DFC3023F-5BB4-42F6-84B7-2E854ED9A876} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {E2ED8E5A-4905-48DA-AE66-AE82213B2C2D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-09] (AVAST Software)
Task: {F3E08086-4530-402A-BB1E-3128AEE786F4} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\340bfde0-1b11-4a2a-8d7c-cfcd178de4e5 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {F5BC45B9-9835-4CC5-A2F2-951DEDAA5A81} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-04-22] (CyberLink Corp.)
Task: {F6ADD9AE-61BE-4D5A-BD43-334DBBB49B65} - no filepath
Task: {FB6A0EE1-A67B-4A63-BD86-E3022386A32F} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\ellyv\Desktop\9292.nl.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cchjalmelmfeacgpmfkaijiehcfikmkf
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\9292.nl.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cchjalmelmfeacgpmfkaijiehcfikmkf
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Geneesmiddeleninformatiebank _ Colleg.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aladggpbnejlfndpfngbmaloofeggjng

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 000028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2018-12-01 18:46 - 2017-03-04 06:31 - 000185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2018-12-01 18:41 - 2017-09-05 10:31 - 002656960 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-28 14:09 - 2015-09-28 14:09 - 000043976 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll
2016-04-09 02:11 - 2017-05-26 05:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-13 13:54 - 2016-02-13 13:54 - 000093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 11:04 - 2016-07-01 04:48 - 000472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2018-12-01 18:39 - 2017-03-04 04:19 - 007992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-12-01 18:41 - 2017-03-04 04:14 - 000591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-01 18:39 - 2017-09-05 05:03 - 002483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2018-12-01 18:39 - 2017-09-05 05:06 - 004089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-14 03:41 - 2010-10-26 11:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-04-19 13:34 - 2016-04-19 13:35 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2018-11-23 09:52 - 2018-11-08 23:14 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libglesv2.dll
2018-11-23 09:52 - 2018-11-08 23:14 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\libegl.dll
2016-11-18 14:22 - 2016-04-22 09:55 - 000884504 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2016-11-18 14:22 - 2016-04-22 09:49 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-23 09:47 - 2018-11-06 14:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-23 09:47 - 2018-11-06 14:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-23 09:47 - 2018-11-06 14:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 011144016 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-23 09:47 - 2018-11-06 14:08 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-23 09:47 - 2018-11-06 14:09 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-11-23 09:47 - 2018-11-06 14:08 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2016-04-19 13:34 - 2016-04-19 13:35 - 000141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 13:34 - 2016-04-19 13:35 - 022284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2018-08-12 12:44 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.2.254 - 213.75.63.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "snp2uvc"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{10F47908-09E1-43FB-8F53-7F13AA7A007A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EEBDC07C-A7B1-4D4E-B806-9C6C9C1CD355}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C9EB6BF2-AFBC-4D32-9A9A-7F88159F0D8A}] => (Allow) C:\Users\ellyv\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{B6A3F415-917F-4FA8-A6A7-1617AB5C9FAA}C:\users\ellyv\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ellyv\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{95A5DE96-236D-4867-9F63-B70EB4254974}C:\users\ellyv\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ellyv\appdata\roaming\spotify\spotify.exe
FirewallRules: [{606A2D9B-A845-4F35-8363-4883F4E789B0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DA8474F9-9E9C-4377-A6A8-C48510B5D5EC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9961AB58-66E6-4EAE-BE19-E30E326C2E36}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0264\HPDiagnosticCoreUI.exe
FirewallRules: [{3C49CCD5-6B8A-4BC8-BF2C-F58E53D174D7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0264\HPDiagnosticCoreUI.exe
FirewallRules: [{60EAD058-8F42-4BD0-BF2A-ECCD73202821}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{44656FC5-F3BD-4E4D-AEB6-94818693470F}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{C0CAC7F8-5F05-4F20-B538-2C8CAB4C7611}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{717B3C4C-1DE0-4520-8C28-4675D175A165}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{E19B4459-6F0E-4CF2-B16B-7D924220035B}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS75FB\HPDiagnosticCoreUI.exe
FirewallRules: [{A4994372-0343-4DDF-B112-567C68C6128F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS75FB\HPDiagnosticCoreUI.exe
FirewallRules: [{39B9B249-F34D-449D-8A38-0E8E70D1561F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7664\HPDiagnosticCoreUI.exe
FirewallRules: [{0C26C4E7-E4FF-413E-8342-30DA30C646A7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7664\HPDiagnosticCoreUI.exe
FirewallRules: [{40D63352-9377-4AAB-95CC-6559943D4C6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B27428C7-2FD5-4A57-960B-573402963EA1}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5D00\HPDiagnosticCoreUI.exe
FirewallRules: [{1C7600CA-5933-4272-9FF9-D8BE8C5FEE21}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5D00\HPDiagnosticCoreUI.exe
FirewallRules: [{7CCD630E-82CF-4F34-A056-E972DA586537}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DE1\HPDiagnosticCoreUI.exe
FirewallRules: [{A4404D6C-5772-4140-AC7B-84CFA4DED51E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DE1\HPDiagnosticCoreUI.exe
FirewallRules: [{4EE10564-4FE0-4309-806A-5EA3F52B57F9}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5E57\HPDiagnosticCoreUI.exe
FirewallRules: [{722868B0-8F8D-4BDE-9C52-CF5A76A99DCF}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5E57\HPDiagnosticCoreUI.exe
FirewallRules: [{6384F862-F318-425F-BE21-B2721E9F8A9B}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0906\HPDiagnosticCoreUI.exe
FirewallRules: [{374F8C59-F213-4BAB-98DC-10C0D26C7666}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0906\HPDiagnosticCoreUI.exe
FirewallRules: [{63770F39-5461-430F-A2CC-006B2B2B3348}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6031\HPDiagnosticCoreUI.exe
FirewallRules: [{4D2B6188-78AA-4A49-A78A-12328361B663}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6031\HPDiagnosticCoreUI.exe
FirewallRules: [{47A73E54-FD6E-4D82-A0DA-AD98A9952C86}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6AB3\HPDiagnosticCoreUI.exe
FirewallRules: [{ADF6075B-8714-4AD5-AC4A-2DC66857E853}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6AB3\HPDiagnosticCoreUI.exe
FirewallRules: [{D7F68F1B-0EA8-423A-BC73-926E5749CFAA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7710\HPDiagnosticCoreUI.exe
FirewallRules: [{4A3DB6AB-19E4-415C-8F21-28C5E417EADC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7710\HPDiagnosticCoreUI.exe
FirewallRules: [{AC9B041D-C6CD-40CD-92CD-3C25CD944FE1}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7803\HPDiagnosticCoreUI.exe
FirewallRules: [{94966B9A-9C71-4178-9E53-BF3C4082A395}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7803\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{1A2AF155-E237-483F-A523-05161AF8C61A}C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe
FirewallRules: [UDP Query User{EC32C003-A25A-4BC0-B927-C8640DC3E25F}C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe
FirewallRules: [{56849570-AD9F-4F81-A800-61EFD7B6F2CA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A0C\HPDiagnosticCoreUI.exe
FirewallRules: [{ADB67FE1-3191-4E20-A006-0169D7F0F268}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A0C\HPDiagnosticCoreUI.exe
FirewallRules: [{CAE0C315-8614-44A3-BE0E-4BDE539508A4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A1C\HPDiagnosticCoreUI.exe
FirewallRules: [{7DB84F7B-B5AE-450B-A4F3-555934F4967D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A1C\HPDiagnosticCoreUI.exe
FirewallRules: [{F2FB6735-D5D2-4CB2-9B20-57D87953FE9D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS78E2\HPDiagnosticCoreUI.exe
FirewallRules: [{438DB04C-D044-41AC-889E-344017879DAC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS78E2\HPDiagnosticCoreUI.exe
FirewallRules: [{9FD7956B-99EE-4D1A-80E4-E3413048A789}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{DA015CA8-9259-447D-88D6-64A891743E20}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{16DF9730-F458-43D7-8325-F473EFCB8F13}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{5694D428-9F92-4BB6-951C-9D1DC3AE0B65}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [{6644E707-FB15-443A-8D07-FDE896B5446C}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [TCP Query User{33427D2C-11C9-4C65-8BC1-8F3B783D6BF3}C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe
FirewallRules: [UDP Query User{021E436D-99DE-4590-848F-CD493BA5370D}C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe
FirewallRules: [{EE2DF25C-27D0-4F1C-83E3-4831CA9E9743}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{DB832B7F-6F26-48E9-813B-EFDE086F1BA4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CC1A62DA-370C-424F-82BE-B5B1E29ABB13}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{856B594B-13A3-4676-BED7-30BE6543BFEF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{97A5C268-7520-4D15-886B-D64EBA218FA4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0479\HPDiagnosticCoreUI.exe
FirewallRules: [{FA5E27D5-DF68-44EB-B36F-7C6452610C17}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0479\HPDiagnosticCoreUI.exe
FirewallRules: [{A0F7FC11-7D57-4025-A34E-1647A97A3E3D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0546\HPDiagnosticCoreUI.exe
FirewallRules: [{8522F575-47DA-45F9-A2DA-FDE0840A081F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0546\HPDiagnosticCoreUI.exe
FirewallRules: [{CC98459C-8840-4725-85CD-2F2AFAB41F6E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS14B2\HPDiagnosticCoreUI.exe
FirewallRules: [{A1D53F6A-EF4E-4EF0-86FA-596500F60C15}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS14B2\HPDiagnosticCoreUI.exe
FirewallRules: [{8BDD9D25-8BC4-4CCB-B7B6-7F205240CFDE}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS410C\HPDiagnosticCoreUI.exe
FirewallRules: [{3983138B-4855-4C93-BCC2-9E8E4952A7E4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS410C\HPDiagnosticCoreUI.exe
FirewallRules: [{CA02FD25-6CEA-42AF-8F0A-BEAACA5AA1E4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS43E7\HPDiagnosticCoreUI.exe
FirewallRules: [{58675944-7BCD-4DC3-802B-623040B7F915}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS43E7\HPDiagnosticCoreUI.exe
FirewallRules: [{5E784CA1-2E3E-4BEA-9E7C-D98ECA242FC5}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2A89\HPDiagnosticCoreUI.exe
FirewallRules: [{A7B07598-6CBC-4E35-8C9E-3F4DC0614F0D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2A89\HPDiagnosticCoreUI.exe
FirewallRules: [{05E78E18-F8BD-498F-895B-A2F2335AF21D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2B02\HPDiagnosticCoreUI.exe
FirewallRules: [{CAC7A73E-96E3-4891-969D-F3A8AF38FDC7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2B02\HPDiagnosticCoreUI.exe
FirewallRules: [{E19C77F2-02A9-46AE-8C75-460DDB4CEA6E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS02C0\HPDiagnosticCoreUI.exe
FirewallRules: [{212F1C86-013B-4E8E-893D-5677A26192FA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS02C0\HPDiagnosticCoreUI.exe
FirewallRules: [{31293D6F-E4F6-4DB6-AA95-FE217449C42D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{F98A2181-B166-45C9-A2D6-15BC9B72957E}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D97E0177-B5D5-4D5F-90E1-D7096EF133BA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS00B7\HPDiagnosticCoreUI.exe
FirewallRules: [{6B432E30-93F4-40CE-9ECC-C78AD2963DB0}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS00B7\HPDiagnosticCoreUI.exe
FirewallRules: [{67FF1088-6161-42EA-9307-DB278B41EEBC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1024\HPDiagnosticCoreUI.exe
FirewallRules: [{FADE62D6-C15D-4B51-990B-B5E79F189F92}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1024\HPDiagnosticCoreUI.exe
FirewallRules: [{9860A7CC-696A-4956-A172-5D39796E35E9}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{42D94DB6-93F4-44DE-B878-8736B9C24ECA}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe

==================== Restore Points =========================

01-12-2018 15:50:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/04/2018 04:34:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: LAPTOP-V74MEMEU)
Description: Produkt: Windows Defender -- Die Installation dieser Software ist nicht notwendig, weil Windows Defender in Windows Vista enthalten ist. Über den Abschnitt "Sicherheit" in der Windows-Systemsteuerung greifen Sie auf Windows Defender zu.

Error: (12/03/2018 08:45:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Cortana_cw5n1h2txyewy!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/03/2018 08:26:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/03/2018 05:01:47 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.CloudExperienceHost_cw5n1h2txyewy!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/02/2018 01:20:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/01/2018 10:03:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/01/2018 09:23:51 PM) (Source: Perflib) (EventID: 1017) (User: )
Description: Het verzamelen van prestatiemeteritemgegevens van de Outlook-service is uitgeschakeld vanwege één of meer fouten die zijn gegenereerd door het DLL-bestand voor prestatiemeteritems voor die service. De fout(en) die deze actie heeft/hebben veroorzaakt, zijn naar het gebeurtenislogboek Toepassing geschreven. De fout(en) moet(en) worden hersteld voordat de prestatiemeteritems voor deze service weer worden ingeschakeld.

Error: (12/01/2018 09:23:51 PM) (Source: Perflib) (EventID: 1021) (User: )
Description: Kan het 32-bits DLL-bestand voor uitbreidbare items Outlook niet openen in een 64-bits omgeving. Neem contact op met de fabrikant voor een 64-bits versie van het bestand. U kunt ook het 32-bits DLL-bestand voor uitbreidbare items openen met behulp van de 32-bits versie van Prestatiemeter. Ga naar de map Windows, ga naar Syswow64 en start Perfmon.exe als u dit hulpprogramma wilt gebruiken.


System errors:
=============
Error: (12/04/2018 04:39:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_db5ed8-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/04/2018 04:39:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_db5ed8-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/04/2018 04:39:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_db5ed8-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/04/2018 04:39:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Sync Host_db5ed8-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/03/2018 08:45:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V74MEMEU)
Description: De server CortanaUI.AppXn2sqjsh234msy8bk0yaj2y6fzvwv5t10.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (12/03/2018 08:45:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_b1d5e4-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/03/2018 08:45:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_b1d5e4-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/03/2018 08:45:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_b1d5e4-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.


Windows Defender:
===================================
Date: 2016-06-16 16:25:59.190
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {070C8FBA-26A7-49BE-A532-14BBD9F89AD8}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-29 09:32:13.642
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {2BB8B3AC-4650-4784-993E-098A3F4E464C}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:54:48.827
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {E50FE4E2-C475-4AA5-A427-AF70DBC3B145}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:49:37.778
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {0195555C-DDEA-4B3C-A0B9-B06E2BADE186}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:39:19.869
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {DAD1C916-4886-403A-8FB7-8BBC1E46D9F3}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Systeem voor netwerkinspectie
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Gedragscontrole
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-05-16 15:12:38.568
Description:
Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen.
Nieuwe handtekeningversie:
Vorige handtekeningversie: 1.219.1805.0
Bron update: Microsoft-updateserver
Type handtekening: AntiVirus
Type update: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.12706.0
Foutcode: 0x80240016
Foutbeschrijving: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2016-05-16 15:12:38.567
Description:
Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen.
Nieuwe handtekeningversie:
Vorige handtekeningversie: 1.219.1805.0
Bron update: Microsoft-updateserver
Type handtekening: AntiVirus
Type update: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.12706.0
Foutcode: 0x80240016
Foutbeschrijving: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2018-12-01 21:59:41.563
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 21:32:14.456
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 19:40:07.126
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-10 12:16:55.709
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 11:04:28.440
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-29 18:26:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-12 12:11:03.614
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-03-18 11:43:41.358
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 58%
Total physical RAM: 4017.08 MB
Available physical RAM: 1651.32 MB
Total Virtual: 8113.08 MB
Available Virtual: 5036.44 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:418.63 GB) (Free:318.88 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.95 GB) NTFS

\\?\Volume{0a842552-3f15-4a13-b737-aea845fd43ff}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{793e7f81-fe9f-41c0-92f5-fc886651dd2a}\ (LENOVO_PART) (Fixed) (Total:19.91 GB) (Free:5.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 552C2E96)

Partition: GPT.

==================== End of Addition.txt ============================
sorry,maar waar heb je mijn topuc naar toe verplaatst?
 
Hallo Hans, het posten van het Additional scan result of Farbar Recovery Scan Tool heb je keurig gedaan.

Maar ik mis het o zo belangrijke frst hoofd log!
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by ellyv (06-12-2018 18:49:55)
Running from C:\Users\ellyv\Downloads
Windows 10 Home Version 1511 10586.1176 (X64) (2016-04-14 03:09:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2735736808-2654838343-107945157-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2735736808-2654838343-107945157-503 - Limited - Disabled)
ellyv (S-1-5-21-2735736808-2654838343-107945157-1001 - Administrator - Enabled) => C:\Users\ellyv
Guest (S-1-5-21-2735736808-2654838343-107945157-501 - Limited - Disabled)
hansv (S-1-5-21-2735736808-2654838343-107945157-1002 - Limited - Enabled) => C:\Users\hansv

