• Hulpvragenden in dit forumonderdeel worden enkel geholpen door daartoe bevoegde teamleden.
    Dit is belangrijk, zodat de hulpvragende goed geholpen kan worden zonder (goedbedoelde) aanvullende berichten van andere leden.
    Reageren op andermans discussie is daarom uitgeschakeld.
  • De afgelopen dagen zijn er meerdere fora waarop bestaande accounts worden overgenomen door spammers. De gebruikersnamen en wachtwoorden zijn via een hack of een lek via andere sites buitgemaakt. Via have i been pwned? kan je controleren of jouw gegeven ook zijn buitgemaakt. Wijzig bij twijfel jouw wachtwoord of schakel de twee-staps-verificatie in.

ter controle

Status
Niet open voor verdere reacties.

leootje

Enthousiast
Lid geworden
16 jan 2007
Berichten
2.430
Waarderingsscore
0
Goedenavond abraham 54 ,ik weet niet of ik het goed gedaan heb zo. Maar ik wil dit voor mijn vrouw graag even laten controleren. Aangezien het wegends omstandigheden best lang geleden is voor mij dat ik hier geweest ben is er nogal wat veranderd. Ik hoor graag van u , mvg leo



Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 31-08-2019
Gestart door Veronica (Beheerder) op VERONICA-PC (Hewlett-Packard HP Compaq 8000 Elite SFF PC) (03-09-2019 22:37:33)
Gestart vanaf C:\Users\Veronica\Desktop
Geladen Profielen: Veronica (Beschikbare Profielen: Veronica)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)


==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1841496 2016-10-14] (Logitech -> Logitech, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Bestand niet getekend]
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated) [Bestand niet getekend]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restrictie <==== AANDACHT
HKU\S-1-5-21-1328266197-2228517688-1197072076-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-30] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.100\Installer\chrmstp.exe [2019-07-25] (AVAST Software s.r.o. -> AVAST Software)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restrictie <==== AANDACHT

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {215BD498-CDD9-4076-B920-B9EAF8C5C004} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-08-14] (Adobe Inc. -> Adobe)
Task: {32DDB69C-23FF-4739-A5DD-833797B85222} - System32\Tasks\{EC206891-9777-4DA8-84C5-F0B547F5B1FA} => C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [367016 2017-03-07] (Perion Network Ltd. -> IncrediMail, Ltd.)
Task: {44510389-C182-40CE-BFC6-52902BD2D793} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {56C42446-8487-4723-8D99-F97F8DC04FAE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2045832 2019-08-19] (AVAST Software s.r.o. -> AVAST Software)
Task: {5A5AA62E-C5F7-44DD-AF34-4FCF715577D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {5B6E4809-6174-4917-9643-B106E99A3AB5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {61BDDA8E-5C09-41B0-B66A-52D96B88C169} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {638F97B0-1690-4CC3-97E7-8802E7C81776} - System32\Tasks\HPCustPartic.exe_{5682AE36-A24E-4B24-8710-DDD6931EBF9A} => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {7B652899-CD3C-45BE-AA9F-1F2F48A001FE} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {88BDE281-C939-432E-BC8F-725023EAD18B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {9FAFC35F-8331-465C-9794-909D38429EFA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {A3BCD31A-E6CB-46BA-9D99-D857E1C3A6E4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C97D07BE-C9E9-4C6B-9C75-F936153E8BE9} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3942792 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
Task: {C9B53909-0CA1-4142-89AE-2B4DB29F0BC3} - System32\Tasks\{5E75DC25-4199-42D1-AD6A-D2FCF0233E1B} => C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe [367016 2017-03-07] (Perion Network Ltd. -> IncrediMail, Ltd.)
Task: {CCB2CBC0-7F0C-459E-A7D5-E40F7568A84D} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
Task: {E83B4C0C-3C9A-4EB9-8B18-0218DD2CB22C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {F4B4012C-4886-45AE-B9A6-9AAB442A50F5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {F5A7C90D-7E33-4D4C-AC2B-84D472833FED} - System32\Tasks\HPCustParticipation HP DeskJet 3700 series => C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPCustPartic.exe [6439048 2018-04-06] (Hewlett Packard -> HP Inc.)
Task: {FBEF40D8-9BAB-44B8-87FD-A5C7DF408635} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software)
Task: {FD5C4FFD-9273-4BA5-956D-A89A75EBAB3F} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe [1815792 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)