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6229 - CDBurnerXP)
Components (HKLM-x32\...\{1720B0E0-C520-43A6-B677-97A1D80F3B99}) (Version: 1.0.023.00 - Lenovo) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.4.0 - Conexant)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.6.5.1 - Dolby Laboratories Inc)
Dropbox (HKLM-x32\...\Dropbox) (Version: 61.4.95 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Earth Pro (HKLM\...\{F914BC59-918A-498F-B2E3-B274C9CB48A8}) (Version: 7.3.2.5491 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP Photo Creations (HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\HP Photo Creations) (Version: 1.0.0.22192 - HP)
HP Photosmart 5520 series Basissoftware van het apparaat (HKLM\...\{D2FFE8A1-980E-4CF9-A48F-453D767BA661}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photosmart 5520 series Help (HKLM-x32\...\{193C95A3-E4D5-4482-A9C9-1510E29849E4}) (Version: 27.0.0 - Hewlett Packard)
HP Photosmart 5520 series Productverbeteringsonderzoek (HKLM\...\{ABDD5DC4-E37C-40E1-AB1C-601AA7F7D383}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{DC5673D2-228D-45BC-B9BB-9610CE67DFC0}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{88540041-fd0c-4588-9b2f-251e29f7c5a1}) (Version: 18.40.4 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 6.0.1325.4_WHQL - Sonix)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.1.5222.01 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo Solution Center (HKLM\...\{A5591EC4-8AD6-48EE-9F8D-FACFA8BA4E35}) (Version: 3.0.002.00 - Lenovo)
Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech)
Metric Collection SDK (HKLM-x32\...\{DDAA788F-52E6-44EA-ADB8-92837B11BF26}) (Version: 1.1.0012.00 - Lenovo Group Limited) Hidden
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.6.0 - Mozilla)
O&O Defrag Free Edition (HKLM\...\{C10CAF82-9D36-4D9A-9DC0-C4549F06B519}) (Version: 14.1.431 - O&O Software GmbH)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.5.004.8 - Lenovo)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
SafeZone Stable 1.51.2220.62 (HKLM-x32\...\SafeZone 1.51.2220.62) (Version: 1.51.2220.62 - Avast Software) Hidden
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{52C1DD03-104E-4AC6-9DC6-21D585721ED1}) (Version: 1.19.0.0 - Microsoft Corporation) Hidden
UpdateAssistant (HKLM\...\{57D07AAD-97E2-4E16-89C4-1A3C51BC9C98}) (Version: 1.16.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-2735736808-2654838343-107945157-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe => No File
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2018-11-06] (Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-05-26] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-16] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-16] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {16E58023-544D-44B1-B064-5E2D8F6C5645} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {249F4D09-B379-4FF8-ACAD-8EBD012E9C6E} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {2A3234F3-E231-4FAA-8882-B5A1E4422B1A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {2B63F229-2ACB-43CC-9769-7E8C4CF15A1E} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {2F93CBF9-AF2B-471C-93F7-F30BD871A44B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-16] (Adobe Systems Incorporated)
Task: {4F6E06A6-2D75-4A15-AAD5-1CACC2F2D97C} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-07-02] (Lenovo)
Task: {567564F6-4A47-4F8A-87A2-2B35CF49FA7A} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {6CCBBA79-739B-46D6-89B9-CAD84C10AE8B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {6D009A6D-6F44-486F-97A9-AC8E065343E9} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2016-04-08] (Lenovo)
Task: {70C74E9C-1BEC-4F1B-B63E-17E27FD77BCA} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {76F74B65-C124-4042-BCE2-E10A290B4050} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-12-01] (AVG Technologies CZ, s.r.o.)
Task: {86A11964-58D6-44A5-AD9F-5E19BC0F63C2} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-10] (Dropbox, Inc.)
Task: {86D19588-C065-4FF1-A13E-6BBCC7583D6C} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2cc8ff64-d767-4d66-84c5-b2ea1bfda209 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {8D1121DC-C9C1-4AF8-A697-AF345F84C62C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {99CAD5DC-537C-4A37-B528-E6F4DDFE2EE1} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-07-02] (Lenovo)
Task: {9BDFEE6B-68A3-47D1-9037-F1F606DDC8C7} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-08-10] (Dropbox, Inc.)
Task: {9E2392B8-DB7C-4F06-867C-576AF6E572E2} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2735736808-2654838343-107945157-1002 => C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {9EDA433F-53AC-4A10-9D12-542B03ED36E4} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {A89959B8-2650-4DED-8D74-35F25C87124F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {AA0A5975-4B7A-4687-99BC-B1AC4F486E13} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\2365a6f1-9026-4d82-99f0-965f19453b71 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {AD615A98-17DC-4AE9-AF5C-CAC53C15772C} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {B22764AD-BB02-465F-8BA8-434A1B97DF87} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-07-02] ()
Task: {C0E311BF-B1B4-4B0C-9AEF-D5E8D7E52133} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => %windir%\system32\sc.exe START ImControllerService
Task: {C8CBAD8B-856A-411E-BB0A-8D2DD2E9C441} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\95f8f94a-2226-4fd9-b8ba-f35c0736cb60 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {C8D0E116-0033-44A5-8F5B-66AB43098D26} - System32\Tasks\HPCustParticipation HP Photosmart 5520 series => C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {CAF0A379-3292-4D9E-AB99-0A223E590CFA} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {D2667C53-B7CB-40F8-97EF-7CE5B4D64D8C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-06-09] (Google Inc.)
Task: {D62A6C29-7F6D-45A3-A70A-185490BFCC86} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2015-07-08] (Lenovo)
Task: {D7CD76D8-8057-498D-B45D-45843274682C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {DC2F0105-445B-4233-ABB8-8326C52745E0} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\9d60a2e0-2854-40f0-b7e5-d03f347e9c4c => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {DCBE5256-01A9-410B-BE17-6765F722E98E} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-11-16] (Lenovo Group Ltd.)
Task: {DFC3023F-5BB4-42F6-84B7-2E854ED9A876} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-12] (AVAST Software)
Task: {E2ED8E5A-4905-48DA-AE66-AE82213B2C2D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-09] (AVAST Software)
Task: {F5BC45B9-9835-4CC5-A2F2-951DEDAA5A81} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-04-22] (CyberLink Corp.)
Task: {F6ADD9AE-61BE-4D5A-BD43-334DBBB49B65} - no filepath
Task: {FB6A0EE1-A67B-4A63-BD86-E3022386A32F} - no filepath

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\ellyv\Desktop\9292.nl.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cchjalmelmfeacgpmfkaijiehcfikmkf
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\9292.nl.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cchjalmelmfeacgpmfkaijiehcfikmkf
ShortcutWithArgument: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Geneesmiddeleninformatiebank _ Colleg.._.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=aladggpbnejlfndpfngbmaloofeggjng

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 08:17 - 2015-10-30 08:17 - 000028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2018-12-01 18:46 - 2017-03-04 06:31 - 000185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2018-12-01 18:41 - 2017-09-05 10:31 - 002656960 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-09-28 14:09 - 2015-09-28 14:09 - 000043976 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll
2016-04-09 02:11 - 2017-05-26 05:11 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-02-13 13:54 - 2016-02-13 13:54 - 000093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 11:04 - 2016-07-01 04:48 - 000472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2018-12-01 18:39 - 2017-03-04 04:19 - 007992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-12-01 18:41 - 2017-03-04 04:14 - 000591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-01 18:39 - 2017-09-05 05:03 - 002483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2018-12-01 18:39 - 2017-09-05 05:06 - 004089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-14 03:41 - 2010-10-26 11:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2016-04-19 13:34 - 2016-04-19 13:35 - 000144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-11-18 14:22 - 2016-04-22 09:55 - 000884504 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\Kernel\Boomerang\UNO.dll
2016-11-18 14:22 - 2016-04-22 09:49 - 000081920 _____ () C:\Program Files (x86)\Lenovo\Lenovo Photo Master\koan\_ctypes.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 001141064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-11-23 09:47 - 2018-11-06 14:06 - 002103112 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025456 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000142312 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001953640 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000118232 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes35.dll
2018-11-23 09:47 - 2018-11-06 14:06 - 000109024 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000083784 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000418776 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom35.dll
2018-11-23 09:47 - 2018-11-06 14:08 - 000074072 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000049128 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000026600 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000131552 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000182752 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027616 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000119272 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000401752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000028640 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000034664 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000061792 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000023520 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000053736 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000065504 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025944 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000068968 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000027488 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000032224 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000156504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000092488 _____ () C:\Program Files (x86)\Dropbox\Client\sip.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001778000 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000518992 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000052056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 001929552 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 003821392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000044888 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000132944 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000218456 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000205656 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000061408 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000051552 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000027624 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000033632 _____ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028008 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000031600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000486880 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000102736 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000029040 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 011144016 _____ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000029024 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-11-23 09:47 - 2018-11-06 14:08 - 000036712 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000272208 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000433992 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-11-23 09:47 - 2018-11-06 14:09 - 000035680 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000025920 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-11-23 09:47 - 2018-11-06 14:08 - 001592128 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-11-23 09:47 - 2018-11-06 14:09 - 000095592 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025960 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000029544 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000025448 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:09 - 000028520 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp35-win32.pyd
2018-11-23 09:47 - 2018-11-06 14:08 - 000037200 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp35-win32.pyd
2016-04-19 13:34 - 2016-04-19 13:35 - 000141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 13:34 - 2016-04-19 13:35 - 022284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-07-10 12:04 - 2018-08-12 12:44 - 000000826 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 192.168.2.254 - 213.75.63.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "snp2uvc"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{10F47908-09E1-43FB-8F53-7F13AA7A007A}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{EEBDC07C-A7B1-4D4E-B806-9C6C9C1CD355}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{C9EB6BF2-AFBC-4D32-9A9A-7F88159F0D8A}] => (Allow) C:\Users\ellyv\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [TCP Query User{B6A3F415-917F-4FA8-A6A7-1617AB5C9FAA}C:\users\ellyv\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ellyv\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{95A5DE96-236D-4867-9F63-B70EB4254974}C:\users\ellyv\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\ellyv\appdata\roaming\spotify\spotify.exe
FirewallRules: [{606A2D9B-A845-4F35-8363-4883F4E789B0}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{DA8474F9-9E9C-4377-A6A8-C48510B5D5EC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{9961AB58-66E6-4EAE-BE19-E30E326C2E36}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0264\HPDiagnosticCoreUI.exe
FirewallRules: [{3C49CCD5-6B8A-4BC8-BF2C-F58E53D174D7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0264\HPDiagnosticCoreUI.exe
FirewallRules: [{60EAD058-8F42-4BD0-BF2A-ECCD73202821}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{44656FC5-F3BD-4E4D-AEB6-94818693470F}] => (Allow) C:\Program Files (x86)\Nero\Nero TuneItUp\TuneItUp.exe
FirewallRules: [{C0CAC7F8-5F05-4F20-B538-2C8CAB4C7611}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoPlus.exe
FirewallRules: [{717B3C4C-1DE0-4520-8C28-4675D175A165}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe
FirewallRules: [{E19B4459-6F0E-4CF2-B16B-7D924220035B}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS75FB\HPDiagnosticCoreUI.exe
FirewallRules: [{A4994372-0343-4DDF-B112-567C68C6128F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS75FB\HPDiagnosticCoreUI.exe
FirewallRules: [{39B9B249-F34D-449D-8A38-0E8E70D1561F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7664\HPDiagnosticCoreUI.exe
FirewallRules: [{0C26C4E7-E4FF-413E-8342-30DA30C646A7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7664\HPDiagnosticCoreUI.exe
FirewallRules: [{40D63352-9377-4AAB-95CC-6559943D4C6C}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{B27428C7-2FD5-4A57-960B-573402963EA1}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5D00\HPDiagnosticCoreUI.exe
FirewallRules: [{1C7600CA-5933-4272-9FF9-D8BE8C5FEE21}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5D00\HPDiagnosticCoreUI.exe
FirewallRules: [{7CCD630E-82CF-4F34-A056-E972DA586537}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DE1\HPDiagnosticCoreUI.exe
FirewallRules: [{A4404D6C-5772-4140-AC7B-84CFA4DED51E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5DE1\HPDiagnosticCoreUI.exe
FirewallRules: [{4EE10564-4FE0-4309-806A-5EA3F52B57F9}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5E57\HPDiagnosticCoreUI.exe
FirewallRules: [{722868B0-8F8D-4BDE-9C52-CF5A76A99DCF}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS5E57\HPDiagnosticCoreUI.exe
FirewallRules: [{6384F862-F318-425F-BE21-B2721E9F8A9B}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0906\HPDiagnosticCoreUI.exe
FirewallRules: [{374F8C59-F213-4BAB-98DC-10C0D26C7666}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0906\HPDiagnosticCoreUI.exe
FirewallRules: [{63770F39-5461-430F-A2CC-006B2B2B3348}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6031\HPDiagnosticCoreUI.exe
FirewallRules: [{4D2B6188-78AA-4A49-A78A-12328361B663}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6031\HPDiagnosticCoreUI.exe
FirewallRules: [{47A73E54-FD6E-4D82-A0DA-AD98A9952C86}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6AB3\HPDiagnosticCoreUI.exe
FirewallRules: [{ADF6075B-8714-4AD5-AC4A-2DC66857E853}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS6AB3\HPDiagnosticCoreUI.exe
FirewallRules: [{D7F68F1B-0EA8-423A-BC73-926E5749CFAA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7710\HPDiagnosticCoreUI.exe
FirewallRules: [{4A3DB6AB-19E4-415C-8F21-28C5E417EADC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7710\HPDiagnosticCoreUI.exe
FirewallRules: [{AC9B041D-C6CD-40CD-92CD-3C25CD944FE1}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7803\HPDiagnosticCoreUI.exe
FirewallRules: [{94966B9A-9C71-4178-9E53-BF3C4082A395}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS7803\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{1A2AF155-E237-483F-A523-05161AF8C61A}C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe
FirewallRules: [UDP Query User{EC32C003-A25A-4BC0-B927-C8640DC3E25F}C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs7d87\enterprisedu.exe
FirewallRules: [{56849570-AD9F-4F81-A800-61EFD7B6F2CA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A0C\HPDiagnosticCoreUI.exe
FirewallRules: [{ADB67FE1-3191-4E20-A006-0169D7F0F268}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A0C\HPDiagnosticCoreUI.exe
FirewallRules: [{CAE0C315-8614-44A3-BE0E-4BDE539508A4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A1C\HPDiagnosticCoreUI.exe
FirewallRules: [{7DB84F7B-B5AE-450B-A4F3-555934F4967D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1A1C\HPDiagnosticCoreUI.exe
FirewallRules: [{F2FB6735-D5D2-4CB2-9B20-57D87953FE9D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS78E2\HPDiagnosticCoreUI.exe
FirewallRules: [{438DB04C-D044-41AC-889E-344017879DAC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS78E2\HPDiagnosticCoreUI.exe
FirewallRules: [{9FD7956B-99EE-4D1A-80E4-E3413048A789}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{DA015CA8-9259-447D-88D6-64A891743E20}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{16DF9730-F458-43D7-8325-F473EFCB8F13}] => (Allow) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{5694D428-9F92-4BB6-951C-9D1DC3AE0B65}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [{6644E707-FB15-443A-8D07-FDE896B5446C}] => (Allow) C:\Program Files\Acrylic Wi-Fi Home\Acrylic.exe
FirewallRules: [TCP Query User{33427D2C-11C9-4C65-8BC1-8F3B783D6BF3}C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe
FirewallRules: [UDP Query User{021E436D-99DE-4590-848F-CD493BA5370D}C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe] => (Block) C:\users\ellyv\appdata\local\temp\7zs2a0c\enterprisedu.exe
FirewallRules: [{EE2DF25C-27D0-4F1C-83E3-4831CA9E9743}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{DB832B7F-6F26-48E9-813B-EFDE086F1BA4}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{CC1A62DA-370C-424F-82BE-B5B1E29ABB13}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{856B594B-13A3-4676-BED7-30BE6543BFEF}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{97A5C268-7520-4D15-886B-D64EBA218FA4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0479\HPDiagnosticCoreUI.exe
FirewallRules: [{FA5E27D5-DF68-44EB-B36F-7C6452610C17}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0479\HPDiagnosticCoreUI.exe
FirewallRules: [{A0F7FC11-7D57-4025-A34E-1647A97A3E3D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0546\HPDiagnosticCoreUI.exe
FirewallRules: [{8522F575-47DA-45F9-A2DA-FDE0840A081F}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS0546\HPDiagnosticCoreUI.exe
FirewallRules: [{CC98459C-8840-4725-85CD-2F2AFAB41F6E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS14B2\HPDiagnosticCoreUI.exe
FirewallRules: [{A1D53F6A-EF4E-4EF0-86FA-596500F60C15}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS14B2\HPDiagnosticCoreUI.exe
FirewallRules: [{8BDD9D25-8BC4-4CCB-B7B6-7F205240CFDE}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS410C\HPDiagnosticCoreUI.exe
FirewallRules: [{3983138B-4855-4C93-BCC2-9E8E4952A7E4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS410C\HPDiagnosticCoreUI.exe
FirewallRules: [{CA02FD25-6CEA-42AF-8F0A-BEAACA5AA1E4}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS43E7\HPDiagnosticCoreUI.exe
FirewallRules: [{58675944-7BCD-4DC3-802B-623040B7F915}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS43E7\HPDiagnosticCoreUI.exe
FirewallRules: [{5E784CA1-2E3E-4BEA-9E7C-D98ECA242FC5}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2A89\HPDiagnosticCoreUI.exe
FirewallRules: [{A7B07598-6CBC-4E35-8C9E-3F4DC0614F0D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2A89\HPDiagnosticCoreUI.exe
FirewallRules: [{05E78E18-F8BD-498F-895B-A2F2335AF21D}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2B02\HPDiagnosticCoreUI.exe
FirewallRules: [{CAC7A73E-96E3-4891-969D-F3A8AF38FDC7}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS2B02\HPDiagnosticCoreUI.exe
FirewallRules: [{E19C77F2-02A9-46AE-8C75-460DDB4CEA6E}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS02C0\HPDiagnosticCoreUI.exe
FirewallRules: [{212F1C86-013B-4E8E-893D-5677A26192FA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS02C0\HPDiagnosticCoreUI.exe
FirewallRules: [{31293D6F-E4F6-4DB6-AA95-FE217449C42D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D97E0177-B5D5-4D5F-90E1-D7096EF133BA}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS00B7\HPDiagnosticCoreUI.exe
FirewallRules: [{6B432E30-93F4-40CE-9ECC-C78AD2963DB0}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS00B7\HPDiagnosticCoreUI.exe
FirewallRules: [{67FF1088-6161-42EA-9307-DB278B41EEBC}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1024\HPDiagnosticCoreUI.exe
FirewallRules: [{FADE62D6-C15D-4B51-990B-B5E79F189F92}] => (Allow) C:\Users\ellyv\AppData\Local\Temp\7zS1024\HPDiagnosticCoreUI.exe
FirewallRules: [{9860A7CC-696A-4956-A172-5D39796E35E9}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{42D94DB6-93F4-44DE-B878-8736B9C24ECA}] => (Allow) C:\Program Files\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{364548DA-7CF0-4381-B37A-D5A168F5AA62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

01-12-2018 15:50:58 Windows Update
04-12-2018 20:47:00 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/05/2018 10:30:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 04:19:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 is mislukt door de fout -2147023174. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 03:52:01 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 03:01:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 01:45:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 12:49:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 10:56:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.