==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8524BFED-C7D0-4E7B-82E7-FCD6070A403C}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-28] (Google Inc -> Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [2001-04-16] (Adobe Systems, Incorporated -> )
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-28] (Google Inc -> Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office16\URLREDIR.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-28] (Google Inc -> Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2017-02-28] (Google Inc -> Google Inc.)
Toolbar: HKU\S-1-5-21-1328266197-2228517688-1197072076-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2017-02-28] (Google Inc -> Google Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [Geen bestand]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.nl/
CHR StartupUrls: Default -> "hxxp://www.google.nl/","hxxp://google.nl/"
CHR Profile: C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default [2019-09-03]
CHR Extension: (Presentaties) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Documenten) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Google Drive) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-28]
CHR Extension: (Avast SafePrice | Prijsvergelijking, aanbiedingen, waardebonnen) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2019-06-07]
CHR Extension: (Offline Documenten) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Avast Online Security) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-07-17]
CHR Extension: (Save to Facebook) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2019-06-27]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Gmail) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-08]
CHR Profile: C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-10-08]
CHR Profile: C:\Users\Veronica\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-08]
CHR HKLM-x32\...\Chrome\Extension: [ccjleegmemocfpghkhpjmiccjcacackp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5975136 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [405072 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-12] (AVAST Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files (x86)\AVAST Software\Browser\Application\75.1.1528.100\elevation_service.exe [978720 2019-07-18] (AVAST Software s.r.o. -> AVAST Software)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [743616 2015-12-02] (@ByELDI -> @ByELDI) [Bestand niet getekend]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [Bestand niet getekend]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12001112 2019-08-29] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37104 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [209552 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [263008 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [205848 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [61472 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [282768 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42288 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [169408 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [112312 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [87944 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1030784 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [478096 2019-08-27] (AVAST Software s.r.o. -> AVAST Software)
S2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [387176 2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k60x64.sys [220672 2009-06-10] (Microsoft Windows -> Intel Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-09-03 22:37 - 2019-09-03 22:40 - 000018634 _____ C:\Users\Veronica\Desktop\FRST.txt
2019-09-03 22:35 - 2019-09-03 22:35 - 001615360 _____ (Farbar) C:\Users\Veronica\Desktop\FRST64.exe
2019-09-03 21:54 - 2019-09-03 21:54 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 14.lnk
2019-08-24 09:17 - 2019-09-03 22:26 - 000000000 ____D C:\Users\Veronica\Desktop\Cleaning
2019-08-20 09:05 - 2019-08-20 09:05 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-08-20 09:05 - 2019-08-20 09:05 - 000169408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-08-20 09:05 - 2019-08-20 09:04 - 000363912 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-08-15 09:21 - 2019-08-06 00:58 - 000397432 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-08-15 09:21 - 2019-08-05 23:55 - 000348800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-08-15 09:21 - 2019-08-04 05:37 - 025754624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-08-15 09:21 - 2019-08-04 04:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-08-15 09:21 - 2019-08-04 04:16 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-08-15 09:21 - 2019-08-04 04:04 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-08-15 09:21 - 2019-08-04 04:03 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-08-15 09:21 - 2019-08-04 04:02 - 000578560 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-08-15 09:21 - 2019-08-04 04:02 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-08-15 09:21 - 2019-08-04 04:02 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-08-15 09:21 - 2019-08-04 04:01 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-08-15 09:21 - 2019-08-04 03:55 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-08-15 09:21 - 2019-08-04 03:54 - 005775872 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-08-15 09:21 - 2019-08-04 03:54 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-08-15 09:21 - 2019-08-04 03:52 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-08-15 09:21 - 2019-08-04 03:51 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-08-15 09:21 - 2019-08-04 03:51 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-08-15 09:21 - 2019-08-04 03:51 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-08-15 09:21 - 2019-08-04 03:50 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-08-15 09:21 - 2019-08-04 03:43 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-08-15 09:21 - 2019-08-04 03:40 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-08-15 09:21 - 2019-08-04 03:34 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-08-15 09:21 - 2019-08-04 03:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-08-15 09:21 - 2019-08-04 03:33 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-08-15 09:21 - 2019-08-04 03:30 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-08-15 09:21 - 2019-08-04 03:29 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-08-15 09:21 - 2019-08-04 03:27 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-08-15 