Error: (12/05/2018 10:10:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: LAPTOP-V74MEMEU)
Description: Het activeren van de app Microsoft.Windows.Photos_8wekyb3d8bbwe!App is mislukt door de fout -2144927141. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.


System errors:
=============
Error: (12/06/2018 01:24:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_30a7421-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/06/2018 01:24:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_30a7421-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/06/2018 01:24:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_30a7421-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/06/2018 01:24:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Sync Host_30a7421-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.

Error: (12/06/2018 01:22:13 PM) (Source: bowser) (EventID: 8016) (User: )
Description: Het browserstuurprogramma heeft te veel ongeldige datagrammen van de externe computer EXPERIA ontvangen om LAPTOP-V74MEMEU op transport NetBT_Tcpip_{4EB20D74-151E-4D10-B165-D7B3C977823E} te kunnen benoemen. Raadpleeg het datagram voor verdere gegevens.
Er worden pas weer gebeurtenissen gegenereerd nadat de herstelfrequentie is verlopen.

Error: (12/06/2018 01:18:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070652: Feature update to Windows 10, version 1803.

Error: (12/05/2018 10:30:53 PM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-V74MEMEU)
Description: De server App.AppXy9rh3t8m2jfpvhhxp6y2ksgeq77vymbq.mca heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (12/05/2018 04:28:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_29af678-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Restart the service.


Windows Defender:
===================================
Date: 2016-06-16 16:25:59.190
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {070C8FBA-26A7-49BE-A532-14BBD9F89AD8}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-29 09:32:13.642
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {2BB8B3AC-4650-4784-993E-098A3F4E464C}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:54:48.827
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {E50FE4E2-C475-4AA5-A427-AF70DBC3B145}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:49:37.778
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {0195555C-DDEA-4B3C-A0B9-B06E2BADE186}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-05-19 17:39:19.869
Description:
Scan van Windows Defender is gestopt voordat deze was voltooid.
Scan-id: {DAD1C916-4886-403A-8FB7-8BBC1E46D9F3}
Type scan: Antimalware
Scanparameters: Snelle scan
Gebruiker: NT AUTHORITY\SYSTEM

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Systeem voor netwerkinspectie
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Gedragscontrole
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-09-10 15:10:13.427
Description:
Real-timebeveiligingsonderdeel van Windows Defender heeft een fout aangetroffen en is niet uitgevoerd.
Onderdeel: Bij toegang
Foutcode: 0x8007045b
Foutbeschrijving: A system shutdown is in progress.
Reden: Antimalwarebeveiliging werkt niet meer wegens een onbekende reden. In sommige gevallen kan het probleem worden verholpen door de service opnieuw te starten.

Date: 2016-05-16 15:12:38.568
Description:
Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen.
Nieuwe handtekeningversie:
Vorige handtekeningversie: 1.219.1805.0
Bron update: Microsoft-updateserver
Type handtekening: AntiVirus
Type update: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.12706.0
Foutcode: 0x80240016
Foutbeschrijving: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2016-05-16 15:12:38.567
Description:
Windows Defender heeft een fout aangetroffen bij het bijwerken van handtekeningen.
Nieuwe handtekeningversie:
Vorige handtekeningversie: 1.219.1805.0
Bron update: Microsoft-updateserver
Type handtekening: AntiVirus
Type update: Volledig
Gebruiker: NT AUTHORITY\SYSTEM
Huidige engineversie:
Vorige engineversie: 1.1.12706.0
Foutcode: 0x80240016
Foutbeschrijving: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2018-12-05 13:11:03.730
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 21:59:41.563
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 21:32:14.456
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-12-01 19:40:07.126
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-10 12:16:55.709
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-08-05 11:04:28.440
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2018-05-29 18:26:23.689
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-04-12 12:11:03.614
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 51%
Total physical RAM: 4017.08 MB
Available physical RAM: 1942.72 MB
Total Virtual: 8113.08 MB
Available Virtual: 5391.93 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:418.63 GB) (Free:313.36 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.94 GB) NTFS

\\?\Volume{0a842552-3f15-4a13-b737-aea845fd43ff}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{793e7f81-fe9f-41c0-92f5-fc886651dd2a}\ (LENOVO_PART) (Fixed) (Total:19.91 GB) (Free:5.17 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 552C2E96)

Partition: GPT.

==================== End of Addition.txt ============================
 
Beste Hans, nu heb jij tweemaal het Additionele log geplaatst.
Daar heb ik niks aan zonder hoofdlog.

Dus let nu graag op en post het frst-log.
 
Dat probeer ik,maar het lukt niet. Er wordt ergens opgemerkt dat het frst -bestand bij het additional bestand zit. Verder zouden de twee bestanden op het buroblad verschijnen. Dat gebeurt ook niet.
In het verleden gaf dit minder problemen. Sorry.
 
Hallo Hans - alle logs moeten in deze lokatie te vinden zijn: C:\Users\ellyv\Downloads
 
Ik heb de frst-bestand. Maar mogeluk kan ik hem niet posten. Ik krijg een waaarschuwing dat het bestand te groot is. In het veleden kon ik het bestand ondanks de waarschuwing toch posten
 
Voeg dan toe aan jouw bericht door op de knop Bijlage toevoegen te klikken!
 
Ik zie de knop bijlage toevoegen niet. Ik heb wel eerst het FRST-bestand gepost.
 
Ik heb frst.txt overgebracht. (ik zie een icoon:FRST.txt. Kan nog niet posten omdat ik de vorige posting niet kan verwijdern(dat denk ik) Kan hem niet deleten. En dan is mijn file weer te groot.
 
Te groot om te posten dan wel te groot om bij te voegen?
 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by ellyv (administrator) on LAPTOP-V74MEMEU (08-12-2018 19:45:44)
Running from C:\Users\ellyv\Downloads
Loaded Profiles: ellyv (Available Profiles: ellyv & hansv)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Engels (Verenigde Staten)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Users\ellyv\AppData\Local\Microsoft\OneDrive\17.3.6816.0313\FileCoAuth.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Lenovo(beijing) Limited) C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicatorCom.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPNetworkCommunicator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18011.15918.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11712.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.274.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\ellyv\Downloads\FRST64_v01.09.2018.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-22] (Intel Corporation)
HKLM\...\Run: [OODefragTray] => C:\Program Files\OO Software\Defrag\oodtray.exe [3942216 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.)
HKLM\...\Run: [LenovoUtility] => C:\ProgramData\Lenovo\ImController\Plugins\IdeaOSDPackage\x64\utility.exe [911272 2017-07-27] (Lenovo(beijing) Limited)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3806016 2018-11-28] (Dropbox, Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [PhotoMasterImportAgent] => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterImportAgent.exe [675608 2016-04-22] (CyberLink Corp.)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\...\Run: [HP Photosmart 5520 series (NET) #2] => C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
Startup: C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk [2018-12-08]
ShortcutTarget: Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk -> C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{21971cd8-d21e-43e1-b65d-1221743d71d8}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Tcpip\..\Interfaces\{4eb20d74-151e-4d10-b165-d7b3c977823e}: [DhcpNameServer] 192.168.2.254 213.75.63.75 213.75.63.76
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> DefaultScope {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL =
SearchScopes: HKLM -> {5CEF3B5F-7E95-49AE-80CB-C667C9A7391B} URL =
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27] (AVG)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll => No File
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-05-01] [Legacy] [not signed]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-31] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-31] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2735736808-2654838343-107945157-1001: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\ellyv\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [2011-11-15] (RocketLife, LLP)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> hxxps://www.cbg-meb.nl/favicon.ico
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
CHR Profile: C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default [2018-12-05]
CHR Extension: (Presentaties) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-14]
CHR Extension: (Geneesmiddeleninformatiebank | Colleg...) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aladggpbnejlfndpfngbmaloofeggjng [2017-07-13]
CHR Extension: (Documenten) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-14]
CHR Extension: (Google Drive) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-06-09]
CHR Extension: (YouTube) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-06-09]
CHR Extension: (9292.nl) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\cchjalmelmfeacgpmfkaijiehcfikmkf [2017-07-03]
CHR Extension: (AVG Secure Search) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn [2018-07-27]
CHR Extension: (Adobe Acrobat) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-06-12]
CHR Extension: (Spreadsheets) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-14]
CHR Extension: (Offline Documenten) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-06-09]
CHR Extension: (Chrome Media Router) - C:\Users\ellyv\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-25]
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [chfdnecihphmhljaaejmgoiahnihplgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-08-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-11-28] (Dropbox, Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-22] (Intel Corporation)
S2 ibtsiva; C:\WINDOWS\system32\ibtsiva.exe [190208 2016-11-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373680 2017-05-26] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71040 2018-11-16] (Lenovo Group Ltd.)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [271296 2015-07-02] (Lenovo)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268704 2016-10-06] ()
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [3051848 2011-01-25] (O&O Software GmbH)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255608 2016-06-01] (Synaptics Incorporated)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3732896 2016-10-06] (Intel® Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230144 2016-11-11] (Intel Corporation)
S3 ldiagio_uefi; C:\Program Files\Lenovo\Lenovo Solution Center\App\ldiag\x64\ldiagio_uefi.sys [24808 2015-04-02] (Lenovo Group Limited (R))
R3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.AvrcpTransport.sys [46592 2018-04-12] (Microsoft Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2016-04-09] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2016-04-08] (Realsil Semiconductor Corporation)
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-06-03] (Synaptics Incorporated)
R3 SNP2UVC; C:\WINDOWS\system32\DRIVERS\snp2uvc.sys [3481696 2015-06-30] (Sonix Co. Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-08 21:01 - 2018-12-08 12:42 - 000000000 ____D C:\Windows.old
2018-12-08 20:56 - 2018-12-08 21:01 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-12-08 20:54 - 2018-12-08 20:56 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-12-08 20:54 - 2018-12-08 20:54 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-12-08 20:52 - 2018-12-08 20:52 - 000347800 _____ C:\WINDOWS\system32\perfi013.dat
2018-12-08 20:52 - 2018-12-08 20:52 - 000045450 _____ C:\WINDOWS\system32\perfd013.dat
2018-12-08 20:52 - 2018-12-08 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-12-08 20:52 - 2018-12-08 20:52 - 000000000 ____D C:\WINDOWS\SysWOW64\nl
2018-12-08 20:52 - 2018-12-08 20:52 - 000000000 ____D C:\WINDOWS\system32\nl
2018-12-08 20:52 - 2018-12-08 12:52 - 000786272 _____ C:\WINDOWS\system32\perfh013.dat
2018-12-08 20:52 - 2018-12-08 12:52 - 000154174 _____ C:\WINDOWS\system32\perfc013.dat
2018-12-08 20:44 - 2018-12-08 21:01 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-12-08 20:44 - 2018-12-08 20:44 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-12-08 20:44 - 2018-12-08 20:44 - 000000000 ____D C:\Program Files\MSBuild
2018-12-08 20:44 - 2018-12-08 20:44 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-12-08 20:43 - 2018-03-06 01:07 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-12-08 20:43 - 2018-03-06 01:07 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-12-08 20:43 - 2018-03-06 01:07 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-12-08 20:43 - 2018-02-15 01:21 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-12-08 20:43 - 2018-02-15 01:21 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-12-08 20:43 - 2018-02-15 01:21 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-12-08 20:42 - 2018-04-11 15:48 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-12-08 20:42 - 2018-04-11 15:45 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-12-08 20:42 - 2018-04-11 15:41 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-12-08 20:42 - 2018-04-11 14:14 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-12-08 20:42 - 2018-04-11 14:12 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-12-08 20:42 - 2018-04-11 14:09 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-12-08 20:42 - 2018-04-11 06:09 - 009481728 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0013.dll
2018-12-08 20:42 - 2017-10-30 03:03 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-12-08 20:42 - 2017-10-30 01:42 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-12-08 20:35 - 2018-12-08 20:35 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-12-08 20:35 - 2018-12-08 20:35 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-12-08 20:35 - 2018-12-08 20:35 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-12-08 20:35 - 2018-12-08 20:35 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-12-08 20:35 - 2018-12-08 20:35 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2018-12-08 20:35 - 2018-12-08 20:35 - 000245760 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2018-12-08 20:35 - 2018-12-08 20:35 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-12-08 18:05 - 2018-12-08 18:11 - 000000000 ____D C:\ProgramData\Packages
2018-12-08 12:57 - 2018-12-08 12:57 - 000162285 _____ C:\Users\ellyv\Downloads\FRST (1).txt
2018-12-08 12:56 - 2018-12-08 12:56 - 000003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2018-12-08 12:54 - 2018-12-08 12:54 - 000000000 ____D C:\Users\ellyv\AppData\Local\PlaceholderTileLogoFolder
2018-12-08 12:52 - 2018-12-08 12:52 - 000000000 ____D C:\Users\ellyv\AppData\Local\DBG
2018-12-08 12:52 - 2018-12-08 12:52 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-12-08 12:51 - 2018-12-08 12:51 - 000001417 _____ C:\Users\ellyv\Desktop\Microsoft Edge.lnk
2018-12-08 12:49 - 2018-12-08 12:49 - 000000000 ___HD C:\Users\ellyv\MicrosoftEdgeBackups
2018-12-08 12:46 - 2018-12-08 12:51 - 000000000 ____D C:\Users\ellyv\AppData\Local\ConnectedDevicesPlatform
2018-12-08 12:46 - 2018-12-08 12:46 - 000000020 ___SH C:\Users\ellyv\ntuser.ini
2018-12-08 12:41 - 2018-12-08 19:47 - 000004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{68907BAC-EA88-41EC-BAE5-4460B03819F5}
2018-12-08 12:41 - 2018-12-08 12:50 - 000004710 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-08 12:41 - 2018-12-08 12:50 - 000004532 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-12-08 12:41 - 2018-12-08 12:41 - 000003558 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2018-12-08 12:41 - 2018-12-08 12:41 - 000003544 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-12-08 12:41 - 2018-12-08 12:41 - 000003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-08 12:41 - 2018-12-08 12:41 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-12-08 12:41 - 2018-12-08 12:41 - 000003334 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2018-12-08 12:41 - 2018-12-08 12:41 - 000003320 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-12-08 12:41 - 2018-12-08 12:41 - 000003308 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{7F93C766-DCD8-4281-A140-67D126474DAF}
2018-12-08 12:41 - 2018-12-08 12:41 - 000003280 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-08 12:41 - 2018-12-08 12:41 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-08 12:41 - 2018-12-08 12:41 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2735736808-2654838343-107945157-1002
2018-12-08 12:41 - 2018-12-08 12:41 - 000002718 _____ C:\WINDOWS\System32\Tasks\HPCustParticipation HP Photosmart 5520 series
2018-12-08 12:41 - 2018-12-08 12:41 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-08 12:41 - 2018-12-08 12:41 - 000002038 _____ C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance
2018-12-08 12:41 - 2018-12-08 12:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-08 12:41 - 2018-12-08 12:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2018-12-08 12:41 - 2018-12-08 12:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2018-12-08 12:41 - 2018-12-08 12:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVG
2018-12-08 12:41 - 2018-12-08 12:41 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-12-08 12:41 - 2018-12-08 12:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-12-08 12:38 - 2018-12-08 12:41 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2018-12-08 12:38 - 2018-12-08 12:41 - 000011433 _____ C:\WINDOWS\diagerr.xml
2018-12-08 12:24 - 2018-12-08 12:24 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-12-08 12:20 - 2018-12-08 12:56 - 000002390 _____ C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-08 12:20 - 2018-12-08 12:49 - 000000000 ____D C:\Users\ellyv
2018-12-08 12:20 - 2018-12-08 12:32 - 000000000 ____D C:\Users\hansv
2018-12-08 12:20 - 2018-04-12 00:34 - 000001105 _____ C:\Users\hansv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-08 12:08 - 2018-12-08 12:08 - 000000000 ____D C:\Program Files\Common Files\Intel
2018-12-08 12:08 - 2018-12-08 12:08 - 000000000 ____D C:\Program Files (x86)\Cisco
2018-12-08 12:07 - 2018-12-08 12:07 - 000000000 ____D C:\ProgramData\USOShared
2018-12-08 12:06 - 2018-04-12 00:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-12-08 12:06 - 2017-05-26 05:12 - 000103888 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2018-12-08 12:06 - 2017-05-26 05:12 - 000099792 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2018-12-08 12:02 - 2018-12-08 19:44 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-08 12:02 - 2018-12-08 12:29 - 000411952 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-08 11:07 - 2018-12-08 11:07 - 000162288 _____ C:\Users\ellyv\Desktop\FRST.txt