09:21 - 2019-08-04 03:25 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-08-15 09:21 - 2019-08-04 03:21 - 020291584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-08-15 09:21 - 2019-08-04 03:16 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-08-15 09:21 - 2019-08-04 03:15 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-08-15 09:21 - 2019-08-04 03:14 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-08-15 09:21 - 2019-08-04 03:14 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-08-15 09:21 - 2019-08-04 03:12 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-08-15 09:21 - 2019-08-04 03:12 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-08-15 09:21 - 2019-08-04 03:11 - 015390720 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-08-15 09:21 - 2019-08-04 03:04 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-08-15 09:21 - 2019-08-04 03:03 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-08-15 09:21 - 2019-08-04 03:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-08-15 09:21 - 2019-08-04 03:03 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-08-15 09:21 - 2019-08-04 03:02 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-08-15 09:21 - 2019-08-04 03:01 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-08-15 09:21 - 2019-08-04 03:00 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-08-15 09:21 - 2019-08-04 02:57 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-08-15 09:21 - 2019-08-04 02:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-08-15 09:21 - 2019-08-04 02:55 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-08-15 09:21 - 2019-08-04 02:54 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-08-15 09:21 - 2019-08-04 02:54 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-08-15 09:21 - 2019-08-04 02:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-08-15 09:21 - 2019-08-04 02:50 - 001566208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-08-15 09:21 - 2019-08-04 02:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-08-15 09:21 - 2019-08-04 02:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-08-15 09:21 - 2019-08-04 02:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-08-15 09:21 - 2019-08-04 02:40 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-08-15 09:21 - 2019-08-04 02:40 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-08-15 09:21 - 2019-08-04 02:38 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-08-15 09:21 - 2019-08-04 02:37 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-08-15 09:21 - 2019-08-04 02:36 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-08-15 09:21 - 2019-08-04 02:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-08-15 09:21 - 2019-08-04 02:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-08-15 09:21 - 2019-08-04 02:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-08-15 09:21 - 2019-08-04 02:28 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-08-15 09:21 - 2019-08-04 02:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-08-15 09:21 - 2019-08-04 02:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-08-15 09:21 - 2019-08-04 02:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-08-15 09:21 - 2019-08-04 02:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-08-15 09:21 - 2019-08-04 02:06 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-08-15 09:21 - 2019-08-04 02:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-08-15 09:21 - 2019-07-30 04:25 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-08-15 09:21 - 2019-07-30 04:23 - 005552568 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-08-15 09:21 - 2019-07-30 04:23 - 000710072 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-08-15 09:21 - 2019-07-30 04:23 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-08-15 09:21 - 2019-07-30 04:23 - 000155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-08-15 09:21 - 2019-07-30 04:23 - 000097208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-08-15 09:21 - 2019-07-30 04:22 - 001671000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-08-15 09:21 - 2019-07-30 04:20 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 004058848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-08-15 09:21 - 2019-07-30 04:19 - 003965664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-08-15 09:21 - 2019-07-30 04:19 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:17 - 001319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-08-15 09:21 - 2019-07-30 04:16 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 04:15 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 03:54 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-08-15 09:21 - 2019-07-30 03:53 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-08-15 09:21 - 2019-07-30 03:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-08-15 09:21 - 2019-07-30 03:51 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-08-15 09:21 - 2019-07-30 03:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-08-15 09:21 - 2019-07-30 03:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-08-15 09:21 - 2019-07-30 03:51 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-08-15 09:21 - 2019-07-30 03:48 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-08-15 09:21 - 2019-07-30 03:48 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-08-15 09:21 - 2019-07-30 03:48 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-08-15 09:21 - 2019-07-30 03:48 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-08-15 09:21 - 2019-07-30 03:48 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-08-15 09:21 - 2019-07-30 03:48 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-08-15 09:21 - 2019-07-30 03:47 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-08-15 09:21 - 2019-07-30 03:47 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-08-15 09:21 - 2019-07-30 03:47 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 03:47 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 03:47 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 03:47 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-08-15 09:21 - 2019-07-30 03:44 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-08-15 09:21 - 2019-07-30 03:44 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-08-15 09:21 - 2019-07-30 03:44 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-08-15 09:21 - 2019-07-30 03:44 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-08-15 09:21 - 2019-07-30 03:44 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-08-15 09:21 - 2019-07-30 03:44 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-08-15 09:21 - 2019-07-30 03:43 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-08-15 09:21 - 2019-07-30 03:43 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-08-15 09:21 - 2019-07-24 02:37 - 003187712 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2019-08-15 09:21 - 2019-07-19 05:30 - 003231744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-08-15 09:21 - 2019-07-13 10:37 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-08-15 09:21 - 2019-07-13 10:36 - 000289720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-08-15 09:21 - 2019-07-13 10:35 - 001894840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-08-15 09:21 - 2019-07-13 10:35 - 000385464 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-08-15 09:21 - 2019-07-13 10:35 - 000378808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-08-15 09:21 - 2019-07-13 10:34 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000335360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-08-15 09:21 - 2019-07-13 10:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2019-08-15 09:21 - 2019-07-13 10:33 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 001077760 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-08-15 09:21 - 2019-07-13 10:32 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-08-15 09:21 - 2019-07-13 10:31 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcmonitor.dll
2019-08-15 09:21 - 2019-07-13 10:22 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-08-15 09:21 - 2019-07-13 10:22 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-08-15 09:21 - 2019-07-13 10:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-08-15 09:21 - 2019-07-13 10:15 - 006135808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-08-15 09:21 - 2019-07-13 10:13 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcmonitor.dll
2019-08-15 09:21 - 2019-07-13 10:07 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-08-15 09:21 - 2019-07-11 02:05 - 007082496 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-09-03 22:39 - 2009-07-14 06:45 - 000022720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-09-03 22:39 - 2009-07-14 06:45 - 000022720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-09-03 22:37 - 2017-10-07 22:57 - 000000000 ____D C:\FRST
2019-09-03 21:58 - 2018-03-29 09:21 - 000167296 _____ C:\Users\Veronica\AppData\Local\GDIPFONTCACHEV1.DAT
2019-09-03 21:55 - 2017-02-28 21:06 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-03 09:01 - 2017-02-27 03:29 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-09-03 09:00 - 2017-12-20 14:54 - 000000000 ____D C:\Users\Veronica\AppData\Local\AVAST Software
2019-09-03 08:57 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-09-01 13:46 - 2019-01-03 23:09 - 000002954 _____ C:\Windows\System32\Tasks\HPCustPartic.exe_{5682AE36-A24E-4B24-8710-DDD6931EBF9A}
2019-09-01 13:46 - 2019-01-03 23:08 - 000003582 _____ C:\Windows\System32\Tasks\HPCustParticipation HP DeskJet 3700 series
2019-09-01 13:46 - 2018-08-25 09:55 - 000002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-09-01 13:46 - 2017-10-30 10:46 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-09-01 13:46 - 2017-09-25 08:42 - 000002978 _____ C:\Windows\System32\Tasks\{EC206891-9777-4DA8-84C5-F0B547F5B1FA}
2019-09-01 13:46 - 2017-09-25 08:41 - 000002978 _____ C:\Windows\System32\Tasks\{5E75DC25-4199-42D1-AD6A-D2FCF0233E1B}
2019-09-01 13:46 - 2017-02-28 20:48 - 000003370 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2019-09-01 13:46 - 2017-02-28 14:52 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-09-01 13:46 - 2017-02-27 03:29 - 000003490 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-09-01 13:46 - 2017-02-27 03:29 - 000003362 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-09-01 13:46 - 2017-02-27 03:29 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-08-30 11:33 - 2011-04-12 15:00 - 000745424 _____ C:\Windows\system32\perfh013.dat
2019-08-30 11:33 - 2011-04-12 15:00 - 000153376 _____ C:\Windows\system32\perfc013.dat
2019-08-30 11:33 - 2009-07-14 07:13 - 001669560 _____ C:\Windows\system32\PerfStringBackup.INI
2019-08-30 11:33 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-08-30 09:46 - 2017-02-28 03:32 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-30 09:34 - 2009-07-14 07:08 - 000032594 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-08-27 13:05 - 2017-02-27 03:29 - 000478096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-08-26 16:06 - 2017-02-28 14:53 - 000646104 _____ C:\Users\Veronica\Documents\Reality_plugin_Log.txt
2019-08-26 14:53 - 2017-02-28 14:54 - 000000000 ____D C:\ProgramData\boost_interprocess
2019-08-23 09:20 - 2017-07-25 09:20 - 000000822 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-08-20 09:05 - 2018-10-18 08:27 - 000042288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-08-20 09:05 - 2017-02-27 03:29 - 000387176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-08-20 09:05 - 2017-02-27 03:29 - 000112312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-08-20 09:05 - 2017-02-27 03:29 - 000087944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-08-20 09:04 - 2019-02-13 10:41 - 000282768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-08-20 09:04 - 2019-01-15 10:20 - 000263008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-08-20 09:04 - 2019-01-04 11:03 - 000205848 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-08-20 09:04 - 2019-01-04 11:03 - 000061472 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-08-20 09:04 - 2019-01-04 11:03 - 000037104 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-08-20 09:04 - 2017-11-10 10:22 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-08-20 09:04 - 2017-02-27 03:29 - 001030784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-08-16 10:35 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-08-16 08:57 - 2017-02-28 04:44 - 001643292 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-08-15 09:46 - 2018-03-29 09:33 - 010094336 _____ C:\Windows\system32\FNTCACHE.DAT
2019-08-15 09:41 - 2017-02-28 13:21 - 000000000 ____D C:\Windows\system32\MRT
2019-08-15 09:37 - 2017-02-28 13:20 - 134272480 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-08-14 11:32 - 2017-02-28 14:52 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-08-14 11:32 - 2017-02-28 14:52 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-08-14 11:32 - 2017-02-28 14:51 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-08-14 11:32 - 2017-02-28 14:14 - 000000000 ____D C:\Windows\system32\Macromed

==================== Bestanden in de root van sommige mappen ================

2017-03-07 17:26 - 2006-09-20 09:24 - 000097272 _____ () C:\Users\Veronica\ColorCop.exe
2017-03-07 17:27 - 2006-01-31 09:42 - 001135104 _____ (Antonio Da Cruz) C:\Users\Veronica\Reflet.exe
2017-02-28 13:42 - 2017-02-28 13:42 - 000000034 _____ () C:\Users\Veronica\AppData\Roaming\SmithMicroDLM.cfg

==================== SigCheck ===============================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)


LastRegBack: 2019-08-31 16:46
==================== Einde van FRST.txt ============================



Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 31-08-2019
Gestart door Veronica (03-09-2019 22:40:33)
Gestart vanaf C:\Users\Veronica\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-02-27 01:10:08)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1328266197-2228517688-1197072076-500 - Administrator - Disabled)
Gast (S-1-5-21-1328266197-2228517688-1197072076-501 - Limited - Disabled)
Veronica (S-1-5-21-1328266197-2228517688-1197072076-1000 - Administrator - Enabled) => C:\Users\Veronica

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

µTorrent (HKU\S-1-5-21-1328266197-2228517688-1197072076-1000\...\uTorrent) (Version: 3.4.9.43388 - BitTorrent Inc.)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 18.05 (HKLM-x32\...\{23170F69-40C1-2701-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.238 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.7.2388 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 75.1.1528.100 - De auteurs van Avast Secure Browser)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP DeskJet 3700 series Basissoftware van het apparaat (HKLM\...\{C8D19DF5-0834-4F69-963F-0279990CFA26}) (Version: 40.12.1161.1896 - HP Inc.)
HP DeskJet 3700 series Help (HKLM-x32\...\{173B7EFF-280A-497D-BAC5-512E0A2A4695}) (Version: 40.0.0 - HP)
HP Dropbox Plugin (HKLM-x32\...\{2E5A25A3-C329-40FB-9A09-E2C75B746935}) (Version: 36.0.41.58587 - HP)
HP Google Drive Plugin (HKLM-x32\...\{CF37027C-AA2E-46B8-B741-6205E001C4F4}) (Version: 36.0.41.58587 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
IncrediMail (HKLM-x32\...\{FDFE5E63-116A-4655-9B4D-29F4AFE441B3}) (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM-x32\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Paint Shop Pro 7 Anniversary Edition (HKLM-x32\...\{D6DE02C7-1F47-11D4-9515-00105AE4B89A}) (Version: 7.0.4.0000 - Jasc Software Inc)
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Poser Pro 2014 version 10.0.5 (HKLM\...\Poser Pro 2014_is1) (Version: 10.0.5 - Smith Micro Software, Inc.)
PoserContent2014 (HKLM\...\PoserContent2014_is1) (Version: 10.0.0 - Smith Micro Software, Inc.)
Productverbeteringsonderzoek voor HP DeskJet 3700 series (HKLM\...\{83570CDA-C10E-49AC-80D1-66AB74EB55BC}) (Version: 40.12.1161.1896 - HP Inc.)
Smith Micro Download Manager version 1.0 (HKLM-x32\...\{89816111-4490-46FB-B141-63EA77077A94}_is1) (Version: 1.0 - Smith Micro Software, Inc.)
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.5.5819 - TeamViewer)
WinRAR 5.70 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.70.0 - win.rar GmbH)
Xenofex 1.0 (HKLM-x32\...\Xenofex 1.0) (Version: - )

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [Bestand niet getekend]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-08-20] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2019-02-26] (win.rar GmbH -> Alexander Roshal)

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Geladen Modules (gefilterd) ==============


==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)


==================== Hosts inhoud: ==========================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2009-07-14 04:34 - 2019-01-04 10:57 - 000001798 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 adobe.activate.com
127.0.0.1 adobeereg.com
127.0.0.1 www.adobeereg.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 125.252.224.90
127.0.0.1 125.252.224.91
127.0.0.1 hl2rcv.adobe.com

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKU\S-1-5-21-1328266197-2228517688-1197072076-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Veronica\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

Als een item is opgenomen in de fixlist, zal het worden verwijderd.

MSCONFIG\startupreg: AdobeBridge => "C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe" -stealth
MSCONFIG\startupreg: IncrediMail => C:\Program Files (x86)\IncrediMail\bin\IncMail.exe /c
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office16\lync.exe" /fromrunkey
MSCONFIG\startupreg: uTorrent => "C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [TCP Query User{565E3626-018E-4823-8F64-D1DEED5519D9}C:\program files\smith micro\poser pro 2014\poserpro.exe] => (Allow) C:\program files\smith micro\poser pro 2014\poserpro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc)
FirewallRules: [UDP Query User{143083C5-D58C-411A-8797-FC71536D4292}C:\program files\smith micro\poser pro 2014\poserpro.exe] => (Allow) C:\program files\smith micro\poser pro 2014\poserpro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc)
FirewallRules: [{A1C89FB7-7D8F-4D41-894E-DA41386F0848}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{26BF63AC-D4AF-458A-B2C1-62F1274125C8}] => (Allow) C:\Program Files\Microsoft Office\Office16\lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F3DB6767-6D40-4368-8B6D-5EDA10FB7298}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6A8B8F71-6B02-4D9E-9BA1-CF161318B8C2}] => (Allow) C:\Program Files\Microsoft Office\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{BEC430D8-F4CC-448A-9519-F30C1F42A937}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{B27C85D3-3454-4711-B214-22C1C642632F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{9E3712A2-00C9-40C1-9E18-59BDF53153B5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{255746A3-4695-4979-96EA-6492D5239AF7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D3B76422-062E-4520-85F0-E62FC5477391}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{BC33DF77-A3FE-475E-BA68-397816C626EF}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{F122DA0F-C9F5-48AD-BBFD-FFC2CF4E76BF}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B26BBDAB-F84A-4B67-A778-2528B29618C7}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{2AA11050-39FB-403A-8821-FF1E0B8893BA}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{EA9D992E-A4E6-4C37-91A7-2BCFDB14F80D}] => (Allow) C:\Users\Veronica\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [TCP Query User{3173E7E0-080C-489F-81EE-0002054A52D0}C:\program files\smith micro\poser pro 2014\poserpro.exe] => (Allow) C:\program files\smith micro\poser pro 2014\poserpro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc)
FirewallRules: [UDP Query User{5D8D70DD-8A03-4285-806B-1970643EFC13}C:\program files\smith micro\poser pro 2014\poserpro.exe] => (Allow) C:\program files\smith micro\poser pro 2014\poserpro.exe (Smith Micro Software, Inc. -> Smith Micro Software, Inc)
FirewallRules: [{DA60040D-F50E-4141-94E5-6FFA619221B5}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{F32750F2-C185-4DA5-A7E7-63A756C3914F}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{24213D92-0ECA-4626-9D9E-30E2195780B1}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{DF08F5AB-799E-45E5-A356-EBC7FD0F08D6}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImpCnt.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{D43E93A4-B4DA-4B47-B10E-0B63AEE4E6FF}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\DeviceSetup.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{61BD7568-552D-4EF8-BCBF-778540C777DD}] => (Allow) LPort=5357
FirewallRules: [{4E158727-CD11-401A-8523-8BD2BA28338D}] => (Allow) C:\Program Files\HP\HP DeskJet 3700 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> HP Inc.)
FirewallRules: [{381AC842-6DFB-4D3B-89C0-66C41F71B1C9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{D65B10D2-6883-46DD-B111-9B2B178900A7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{4C09DB03-82C5-4EE6-B688-59BF26028D36}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{009271D4-11C5-48BA-A70D-9CA9A75D6F0D}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{43F822BF-8427-4B34-B791-113085F45AED}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{7DACB599-252E-4199-83C9-C9131E76936C}] => (Allow) C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe (Perion Network Ltd. -> IncrediMail, Ltd.)
FirewallRules: [{344E62B7-8E47-4B6D-8719-EFDC004BDBCF}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe (AVAST Software s.r.o. -> AVAST Software)
FirewallRules: [{4B98621B-C38C-408D-9BA5-E4303D3DC6FE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3A69F027-4528-43FE-85A0-6D3DFCBE0408}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D3D38C97-B39A-42A8-9691-804D7B260416}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{A8CCFA84-FF94-482C-9695-9C13972DD7EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5A741DF3-B9DF-4970-811B-223F3BA8F0D0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)

==================== Herstelpunten =========================

16-08-2019 08:54:12 Windows Update
18-08-2019 10:14:49 JRT Pre-Junkware Removal
18-08-2019 10:28:41 JRT Pre-Junkware Removal
18-08-2019 10:37:27 JRT Pre-Junkware Removal
19-08-2019 09:07:40 Windows Back-up
26-08-2019 07:59:35 Windows Back-up
01-09-2019 19:00:23 Windows Back-up

==================== Defecte Apparaatbeheer Apparaten =============

Name: PS/2-compatibele muis
Description: PS/2-compatibele muis
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standaard-PS/2-toetsenbord
Description: Standaard-PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (09/03/2019 09:11:02 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: IncMail.exe, versie: 6.3.9.5274, tijdstempel: 0x51eb9497
Naam van module met fout: ntdll.dll, versie: 6.1.7601.24511, tijdstempel: 0x5d3fa86b
Uitzonderingscode: 0xc0000374
Foutoffset: 0x000ce9a3
Id van proces met fout: 0x980
Starttijd van toepassing met fout: 0x01d56226b49deb3c
Pad naar toepassing met fout: C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
Pad naar module met fout: C:\Windows\SysWOW64\ntdll.dll
Rapport-id: fc17878d-ce19-11e9-8d5e-1cc1de591ef0

Error: (09/03/2019 08:58:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (09/02/2019 05:07:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (09/02/2019 09:21:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (09/01/2019 07:08:54 PM) (Source: Windows Backup) (EventID: 4104) (User: )
Description: De back-up is niet geslaagd. Fout: Er is onvoldoende ruimte beschikbaar op dit station om de back-up op te slaan. Maak schijfruimte vrij door oudere back-ups en onnodige items te verwijderen of wijzig uw instellingen voor back-ups. (0x81000005).

Error: (09/01/2019 11:25:51 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (08/31/2019 09:38:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.

Error: (08/30/2019 09:34:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Gebeurtenisfilter met query SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99 kan niet opnieuw worden geactiveerd in naamruimte //./root/CIMV2 vanwege fout 0x80041003. Mogelijk worden er geen gebeurtenissen via dit filter doorgegeven totdat het probleem is verholpen.


Systeemfouten:
=============
Error: (09/03/2019 09:46:55 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:33 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:32 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:31 PM) (Source: Disk) (EventID: 7) (User: )
Description: Beschadigd blok in apparaat \Device\Harddisk2\DR2.

Error: (09/03/2019 09:44:30 PM) (Source: volsnap) (EventID: 29) (User: )
Description: De schaduwkopieën van volume F: zijn afgebroken tijdens de detectie.


CodeIntegrity:
===================================

Date: 2019-03-15 10:19:57.317
Description:
De integriteit van de kopie voor het bestand \Device\HarddiskVolume2\Windows\System32\mfplat.dll kan niet worden geverifieerd omdat de reeks kopie-hashes per pagina niet is gevonden op het systeem.

==================== Geheugen info ===========================

BIOS: Hewlett-Packard 786G7 v01.02 10/22/2009
Motherboard: Hewlett-Packard 3646h
Processor: Pentium(R) Dual-Core CPU E6500 @ 2.93GHz
Percentage geheugen in gebruik: 44%
Totaal fysiek RAM-geheugen: 8063.25 MB
Beschikbaar fysiek RAM-geheugen: 4436.29 MB
Totaal Virtueel geheugen: 16124.64 MB
Beschikbaar Virtueel geheugen: 12459.67 MB

==================== Schijven ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:128.35 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:109.25 GB) NTFS
Drive f: (Windhoos) (Fixed) (Total:76.33 GB) (Free:12.84 GB) NTFS ==>[systeem met boot componenten (verkregen van schijf)]

\\?\Volume{3845747a-fd30-11e6-947e-806e6f6e6963}\ (Door systeem gereserveerd) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6D6F6365)
No partition Table on disk 0.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 00082B7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 76.3 GB) (Disk ID: F26B1DC4)
Partition 1: (Active) - (Size=76.3 GB) - (Type=07 NTFS)

==================== Einde van Addition.txt ============================
 
Hallo Leo,
doe mij een lol een voeg beide logs als bijlage toe.
Doordat de sidebar overal anwezig is, zijn logs zo gepost lastig te analyseren.

 
Mijn excuses. Zo beter?
 

Bijlagen

  • FRST.txt
    56,7 KB · Weergaven: 1
  • Addition.txt
    28,2 KB · Weergaven: 1
Hoi, jij weet dat 14 januari aanstaande het afgelopen is met Windows 7?
Ik heb de specs gelezen en deze Windows 7 kan zonder meer straks geupdated worden naar Windows 10!

Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan
51a5c8edc4692-icon1337952077.png


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Download de bijgevoegde Fixlist.txt naar de dezelfde locatie of verplaats Fixlist.txt naar waar ook FRST.exe aanwezig is.

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken
  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op
    577bf0efb8088-FRST.png
    FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Voeg Fixlog.txt als bijlage toe aan jouw volgende bericht.
 

Bijlagen

  • Fixlist.txt
    200 bytes · Weergaven: 4
Updaten naar windows 10, wat zijn daar de kosten van?
Ik ben al torenhoge kosten kwijt aan de verzorging van mijn vrouw nl.
Moet momenteel even oppassen wat ik doe.
 

Bijlagen

  • Fixlog.txt
    1,8 KB · Weergaven: 2
Hallo Leo, om je zorgen meteen weg te nemen, de upgrade naar Windows 10 is nog steeds gratis te doen.

Download
51a46ae42d560-malwarebytes_anti_malware.png
MalwareBytes Anti-Malware.

  • Windows 2000 en Windows XP: dubbelklik op mbam-setup.exe.
  • Windows Vista, Windows 7, Windows 8: en Windows 10: via rechtsklik op mbam-setup.exe en kies voor "Als Administrator uitvoeren".
  • Klik in het menu van Malwarebytes ANTI-MALWARE op Instellingen" en daar op "Detectie en Bescherming" en zet vervolgens een vinkje bij "Scan naar rootkits".
  • Klik vervolgens op de knop Scan nu om een bedreigingsscan uit te voeren.
  • Er zal nu gecontroleerd worden op beschikbare updates, klik hier op "Nu bijwerken als er beschikbare updates zijn.
  • De scan wordt nu automatisch gestart,wanneer de scan gereed is en er bedreigingen zijn gedetecteerd krijgt u hier een overzicht van.

  • Wanneer er geen bedreigingen zijn gedetecteerd klikt u na de scan op Bekijk gedetailleerd logboek.
  • Klik vervolgens op de knop Exporteer en kies de optie "Tekstbestand (*.txt)".
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.

  • Wanneer er wel bedreigingen zijn gedetecteerd klikt u na de scan op Acties toepassen.
  • Bij de melding om de computer opnieuw op te starten klikt u op Ja / Yes.
  • Open na de herstart MalwareBytes Anti-Malware en klik bovenaan op Historie en selecteer Programmalogboeken.
  • Klik op de nieuwste Scan Log.
  • Klik op "Exporteer" en kies de optie "Tekstbestand (*.txt)".
    5557b93ba94ab-Malwarebytes_Exporteer_ScanLog.png
  • Geef vervolgens een bestandsnaam op voor het opslaan van het logbestand, bijvoorbeeld MBAM Scanlog.
  • Kies bijvoorbeeld het bureaublad als opslaglocatie en klik vervolgens op de knop Opslaan.
    532aab157609a-MBAM-Scan.png

MBAM-Log posten:
  • Kopieer nu de inhoud van het zojuist opgeslagen log en plak dit in uw nieuwe antwoord erbij.


Indien jij MBAM meteen als gratis versie wil gebruiken in plaatst van de veertien dagen durende demo met al zijn toeters en bellen te gebruiken, kijk dan hier
 
Status
Niet open voor verdere reacties.
Steun Ons

Nieuwste berichten

Terug
Bovenaan