2018-12-07 13:01 - 2018-12-08 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-12-04 17:13 - 2018-12-04 17:13 - 000061925 _____ C:\Users\ellyv\Desktop\Addition.txt
2018-12-04 17:00 - 2018-12-08 19:45 - 000001599 _____ C:\Users\ellyv\Desktop\FRST64_v01.09.2018 - Snelkoppeling.lnk
2018-12-04 17:00 - 2018-12-04 17:00 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64 (4).exe
2018-12-04 16:59 - 2018-12-04 16:59 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64 (3).exe
2018-12-04 16:54 - 2018-12-06 18:50 - 000061420 _____ C:\Users\ellyv\Downloads\Addition.txt
2018-12-04 16:52 - 2018-12-08 19:47 - 000019449 _____ C:\Users\ellyv\Downloads\FRST.txt
2018-12-04 16:50 - 2018-12-04 16:50 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64 (2).exe
2018-12-04 16:48 - 2018-12-04 16:48 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64 (1).exe
2018-12-04 16:47 - 2018-12-04 16:48 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64.exe
2018-12-04 16:28 - 2018-12-08 19:45 - 000000000 ____D C:\FRST
2018-12-04 16:28 - 2018-12-04 16:28 - 000000000 ____D C:\Users\ellyv\Downloads\FRST-OlderVersion
2018-12-04 16:27 - 2018-12-04 16:28 - 002417152 _____ (Farbar) C:\Users\ellyv\Downloads\FRST64_v01.09.2018.exe
2018-12-04 16:26 - 2018-12-04 16:26 - 002368143 _____ ( ) C:\Users\ellyv\Downloads\Farbar_Recovery_Scan_Tool_(64-bit)_1851729264.exe
2018-12-02 11:29 - 2018-12-02 11:30 - 000876748 _____ C:\Users\ellyv\Downloads\gpedit_installeren (1).zip
2018-12-02 11:29 - 2018-12-02 11:29 - 000876748 _____ C:\Users\ellyv\Downloads\gpedit_installeren.zip
2018-12-02 10:36 - 2018-12-08 12:30 - 000000000 __SHD C:\OSRSS
2018-12-01 21:26 - 2018-12-07 13:05 - 000000000 ____D C:\Program Files\rempl
2018-12-01 19:42 - 2018-12-02 10:50 - 000000000 ____D C:\WINDOWS\UpdateAssistant
2018-12-01 19:39 - 2018-12-08 12:46 - 000000000 ___DC C:\WINDOWS\Panther
2018-12-01 19:34 - 2018-12-01 19:34 - 000000000 ___SD C:\WINDOWS\UpdateAssistantV2
2018-12-01 19:33 - 2018-06-27 12:10 - 000131288 _____ (Microsoft Corporation) C:\WINDOWS\system32\osrss.dll
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (6).exe
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (5).exe
2018-12-01 19:18 - 2018-12-01 19:18 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (4).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (3).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (2).exe
2018-12-01 19:13 - 2018-12-01 19:13 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (1).exe
2018-12-01 19:11 - 2018-12-01 19:11 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l.exe
2018-12-01 18:56 - 2018-12-01 18:57 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (2).exe
2018-12-01 18:53 - 2018-12-01 18:53 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-12-01 18:51 - 2018-12-01 18:54 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (1).exe
2018-12-01 18:50 - 2018-12-01 18:50 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup.exe
2018-12-01 15:53 - 2018-12-01 15:53 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2018-12-01 15:00 - 2018-12-04 16:34 - 005155328 _____ C:\Users\ellyv\Downloads\windowsdefender_1.1.1593.msi
2018-11-28 14:09 - 2018-11-28 14:09 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-11-28 14:09 - 2018-11-28 14:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-11-28 14:09 - 2018-11-28 14:09 - 000047792 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-11-28 14:09 - 2018-11-28 14:09 - 000045752 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-11-27 18:55 - 2018-11-27 18:55 - 000209607 _____ C:\Users\ellyv\Downloads\Polis_586288416.pdf
2018-11-23 14:12 - 2018-11-23 14:12 - 000084406 _____ C:\Users\ellyv\Documents\schade aan keukenblad 01.09.2018-2.htm
2018-11-23 14:12 - 2018-11-23 14:12 - 000000000 ____D C:\Users\ellyv\Documents\schade aan keukenblad 01.09.2018-2_bestanden
2018-11-23 13:03 - 2018-11-16 02:44 - 000425344 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2018-11-23 13:03 - 2018-11-16 02:44 - 000206208 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2018-11-23 13:03 - 2018-11-16 02:44 - 000130432 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2018-11-23 13:03 - 2018-11-16 02:44 - 000104832 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2018-11-23 13:03 - 2018-11-16 02:44 - 000097664 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2018-11-23 13:03 - 2018-11-16 02:44 - 000053632 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2018-11-23 13:03 - 2018-11-16 02:44 - 000043904 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2018-11-12 12:33 - 2018-11-12 12:33 - 000004598 _____ C:\Users\ellyv\Documents\Dossier_ 1.18.091879 _ Uw verzoek om rechtsbijstand.eml
2018-11-10 11:24 - 2018-11-10 11:24 - 000295229 _____ C:\Users\ellyv\Documents\schadeformulier2.pdf
2018-11-10 11:21 - 2018-11-10 11:21 - 000267880 _____ C:\Users\ellyv\Documents\schadeformlier1.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-08 21:01 - 2018-04-12 00:41 - 000000000 ____D C:\WINDOWS\Setup
2018-12-08 21:01 - 2018-04-12 00:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-08 21:01 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-12-08 21:01 - 2017-08-18 08:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-12-08 21:01 - 2017-07-27 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-12-08 21:01 - 2017-01-11 10:43 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2018-12-08 21:01 - 2016-11-18 14:23 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2018-12-08 21:01 - 2016-09-19 14:07 - 000000000 ____D C:\WINDOWS\system32\oodag
2018-12-08 21:01 - 2016-09-16 13:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-12-08 21:01 - 2016-09-16 13:19 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-12-08 21:01 - 2016-08-21 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-12-08 21:01 - 2016-07-25 08:34 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
2018-12-08 21:01 - 2016-05-26 11:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-08 21:01 - 2016-04-14 03:44 - 000000000 ____D C:\Program Files (x86)\Lenovo
2018-12-08 21:01 - 2016-04-14 03:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2018-12-08 21:01 - 2016-04-14 03:40 - 000000000 ____D C:\Program Files\CONEXANT
2018-12-08 21:01 - 2016-04-08 23:44 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-08 21:01 - 2016-04-08 03:50 - 000000000 ____D C:\WINDOWS\system32\LSC
2018-12-08 21:01 - 2015-10-30 08:24 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-12-08 21:01 - 2015-09-20 12:20 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2018-12-08 21:01 - 2015-09-20 12:06 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-12-08 21:01 - 2015-07-10 12:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-12-08 20:58 - 2018-03-17 12:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\Lenovo
2018-12-08 20:56 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-12-08 20:56 - 2017-05-01 12:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2018-12-08 20:56 - 2017-01-11 10:43 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-12-08 20:56 - 2016-09-19 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2018-12-08 20:56 - 2016-04-14 03:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Conexant
2018-12-08 20:56 - 2016-04-14 03:43 - 000000000 ____D C:\Program Files\Synaptics
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-12-08 20:52 - 2018-04-12 10:15 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\com
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\com
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\IME
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Help
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\system
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-08 20:52 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-12-08 20:52 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-12-08 20:52 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-12-08 20:52 - 2018-04-11 22:04 - 000000000 ____D C:\WINDOWS\servicing
2018-12-08 20:44 - 2018-04-12 00:33 - 000424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2018-12-08 20:42 - 2018-04-12 10:18 - 000000000 ____D C:\WINDOWS\OCR
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-12-08 20:42 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-12-08 19:44 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-08 18:17 - 2016-05-12 20:35 - 000592416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-12-08 18:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-08 18:13 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-08 18:12 - 2016-04-08 03:52 - 000000000 ____D C:\Users\ellyv\AppData\Local\Packages
2018-12-08 18:06 - 2018-04-11 22:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-12-08 18:02 - 2016-04-14 03:44 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-08 18:02 - 2016-04-08 03:52 - 000000000 __SHD C:\Users\ellyv\IntelGraphicsProfiles
2018-12-08 18:01 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-12-08 18:00 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-12-08 18:00 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-08 12:56 - 2016-04-08 03:56 - 000000000 ___RD C:\Users\ellyv\OneDrive
2018-12-08 12:52 - 2015-07-16 16:54 - 001770546 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-08 12:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-08 12:50 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-08 12:47 - 2018-06-29 14:00 - 000002359 _____ C:\Users\ellyv\Desktop\Google Chrome.lnk
2018-12-08 12:47 - 2016-04-14 08:54 - 000000000 ___RD C:\Users\ellyv\3D Objects
2018-12-08 12:47 - 2016-02-13 14:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-08 12:37 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\Registration
2018-12-08 12:37 - 2016-04-14 04:00 - 000022840 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-12-08 12:33 - 2017-06-09 12:39 - 000002328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-08 12:33 - 2015-09-20 12:07 - 001795224 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-12-08 12:28 - 2018-04-11 22:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-12-08 12:28 - 2017-07-03 10:08 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps
2018-12-08 12:28 - 2016-05-26 11:07 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-12-08 12:24 - 2017-07-28 08:41 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HP
2018-12-08 12:22 - 2016-04-19 21:25 - 000000000 ____D C:\Users\hansv\AppData\Local\Packages
2018-12-08 12:10 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-12-08 12:10 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-12-08 12:09 - 2017-05-01 12:20 - 000018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2018-12-08 12:09 - 2016-04-14 03:44 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2018-12-08 12:08 - 2017-01-11 09:43 - 000000000 ____D C:\Intel
2018-12-08 12:08 - 2015-09-20 12:06 - 000000000 ____D C:\ProgramData\Intel
2018-12-08 12:08 - 2015-09-20 12:03 - 000000000 ____D C:\Program Files (x86)\Intel
2018-12-08 12:08 - 2015-09-20 11:01 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-08 12:07 - 2016-04-14 03:43 - 000000000 ____D C:\Program Files\Intel
2018-12-08 12:06 - 2016-04-14 03:44 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-12-08 11:00 - 2017-08-10 09:13 - 000001040 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2018-12-07 13:01 - 2017-08-10 09:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-12-02 11:19 - 2016-06-27 12:29 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\AVG
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\Users\ellyv\AppData\Local\Avg
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\ProgramData\Avg
2018-12-01 19:42 - 2016-04-08 23:44 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-01 15:54 - 2018-08-10 11:06 - 000000000 ____D C:\Users\ellyv\AppData\Local\CrashDumps
2018-11-26 16:27 - 2016-10-08 11:58 - 000002088 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2018-11-16 22:50 - 2016-10-08 11:56 - 011097312 _____ C:\Users\ellyv\Downloads\HPPSdr.exe
2018-11-16 21:35 - 2016-04-09 16:49 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-16 02:44 - 2017-10-07 07:31 - 000104832 _____ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2018-11-14 22:21 - 2016-09-06 14:00 - 000000000 ____D C:\Users\ellyv\AppData\Local\Microsoft Help
==================== Files in the root of some directories =======
2016-08-04 12:02 - 2016-08-04 12:09 - 000099384 _____ () C:\Users\ellyv\AppData\Roaming\inst.exe
2016-08-04 12:02 - 2016-08-04 12:09 - 000007859 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.cat
2016-08-04 12:02 - 2016-08-04 12:09 - 000001167 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.inf
2016-08-04 12:02 - 2016-08-04 12:09 - 000000055 _____ () C:\Users\ellyv\AppData\Roaming\pcouffin.log
2016-08-04 12:02 - 2016-08-04 12:09 - 000082816 _____ (VSO Software) C:\Users\ellyv\AppData\Roaming\pcouffin.sys
2018-06-06 13:05 - 2018-06-06 13:05 - 000000000 _____ () C:\Users\ellyv\AppData\Local\{2698AF4D-7FD5-43A0-A47D-CE7829DC8CEC}
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-12-08 12:02
==================== End of FRST.txt ============================
 
Hallo Hans - zo lang Avast de Antivirussoftware in deze PC is, speelt Windows Defender enkel een bijrol!

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer en plak de tekst in het code-venster onder het woord Code in het lege kladblokvenster.

Code:
start
CreateRestorePoint:

HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&
hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27] (AVG)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll => No File
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-05-01] [Legacy] [not signed]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [No File]
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (6).exe
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (5).exe
2018-12-01 19:18 - 2018-12-01 19:18 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (4).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (3).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (2).exe
2018-12-01 19:13 - 2018-12-01 19:13 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (1).exe
2018-12-01 19:11 - 2018-12-01 19:11 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l.exe
2018-12-01 18:56 - 2018-12-01 18:57 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (2).exe
2018-12-01 18:53 - 2018-12-01 18:53 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-12-01 18:51 - 2018-12-01 18:54 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (1).exe
2018-12-01 18:50 - 2018-12-01 18:50 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup.exe
2018-12-02 11:19 - 2016-06-27 12:29 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\AVG
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\Users\ellyv\AppData\Local\Avg
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\ProgramData\Avg
Task: {8D1121DC-C9C1-4AF8-A697-AF345F84C62C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
C:\Program Files (x86)\AVG


BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)


EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end

Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 
Ik ben vorig jaar gestopt met avast. Daarna gebruikte ik een betaalde versie van Malwarebytes.Daar kortgeleden mee gestopt. Overgang willen mken naar windows defender. Maar zoals je weet is dat niet gelukt.

Ik kan het kladblokbestand: Fixlist.txt niet naar de locatie van FRST.exe overbrengen (daar opslaan)
 
De Fixlist dient opgeslagen te worden waar FRST staat, dat is in de locatie C:\Users\ellyv\Downloads
 
Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by ellyv (11-12-2018 11:07:04) Run:1
Running from C:\Users\ellyv\Downloads
Loaded Profiles: ellyv & hansv (Available Profiles: ellyv & hansv)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CreateRestorePoint:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&
hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-2735736808-2654838343-107945157-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll [2016-07-27] (AVG)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.2.18\AVG Web TuneUp.dll => No File
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2017-05-01] [Legacy] [not signed]
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.2\\npsitesafety.dll [No File]
CHR DefaultSearchKeyword: Default -> hxxps://mysearch.avg.com
CHR DefaultSuggestURL: Default -> hxxps://toolbar.avg.com/acp?q={searchTerms}&o=1
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (6).exe
2018-12-01 19:31 - 2018-12-01 19:31 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (5).exe
2018-12-01 19:18 - 2018-12-01 19:18 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (4).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (3).exe
2018-12-01 19:14 - 2018-12-01 19:14 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (2).exe
2018-12-01 19:13 - 2018-12-01 19:13 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (1).exe
2018-12-01 19:11 - 2018-12-01 19:11 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l.exe
2018-12-01 18:56 - 2018-12-01 18:57 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (2).exe
2018-12-01 18:53 - 2018-12-01 18:53 - 000000000 ____D C:\Program Files\Common Files\AVG
2018-12-01 18:51 - 2018-12-01 18:54 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup (1).exe
2018-12-01 18:50 - 2018-12-01 18:50 - 007548656 _____ (AVG Technologies CZ, s.r.o.) C:\Users\ellyv\Downloads\avg_antivirus_free_setup.exe
2018-12-02 11:19 - 2016-06-27 12:29 - 000000000 ____D C:\Users\ellyv\AppData\Roaming\AVG
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\Users\ellyv\AppData\Local\Avg
2018-12-02 11:19 - 2016-06-27 12:17 - 000000000 ____D C:\ProgramData\Avg
Task: {8D1121DC-C9C1-4AF8-A697-AF345F84C62C} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
C:\Program Files (x86)\AVG

BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.)

EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end





















*****************
Restore point was successfully created.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
hxxps://mysearch.avg.com/search?cid={EC359F56-F5D6-4CB3-BD3D-4D4F6006F2F0}&mid=ecbaca5e726b47ccb86c6524c5249427-401f28e15386d9893e568c75541d8c9aabbbc8d9&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0816avz&pr=fr&d=2016-07-27 14:14:15&v=4.3.2.18&pid=wtu&sg=&sap=dsp&q={searchTerms} => Error: No automatic fix found for this entry.
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2f23ab71-4ac6-41f2-a955-ea576e553146} => removed successfully
HKLM\Software\Classes\CLSID\{2f23ab71-4ac6-41f2-a955-ea576e553146} => not found
HKU\S-1-5-21-2735736808-2654838343-107945157-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => not found
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333} => removed successfully
HKLM\Software\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => removed successfully
C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => moved successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (6).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (5).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (4).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (3).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (2).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l (1).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup_a2l.exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup (2).exe => moved successfully
C:\Program Files\Common Files\AVG => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup (1).exe => moved successfully
C:\Users\ellyv\Downloads\avg_antivirus_free_setup.exe => moved successfully
C:\Users\ellyv\AppData\Roaming\AVG => moved successfully
C:\Users\ellyv\AppData\Local\Avg => moved successfully
C:\ProgramData\Avg => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8D1121DC-C9C1-4AF8-A697-AF345F84C62C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D1121DC-C9C1-4AF8-A697-AF345F84C62C}" => removed successfully
C:\WINDOWS\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => removed successfully
C:\Program Files (x86)\AVG => moved successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF949550-9094-4807-95EC-D1C317803333} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{AF949550-9094-4807-95EC-D1C317803333} => removed successfully
Processes closed successfully.
========= ipconfig /flushdns =========

Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========

========= netsh winsock reset =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========== EmptyTemp: ==========
BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 26389648 B
Java, Flash, Steam htmlcache => 541 B
Windows/system/drivers => 9438514 B
Edge => 277144933 B
Chrome => 299051557 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 13312 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1872 B
LocalService => 0 B
NetworkService => 6438 B
NetworkService => 0 B
ellyv => 266275534 B
hansv => 346892 B
RecycleBin => 6284 B
EmptyTemp: => 844.2 MB temporary data Removed.
================================

The system needed a reboot.
==== End of Fixlog 11:13:33 ====
 
Is Windows Defender inmiddels actief of heb jij Avast nog niet verwijderd?
 
Wel een Windows firewall Windos defender zou niet nodig zijn.Afsluiten duurt nu erg lang.Iedere keer moet ik internet instellen.
Avast is er weer, terwijl ik dat programma een jaar geleden verwijderd heb..
Veel pop-ups(virus?) EEN KEER DE DWINGENDE VRAAG OM MIJN WACHTWOORD TE VERANDEREN.
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan