een melding in windows 10

vanschagen

Gevestigd lid
hallo
Ik krijg elke dag een melding van windows 10.
WMIPRVSE.exe heeft niet toegestaan om een verandering in geheugen te wijzigen
wat houd dit in??
 

Abraham54

Admin
Ondersteuning
Download
MiniToolBox en plaats dit tool op jouw bureaublad.

Farbar MiniToolBox gebruiken:
  • Sluit nu eerst alle nog openstaande programmavensters!
    • Windows 2000 en Windows XP: start "MiniToolBox.exe" via dubbelklikken.
    • Windows Vista, Windows 7, Windows 8 en Windows 10: start "MiniToolBox.exe" via rechtsklik Als Administrator uitvoeren.
Vink de volgende onderdelen aan:
  • List last 10 Events Viewer Errors
  • List Installed Programs
  • List Devices - Only Problems
  • List Users, Partitions and Memory size
  • List Minidump Files
  • List Restore Points
    • Klik nu op de knop "Go".
    • Aansluitend wordt een log aangemaakt (Result.txt) in de zelfde map waar "MiniToolBox.exe" in zit.
    • Kopieer en plak de inhoud van het log in jouw volgende bericht.
 

vanschagen

Gevestigd lid
MiniToolBox by Farbar Version: 17-06-2016
Ran by anoud (administrator) on 04-02-2019 at 12:50:01
Running from "C:\Users\anoud\Desktop"
Microsoft Windows 10 Home (X64)
Model: F0D200CNNY Manufacturer: LENOVO
Boot Mode: Normal
***

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/03/2019 12:17:58 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x4018
Starttijd van toepassing met fout: 0xRAVBg64.exe0
Pad naar toepassing met fout: RAVBg64.exe1
Pad naar module met fout: RAVBg64.exe2
Rapport-id: RAVBg64.exe3
Volledige pakketnaam met fout: RAVBg64.exe4
Relatieve toepassings-id van pakket met fout: RAVBg64.exe5

Error: (01/30/2019 10:56:04 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0xcc0
Starttijd van toepassing met fout: 0xRAVBg64.exe0
Pad naar toepassing met fout: RAVBg64.exe1
Pad naar module met fout: RAVBg64.exe2
Rapport-id: RAVBg64.exe3
Volledige pakketnaam met fout: RAVBg64.exe4
Relatieve toepassings-id van pakket met fout: RAVBg64.exe5

Error: (01/29/2019 11:27:25 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x1508
Starttijd van toepassing met fout: 0xRAVBg64.exe0
Pad naar toepassing met fout: RAVBg64.exe1
Pad naar module met fout: RAVBg64.exe2
Rapport-id: RAVBg64.exe3
Volledige pakketnaam met fout: RAVBg64.exe4
Relatieve toepassings-id van pakket met fout: RAVBg64.exe5

Error: (01/28/2019 10:59:35 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x3574
Starttijd van toepassing met fout: 0xRAVBg64.exe0
Pad naar toepassing met fout: RAVBg64.exe1
Pad naar module met fout: RAVBg64.exe2
Rapport-id: RAVBg64.exe3
Volledige pakketnaam met fout: RAVBg64.exe4
Relatieve toepassings-id van pakket met fout: RAVBg64.exe5

Error: (01/27/2019 11:16:17 AM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x2998
Starttijd van toepassing met fout: 0xRAVBg64.exe0
Pad naar toepassing met fout: RAVBg64.exe1
Pad naar module met fout: RAVBg64.exe2
Rapport-id: RAVBg64.exe3
Volledige pakketnaam met fout: RAVBg64.exe4
Relatieve toepassings-id van pakket met fout: RAVBg64.exe5

Error: (01/26/2019 09:04:31 PM) (Source: Application Error) (User: )
Description: Naam van toepassing met fout: RevoUninPro.exe, versie: 4.0.5.0, tijdstempel: 0x5c0f5930
Naam van module met fout: RevoUninPro.exe, versie: 4.0.5.0, tijdstempel: 0x5c0f5930
Uitzonderingscode: 0xc0000409
Foutmarge: 0x0000000000702a8c
Id van proces met fout: 0x1c04
Starttijd van toepassing met fout: 0xRevoUninPro.exe0
Pad naar toepassing met fout: RevoUninPro.exe1
Pad naar module met fout: RevoUninPro.exe2
Rapport-id: RevoUninPro.exe3
Volledige pakketnaam met fout: RevoUninPro.exe4
Relatieve toepassings-id van pakket met fout: RevoUninPro.exe5

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:57:11 AM) (Source: DbxSvc) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:57:11 AM) (Source: DbxSvc) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden


System errors:
=============
Error: (02/04/2019 12:28:11 PM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 12:28:11 PM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 11:01:48 AM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 11:01:48 AM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 09:55:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStartenWindows.SecurityCenter.SecurityAppBrokerNiet beschikbaarNT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 09:55:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStartenWindows.SecurityCenter.WscBrokerManagerNiet beschikbaarNT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 09:55:01 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: toepassingsspecifiekLokaalStartenWindows.SecurityCenter.WscDataProtectionNiet beschikbaarNT AUTHORITYSYSTEMS-1-5-18LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/04/2019 09:54:53 AM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalStartenWindows.SecurityCenter.WscCloudBackupProviderNiet beschikbaarDESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/03/2019 04:58:06 PM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar

Error: (02/03/2019 04:58:06 PM) (Source: DCOM) (User: DESKTOP-7O6IQ87)
Description: toepassingsspecifiekLokaalActiveren{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}{15C20B67-12E7-4BB6-92BB-7AFF07997402}DESKTOP-7O6IQ87anoudS-1-5-21-3888337827-4225290478-3517265855-1001LocalHost (via LRPC)Niet beschikbaarNiet beschikbaar


Microsoft Office Sessions:
=========================
Error: (02/03/2019 12:17:58 PM) (Source: Application Error)(User: )
Description: RAVBg64.exe1.0.0.2945bb1cba3KERNELBASE.dll10.0.17763.1341659a33bc06d007e0000000000055299401801d4bb9793426352C:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\WINDOWS\System32\KERNELBASE.dll1cba5dff-a148-4ac2-9559-c9b13b1d8e16

Error: (01/30/2019 10:56:04 AM) (Source: Application Error)(User: )
Description: RAVBg64.exe1.0.0.2945bb1cba3KERNELBASE.dll10.0.17763.1341659a33bc06d007e0000000000055299cc001d4b870188aeda2C:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\WINDOWS\System32\KERNELBASE.dll395edb3a-b46e-46e6-8b04-39f171189ca5

Error: (01/29/2019 11:27:25 AM) (Source: Application Error)(User: )
Description: RAVBg64.exe1.0.0.2945bb1cba3KERNELBASE.dll10.0.17763.1341659a33bc06d007e0000000000055299150801d4b7a0b5f5c70aC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\WINDOWS\System32\KERNELBASE.dll10c462c0-0db3-4834-b78d-155c14defdc9

Error: (01/28/2019 10:59:35 AM) (Source: Application Error)(User: )
Description: RAVBg64.exe1.0.0.2945bb1cba3KERNELBASE.dll10.0.17763.1341659a33bc06d007e0000000000055299357401d4b6dfbda5134cC:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\WINDOWS\System32\KERNELBASE.dll1771212f-9938-4bef-bdb3-8e53b1af1b3e

Error: (01/27/2019 11:16:17 AM) (Source: Application Error)(User: )
Description: RAVBg64.exe1.0.0.2945bb1cba3KERNELBASE.dll10.0.17763.1341659a33bc06d007e0000000000055299299801d4b61704d45c26C:\Program Files\Realtek\Audio\HDA\RAVBg64.exeC:\WINDOWS\System32\KERNELBASE.dllaf9fee97-7199-423c-a9b0-98b747fd19d3

Error: (01/26/2019 09:04:31 PM) (Source: Application Error)(User: )
Description: RevoUninPro.exe4.0.5.05c0f5930RevoUninPro.exe4.0.5.05c0f5930c00004090000000000702a8c1c0401d4b5b215ffca7bC:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exeC:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe3aae5f66-943a-4fdb-82bd-d9787c0a6c32

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc)(User: )
Description: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc)(User: )
Description: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:57:11 AM) (Source: DbxSvc)(User: )
Description: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:57:11 AM) (Source: DbxSvc)(User: )
Description: (-2146885628) Kan object of eigenschap niet vinden


CodeIntegrity Errors:
===================================
Date: 2019-01-09 22:11:46.431
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.420
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.395
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.389
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-08 17:04:03.691
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:21.356
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:21.163
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:20.856
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:20.853
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-02 09:30:23.226
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


=========================== Installed Programs ============================

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{738DCBE9-20A3-4CE6-84C7-E0A5B82F7617}) (Version: 2.5.3646 - Famatech)
Aspire 8.5 (HKLM\...\AspireV85) (Version: 8.5 - Vectric)
Aspire 9.5 (HKLM\...\AspireV95) (Version: 9.5 - Vectric)
Autodesk Fusion 360 (HKCU\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5119 - Autodesk, Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Cdrom List Creator (HKLM-x32\...\Cdrom List Creator) (Version: - )
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GrabIt 1.7.5 Beta (build 1016) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
ideaMaker 3.3.0.2343 (HKCU\...\ideaMaker) (Version: 3.3.0.2343 - Raise3D)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4944 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Lenovo Essential Wireless Keyboard (HKLM\...\Lenovo Essential Wireless Keyboard) (Version: 1.0 - Lenovo)
Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 nl) (HKLM\...\Mozilla Firefox 64.0 (x64 nl)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.3.3 - Mozilla)
Mozilla Thunderbird 60.5.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 60.5.0 (x86 nl)) (Version: 60.5.0 - Mozilla)
OpenOffice 4.1.6 (HKLM-x32\...\{137C9FE3-DD3B-402F-893C-01AF8ED4E06B}) (Version: 4.16.9790 - Apache Software Foundation)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Rainbow Web 2 (HKLM-x32\...\BFG-Rainbow Web 2) (Version: - )
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1012.180530 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0024 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.17 (23-2-2016) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30-5-2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.02.28 (29-5-2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America)
Silhouette Studio (HKLM-x32\...\{6746AE87-B89C-444A-990E-99DD26C25830}) (Version: 4.1.479 - Silhouette America)
Simplify3D Software (HKLM\...\Simplify3D Software 4.1.1) (Version: 4.1.1 - Simplify3D)
Skype versie 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
SpaceClaim Translators 19.1 (HKLM\...\{448949D6-7829-DADD-883F-0388FC997F41}) (Version: 19.1.0 - SpaceClaim Corporation)
Spotnet (HKCU\...\Spotnet) (Version: 2.0.0.276 - Spotnet)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology)
Synology Cloud Station Drive (HKLM-x32\...\{5DE9756A-0548-4AD5-AC5E-C4FF8B72A22F}) (Version: 4.2.8.4421 - Synology)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vectric Shell Extensions 1.2 (HKLM-x32\...\VectricThumbnailShellExt) (Version: - Vectric)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Winamp Applicatie Detect (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-stuurprogrammapakket - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Wise Disk Cleaner 10.1.4 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 33%
Total physical RAM: 8101.49 MB
Available physical RAM: 5405.43 MB
Total Virtual: 9381.49 MB
Available Virtual: 5851.3 MB

========================= Partitions: =====================================

1 Drive c: (Windows) (Fixed) (Total:118 GB) (Free:77.99 GB) NTFS
2 Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:874.57 GB) NTFS

========================= Users: ========================================

Gebruikersaccounts voor \\DESKTOP-7O6IQ87

Administrator anoud DefaultAccount
Gast WDAGUtilityAccount
De opdracht is voltooid.

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

20-01-2019 18:29:22 Gepland controlepunt
26-01-2019 08:39:08 Installatieprogramma voor Windows-modules
02-02-2019 12:01:25 Gepland controlepunt

** End of log **
 

Abraham54

Admin
Ondersteuning
Ik vermoed dat de WBEM-foutmelding ontstaat doordat er twee instanties software voor veel foutmeldingen zorgen:

RevoPro en de Realtekaudiodriver.

Revo is mogelijk op te lossen door de nieuwste versie met administratorrechten te installeren.

De Realtek Audiodriver - gebruik jij inmiddels de 1809 versie van Windows 10?
 

Abraham54

Admin
Ondersteuning
Oké - het probleem met audio van Realtek geldt zowel voor de 1803- als ook de 1809 versie en is veroorzaakt doordat Microsoft via de Windows Update fake audiodrivers heeft geïnstalleerd!

Ga naar Microsoft Update Catalog en download en installeer Update for Windows 10 1709, Windows 10 1803 and Windows 10 1809 for x64-based Systems (KB4468550)
 

Abraham54

Admin
Ondersteuning
Is alles nu weer normaal?
 

vanschagen

Gevestigd lid
ik zou het niet weten of het normaal is ,hoe kom ik daar achter??
ik zie ook nog dingen van Avast staan die staat niet meer op deze pc.
 
Laatst bewerkt:

Abraham54

Admin
Ondersteuning
Download
Farbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links
Farbar Recovery Scan Tool 32 bit (x86)
Farbar Recovery Scan Tool 64 bit (x64)
Downloadlokatie: Dit programma absoluut naar het bureaublad downloaden dan wel daar naar toe verplaatsen!
Opmerkingen
: Alle openstaande programma's en webpagina's dienen afgesloten te zijn.

Antivirusprogramma en actieve malwarescanners dienen al voor je FRST.exe start gedeaktiveert zijn!
Hier en hier vindt je gegevens hoe antivirusprogramma's en spywarescanners te deaktiveren.

FRST opstarten:
  • Windows 2000 en Windows XP: dubbelklik op FRST.exe.
  • Windows Vista, Windows 7, Windows 8/8.1 en Windows 10: via rechtsklik op FRST.exe of FRST64.exe en kies voor "Als Administrator uitvoeren".

Stap 1.
Kopieer en plak de volgende tekst in het vak "Search": Avast
Nota bene: plak het precies zoals het nu staat!

Klik daarna op Search Files.
Een Search.txt log wordt opgeslagen op dezelfde plaats waar FRST is opgeslagen plaats dat als bijlage.


Stap 2.
Kopieer en plak de volgende tekst in het vak "Search": Avast
Nota bene: plak het precies zoals het nu staat!

Klik daarna op Search Registry.
Een Registry.txt log wordt opgeslagen op dezelfde plaats waar FRST is opgeslagen plaats dat als bijlage.
 

vanschagen

Gevestigd lid
Farbar Recovery Scan Tool (x64) Versie: 4.02.2019
Gestart door anoud (04-02-2019 13:57:55)
Gestart vanaf C:\Users\anoud\Desktop
Boot Modus: Normal

================== Bestanden Zoeken: "Avast" =============


====== Einde van Zoeken ======


Farbar Recovery Scan Tool (x64) Versie: 4.02.2019
Gestart door anoud (04-02-2019 14:02:10)
Gestart vanaf C:\Users\anoud\Desktop
Boot Modus: Normal

================== Zoeken in register: "Avast" ===========

[HKEY_LOCAL_MACHINE\SOFTWARE\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AvastPersistentStorage]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\avast]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\AvastSvc_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run]
"AvastUI.exe"="0x020000000000000000000000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32]
"AvastUI.exe"="0x020000000000000000000000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.26706.0_none_a17010e62d01ed14"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.crt_fcc99ee6193ebbca_14.0.26706.0_none_59c2da0f1885c40e"="0x41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.26706.0_none_a65012d829d61c47"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_avast.vc140.mfc_fcc99ee6193ebbca_14.0.26706.0_none_5ea2dc011559f341"="0x41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.26706.0_none_945e8bd9e5efd44e"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_14.0.26706.0_none_4cb15502d173ab48"="0x506F6C6963792E31342E302E41766173742E56433134302E4352542C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.26706.0_none_993e8dcbe2c40381"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D783836"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\IsolatedSxSAssemblies]
"amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_14.0.26706.0_none_519156f4ce47da7b"="0x506F6C6963792E31342E302E41766173742E56433134302E4D46432C2043756C747572653D6E65757472616C2C20547970653D77696E33322D706F6C6963792C2056657273696F6E3D31342E302E32363730362E302C205075626C69634B6579546F6B656E3D666363393965653631393365626263612C2050726F636573736F724172636869746563747572653D616D643634"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.crt_fcc99ee6193ebbca_none_020285fe6d6e0580]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_avast.vc140.mfc_fcc99ee6193ebbca_none_018be6966dc83925]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_ef17e13d91c55d96]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\amd64_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_eea141d5921f913b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.crt_fcc99ee6193ebbca_none_49afbcd581ea2e86]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_avast.vc140.mfc_fcc99ee6193ebbca_none_49391d6d8244622b]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.crt_fcc99ee6193ebbca_none_36c51814a641869c]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SideBySide\Winners\x86_policy.14.0.avast.vc140.mfc_fcc99ee6193ebbca_none_364e78aca69bba41]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Windows Error Reporting\LocalDumps\aswidsagenta.exe]
"DumpFolder"="C:\ProgramData\AVAST Software\Avast\log"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D54C527-F7EF-420F-9F06-A8A45116EF43}]
"Path"="\Avast Software\Overseer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D54C527-F7EF-420F-9F06-A8A45116EF43}]
"Author"="Avast Software"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D54C527-F7EF-420F-9F06-A8A45116EF43}]
"Description"="Avast Overseer is a support application that fixes common technical issues with Avast products."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D54C527-F7EF-420F-9F06-A8A45116EF43}]
"URI"="\Avast Software\Overseer"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsSelfHost\OneSettings]
"TargetingAttributes"="{ "Version": 55, "SchemaVersion": 1, "PartA": [ "App", "AppVer", "AttrDataVer" ], "Default": [ "DeviceFamily", "f:FlightRing", "t:OSVersionFull" ], "PartB": { "CDM": [ "ChassisTypeId", "r:CurrentBranch", "DeviceFamily", "f:FlightingBranchName", "f:FlightRing", "c:InstallLanguage", "c:IsDomainJoined", "t:IsTestLab", "OEMModel", "OSArchitecture", "OSVersion", "t:OSSkuId", "c:processorIdentifier", "c:TelemetryLevel" ], "CORTANA_GATEKEEPER": [ "r:CurrentBranch", "f:FlightRing", "f:IsRetailOS" ], "CORTANAUWP": [ "c:OSUILocale", "t:OSVersionFull", "v:CortanaAppVer" ], "CORTANAUWPTEST": [ "+CORTANAUWP", "v:CortanaAppVerTest" ], "CTAC": [ "+FSS" ], "DISKFOOTPRINT": [ "a:Free", "c:TelemetryLevel", "f:FlightRing", "f:IsFlightingEnabled", "IsVM", "t:OSVersionFull" ], "DDC": [ "+WU_STORE", "+_WU_PTI" ], "DXDB": [ "DeviceFamily", "f:FlightRing", "r:IsHybridOrXGpu", "t:OSVersionFull" ], "EDGE_SERVICEUI": [ "t:LocalDeviceID", "t:LocalUserID" ], "FCON": [ "+CDM" ], "FSS": [ "r:previewBuildsManagerEnabled", "f:BranchReadinessLevelRaw", "u:BranchReadinessLevelSource", "r:BuildFID", "t:DeviceFamily", "DeviceId", "c:EnablePreviewBuilds", "f:FlightingPolicyValue", "f:IsRetailOS", "f:ManagePreviewBuilds", "OSVersionFull" ], "MICROSOFT.WINDOWSFEEDBACKHUB_8WEKYB3D8BBWE": [ "t:OSVersionFull", "t:IsTestLab", "f:FlightRing" ], "MITIGATION": [ "t:DeviceFamily", "c:FirmwareVersion", "f:FlightRing", "c:FlightIds", "c:IsDomainJoined", "f:IsFlightingEnabled", "t:IsMsftOwned", "f:IsRetailOS", "t:IsTestLab", "IsVM", "OEMModel", "c:OSEdition", "t:OSSkuId", "t:OSVersionFull", "c:OSUILocale", "t:SMode", "c:TelemetryLevel" ], "MLMOD": [ "ChassisTypeId", "t:DeviceFamily", "f:FlightingBranchName", "f:FlightRing", "f:IsRetailOS", "t:OSSkuId", "t:OSVersionFull", "c:OSUILocale" ], "MTP": [ "+_WU_OS_CORE" ], "MUSE": [ "ChassisTypeId", "deviceClass", "deviceId", "c:FlightIds", "locale", "ms", "os", "osVer", "ring", "sampleId", "sku" ], "NOISYHAMMER": [ "+WU_OS" ], "SEDIMENTPACK": [ "+WU_OS" ], "SETUP360": [ "+WU_OS" ], "UTC": [ "+UTC_STATIC", "osVer", "locale", "ring", "f:pilotRing", "f:IsRetailOS", "ms", "expId" ], "UTC_STATIC": [ "os", "deviceId", "sampleId", "deviceClass", "sku", "OEMModel", "OEMName_Uncleaned", "c:primaryDiskType", "c:processorModel", "c:TotalPhysicalRAM" ], "WOSC": [ "t:DeviceFamily", "f:FlightRing", "f:IsFlightingEnabled", "t:IsMsftOwned", "t:LocalDeviceID", "t:OSSkuId", "c:OSUILocale", "t:OSVersionFull", "c:TelemetryLevel", "r:IsHybridOrXGpu" ], "WU": [ "+WU_OS" ], "WU_OS": [ "+_WU_OS_CORE", "+_WU_FB" ], "WU_STORE": [ "+_WU_COMMON", "r:AppChannels", "r:AppRMIDs", "u:BranchReadinessLevel" ], "_WU_AV": [ "r:AvastReg", "r:AvastBlackScreen", "v:AvastVer", "r:AvgReg", "v:AvgVer", "r:EsetReg", "v:EsetVer", "r:KasperskyReg", "v:KasperskyVer", "v:SymantecVer", "r:TencentReg", "r:TencentType" ], "_WU_COMMON": [ "r:CurrentBranch", "r:DefaultUserRegion", "DeviceFamily", "r:DriverPartnerRing", "r:FlightContent", "f:FlightingBranchName", "f:FlightRing", "HoloLens", "c:InstallationType", "c:InstallLanguage", "f:IsFlightingEnabled", "r:IsFlightingEnabled", "c:MobileOperatorCommercialized", "OEMModel", "OEMName_Uncleaned", "r:OemPartnerRing", "OSArchitecture", "OSVersion", "t:OSSkuId", "c:OSUILocale", "c:processorManufacturer", "r:ReleaseType", "v:SkypeRoomSystem", "t:SMode", "c:TelemetryLevel", "r:WindowsMixedReality", "v:WuClientVer", "p:DucPublisherId", "p:DucDeviceModelId", "p:DucOemPartnerRing", "p:DucCustomPackageId" ], "_WU_OS_CORE": [ "+_WU_COMMON", "+_WU_AV", "r:AhnLabKeyboard", "a:Bios", "r:BlockFeatureUpdates", "c:CommercialId", "a:DataVer_RS5", "r:DisconnectedStandby", "r:DchuNvidiaGrfxExists", "r:DchuNvidiaGrfxVen", "r:DchuIntelGrfxExists", "r:DchuIntelGrfxVen", "r:DchuAmdGrfxExists", "r:DchuAmdGrfxVen", "c:FirmwareVersion", "a:Free", "a:GStatus_RS3", "a:GStatus_RS4", "a:GStatus_RS5", "r:HidOverGattReg", "r:InstallDate", "c:IsDeviceRetailDemo", "c:IsPortableOperatingSystem", "IsVM", "c:OEMModelBaseBoard", "r:OobeSeeker", "r:OSRollbackBuild", "r:OSRollbackCount", "r:OSRollbackDate", "PhoneTargetingName", "r:ponchAllow", "r:ponchBlock", "c:processorIdentifier", "r:RecoveredFromBuild", "r:RecoveredOnDate", "r:Steam", "v:TobiiVer", "v:TrendMicroVer", "r:UninstallActive", "l:UpdateManagementGroup", "a:UpgEx_RS3", "a:UpgEx_RS4", "a:UpgEx_RS5", "a:Version_RS5" ], "_WU_FB": [ "u:BranchReadinessLevel", "u:DeferQualityUpdatePeriodInDays", "u:DeferFeatureUpdatePeriodInDays", "r:pausedFeatureStatus", "r:pausedQualityStatus" ], "_WU_PTI": [ "c:FrontFacingCameraResolution", "c:RearFacingCameraResolution", "c:TotalPhysicalRAM", "c:NFCProximity", "c:Magnetometer", "c:Gyroscope", "c:D3DMaxFeatureLevel", "c:InternalPrimaryDisplayResolutionHorizontal", "c:InternalPrimaryDisplayResolutionVetical" ], "WAASASSESSMENT": [ "+WU_OS" ], "WPSHIFT": [ "+MTP" ] }, "Required": [ "App", "AppVer", "AttrDataVer" ], "Aliases": { "ChassisTypeId": "c:ChassisType", "deviceClass": "t:DeviceFamily", "deviceId": "t:LocalDeviceID", "DeviceId": "t:LocalDeviceID", "expId": "c:FlightIds", "FlightRing": "f:FlightRing", "IsVM": "a:ISVM", "locale": "c:OSUILocale", "ms": "t:IsMsftOwned", "OEMModel": "c:OEMModelNumber", "OEMName_Uncleaned": "c:OEMManufacturerName", "osVer": "t:OSVersionFull", "OSVersionFull": "t:OSVersionFull", "PhoneTargetingName": "c:OEMModelName", "ring": "f:FlightRing", "sampleId": "t:popVal", "sku": "t:OSSkuId" }, "Fallback": { "r:AvastBlackScreen": "r:AvgBlackScreen", "a:Bios": "a:Bios_RS3", "a:Bios_RS3": "a:Bios_RS4", "a:Bios_RS4": "a:Bios_RS5", "r:BlockFeatureUpdates": "r:BlockWUUpgrades", "r:BlockWUUpgrades": "r:BlockWUUpgradesWow", "r:BuildFID": "r:BuildFID_WCOS", "r:BuildFID_WCOS": "r:BuildFID_WCOS2", "r:DchuAmdGrfxVen": "r:DchuAmdGrfxVen2", "r:DchuIntelGrfxVen": "r:DchuIntelGrfxVen2", "r:DchuNvidiaGrfxVen": "r:DchuNvidiaGrfxVen2", "f:FlightingBranchName": "c:FlightingBranchName", "a:Free": "a:Free_RS3", "a:Free_RS3": "a:Free_RS4", "a:Free_RS4": "a:Free_RS5", "HoloLens": "r:WindowsMixedReality", "a:ISVM": "a:ISVM_RS3", "a:ISVM_RS3": "a:ISVM_RS4", "a:ISVM_RS4": "a:ISVM_RS5", "c:OEMModelBaseBoard": "r:OEMModelBaseBoard", "r:ponchAllow": "r:ponchAllowKey", "r:ponchAllowKey": "r:ponchAllowWow", "r:ponchAllowWow": "r:ponchAllowWowKey", "v:SymantecVer": "v:SymantecVer64", "v:TobiiVer": "v:TobiiVerx86", "v:TobiiVerx86": "v:TobiiVer1x86" }, "Transform": { "IsDomainJoined": { "Ignore": ["0"] }, "IsHybridOrXGpu": { "Ignore": ["0"] }, "IsMsftOwned": { "Ignore": ["0"] }, "IsPortableOperatingSystem": { "Ignore": ["0"] }, "IsTestLab": { "Ignore": ["0"] }, "IsVM": { "Ignore": ["0"] }, "OEMModel": { "SubLength": 100 }, "OEMName_Uncleaned": { "SubLength": 100 }, "PausedFeatureStatus": { "Ignore": ["0"] }, "PausedQualityStatus": { "Ignore": ["0"] }, "SMode": { "Ignore": ["0"] } }, "Registry": { "AhnLabKeyboard": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\Mkd2kfNt", "ValueName": "NbTpMsExist" }, "AppChannels": { "FullPath": "SOFTWARE\\Policies\\Microsoft\\WindowsStore\\Apps\\", "ValueName": "ChannelId", "EncodingType": "Json" }, "AppRMIDs": { "FullPath": "SOFTWARE\\Policies\\Microsoft\\WindowsStore\\Apps\\", "ValueName": "ReleaseManagementId", "EncodingType": "Json" }, "AvastBlackScreen": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\aswVmm\\Parameters", "ValueName": "Win10-1803" }, "AvastReg": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\aswVmm\\Parameters", "ValueName": "QualityCompat" }, "AvgBlackScreen": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\avgVmm\\Parameters", "ValueName": "Win10-1803" }, "AvgReg": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\avgVmm\\Parameters", "ValueName": "QualityCompat" }, "BlockFeatureUpdates": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\OSUpgrade", "ValueName": "BlockFeatureUpdates", "RegValueType": "REG_DWORD" }, "BlockWUUpgrades": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows10Upgrader\\Volatile", "ValueName": "BlockWUUpgrades", "RegValueType": "REG_DWORD" }, "BlockWUUpgradesWow": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\WOW6432Node\\Microsoft\\Windows10Upgrader\\Volatile", "ValueName": "BlockWUUpgrades", "RegValueType": "REG_DWORD" }, "BuildFID": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "Software\\Microsoft\\Windows\\CurrentVersion\\Flighting\\Build", "ValueName": "EsdFlightData", "RegValueType": "REG_SZ" }, "BuildFID_WCOS": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "OSDATA\\Software\\Microsoft\\Windows\\CurrentVersion\\Flighting\\Build", "ValueName": "EsdFlightData", "RegValueType": "REG_SZ" }, "BuildFID_WCOS2": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "OSDATA\\Microsoft\\Windows\\CurrentVersion\\Flighting\\Build", "ValueName": "EsdFlightData", "RegValueType": "REG_SZ" }, "CurrentBranch": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", "ValueName": "BuildBranch", "RegValueType": "REG_SZ" }, "DisconnectedStandby": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SYSTEM\\CurrentControlSet\\Control\\Power", "ValueName": "EnforceDisconnectedStandby", "RegValueType": "REG_DWORD" }, "DchuAmdGrfxExists": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\amdkmdap", "IfExists": true }, "DchuAmdGrfxVen": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\amdkmdap", "ValueName": "DCHUVen" }, "DchuAmdGrfxVen2": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\amdkmdap\\Parameters", "ValueName": "DCHUVen" }, "DchuIntelGrfxExists": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\igfx", "IfExists": true }, "DchuIntelGrfxVen": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\igfx", "ValueName": "DCHUVen" }, "DchuIntelGrfxVen2": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\igfx\\Parameters", "ValueName": "DCHUVen" }, "DchuNvidiaGrfxExists": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\nvlddmkm", "IfExists": true }, "DchuNvidiaGrfxVen": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\nvlddmkm", "ValueName": "DCHUVen" }, "DchuNvidiaGrfxVen2": { "FullPath": "SYSTEM\\CurrentControlSet\\Services\\nvlddmkm\\Parameters", "ValueName": "DCHUVen" }, "DefaultUserRegion": { "HKey": "HKEY_USERS", "FullPath": ".DEFAULT\\Control Panel\\International\\Geo", "ValueName": "Nation", "RegValueType": "REG_SZ" }, "DriverPartnerRing": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\DriverFlighting\\Partner", "ValueName": "TargetRing", "RegValueType": "REG_SZ" }, "EsetReg": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SYSTEM\\CurrentControlSet\\Services\\ehdrv\\Parameters", "ValueName": "WindowsCompatibilityLevel", "RegValueType": "REG_DWORD" }, "FlightContent": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\WindowsSelfHost\\Applicability", "ValueName": "ContentType", "RegValueType": "REG_SZ" }, "HidOverGattReg": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Setup\\PnpLockdownFiles\\%SystemRoot%/System32/drivers/UMDF/Microsoft.Bluetooth.Profiles.HidOverGatt.dll", "ValueName": "Source", "RegValueType": "REG_SZ" }, "InstallDate": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion", "ValueName": "InstallDate", "RegValueType": "REG_DWORD" }, "IsHybridOrXGpu": { "FullPath": "SOFTWARE\\Microsoft\\DirectX", "ValueName": "HybridDeviceApplicableForDxDbGpuPreferences" }, "IsFlightingEnabled": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\WindowsSelfHost\\Applicability", "ValueName": "IsBuildFlightingEnabled", "RegValueType": "REG_DWORD" }, "KasperskyReg": { "FullPath": "System\\CurrentControlSet\\Services\\klhk\\Parameters", "ValueName": "UseVtHardware" }, "OEMModelBaseBoard": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "HARDWARE\\DESCRIPTION\\System\\BIOS", "ValueName": "BaseBoardProduct", "RegValueType": "REG_SZ" }, "OemPartnerRing": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SYSTEM\\Platform\\DeviceTargetingInfo", "ValueName": "TargetRing", "RegValueType": "REG_SZ" }, "OobeSeeker": { "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\OOBE\\Updates", "ValueName": "OOBEUpdateStarted" }, "OSRollbackBuild": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\OSUpgrade\\Rollback", "ValueName": "BuildString", "RegValueType": "REG_SZ" }, "OSRollbackCount": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\OSUpgrade\\Rollback", "ValueName": "Count", "RegValueType": "REG_DWORD" }, "OSRollbackDate": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\WindowsUpdate\\OSUpgrade\\Rollback", "ValueName": "DateStamp", "RegValueType": "REG_DWORD" }, "PausedFeatureStatus": { "FullPath": "SOFTWARE\\Microsoft\\WindowsUpdate\\UpdatePolicy\\Settings", "ValueName": "PausedFeatureStatus" }, "PausedQualityStatus": { "FullPath": "SOFTWARE\\Microsoft\\WindowsUpdate\\UpdatePolicy\\Settings", "ValueName": "PausedQualityStatus" }, "PonchAllow": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat", "ValueName": "cadca5fe-87d3-4b96-b7fb-a231484277cc", "RegValueType": "REG_DWORD" }, "PonchAllowKey": { "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc", "IfExists": true }, "PonchAllowWow": { "FullPath": "SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\QualityCompat", "ValueName": "cadca5fe-87d3-4b96-b7fb-a231484277cc" }, "PonchAllowWowKey": { "FullPath": "SOFTWARE\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\QualityCompat\\cadca5fe-87d3-4b96-b7fb-a231484277cc", "IfExists": true }, "PonchBlock": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\QualityCompat", "ValueName": "65d75b03-6f4d-46e9-b870-517731e06cf9", "RegValueType": "REG_DWORD" }, "PreviewBuildsManagerEnabled": { "FullPath": "SOFTWARE\\Microsoft\\WindowsSelfhost\\Manager", "ValueName": "ArePreviewBuildsAllowed" }, "RecoveredFromBuild": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "Software\\Microsoft\\WindowsSelfHost\\Applicability\\RecoveredFrom", "ValueName": "LastBuild", "RegValueType": "REG_DWORD" }, "RecoveredOnDate": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "Software\\Microsoft\\WindowsSelfHost\\Applicability\\RecoveredFrom", "ValueName": "DateStamp", "RegValueType": "REG_DWORD" }, "ReleaseType": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Update\\TargetingInfo", "ValueName": "ReleaseType", "RegValueType": "REG_SZ" }, "Steam": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Classes\\Steam", "ValueName": "", "RegValueType": "REG_SZ" }, "TencentReg": { "FullPath": "SYSTEM\\CurrentControlSet\\services\\TesSafe", "ValueName": "LoadStartTime" }, "TencentType": { "FullPath": "SYSTEM\\CurrentControlSet\\services\\TesSafe", "ValueName": "Type" }, "UninstallActive": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "System\\Setup", "ValueName": "UninstallActive", "RegValueType": "REG_DWORD" }, "WindowsMixedReality": { "HKey": "HKEY_LOCAL_MACHINE", "FullPath": "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\WUDF\\Services\\HoloLensSensors", "ValueName": "WdfMajorVersion", "RegValueType": "REG_DWORD" } }, "FileInfo": { "AvastVer": { "Path": "\\system32\\Drivers\\aswVmm.sys", "FolderGuid": "{F38BF404-1D43-42F2-9305-67DE0B28FC23}" }, "AvgVer": { "Path": "\\system32\\Drivers\\avgVmm.sys", "FolderGuid": "{F38BF404-1D43-42F2-9305-67DE0B28FC23}" }, "CortanaAppVer": { "Path": "\\WindowsApps\\Microsoft.549981C3F5F10_8wekyb3d8bbwe\\CortanaApp.View.exe", "FolderGuid": "{905e63b6-c1bf-494e-b29c-65b732d3d21a}" }, "CortanaAppVerTest": { "Path": "\\WindowsApps\\3242f7d9-db60-4380-a379-4205ea768bfc_1.0.0.0_x64__zs4v8rx04ex0m\\UndockingTestApp.exe", "FolderGuid": "{905e63b6-c1bf-494e-b29c-65b732d3d21a}" }, "EsetVer": { "Path": "\\drivers\\ehdrv.sys", "FolderGuid": "{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}" }, "KasperskyVer": { "Path": "\\system32\\Drivers\\klhk.sys", "FolderGuid": "{F38BF404-1D43-42F2-9305-67DE0B28FC23}" }, "SkypeRoomSystem": { "Path": "%systemdrive%\\Recovery\\OEM\\$oem$\\$1\\Rigel\\x64\\Scripts\\Provisioning\\AutoUnattend.xml", "IfExists": true }, "SymantecVer": { "Path": "\\Symantec\\Shared\\EENGINE\\eeCtrl.sys", "FolderGuid": "{DE974D24-D9C6-4D3E-BF91-F4455120B917}" }, "SymantecVer64": { "Path": "\\Symantec\\Shared\\EENGINE\\eeCtrl64.sys", "FolderGuid": "{DE974D24-D9C6-4D3E-BF91-F4455120B917}" }, "TobiiVer": { "Path": "\\Tobii\\Tobii EyeX Interaction\\Tobii.EyeX.Interaction.exe", "FolderGuid": "{905e63b6-c1bf-494e-b29c-65b732d3d21a}" }, "TobiiVerx86": { "Path": "\\tobii EyeX Interaction\\Tobii.EyeX.Interaction.exe", "FolderGuid": "{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}" }, "TobiiVer1x86": { "Path": "\\Tobii\\tobii EyeX Interaction\\Tobii.EyeX.Interaction.exe", "FolderGuid": "{7C5A40EF-A0FB-4BFC-874A-C0F2E0B9FA8E}" }, "TrendMicroVer": { "Path": "\\drivers\\TMUMH.sys", "FolderGuid": "{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}" }, "WuClientVer": { "Path": "\\system32\\wuaueng.dll", "FolderGuid": "{F38BF404-1D43-42F2-9305-67DE0B28FC23}" } }, "Licensing": { "UpdateManagementGroup": { "Name": "UpdatePolicy-UpdateManagementGroup" } }, "Policy": { "DucPublisherId": { "LocUri": "./Device/Vendor/MSFT/DeviceUpdateCenter/Enrollment/PublisherId" }, "DucDeviceModelId": { "LocUri": "./Device/Vendor/MSFT/DeviceUpdateCenter/Enrollment/DeviceModelId" }, "DucOemPartnerRing": { "LocUri": "./Device/Vendor/MSFT/DeviceUpdateCenter/Enrollment/OemPartnerRing" }, "DucCustomPackageId": { "LocUri": "./Device/Vendor/MSFT/DeviceUpdateCenter/Enrollment/CustomPackageId" } }, "UpdatePolicy": { "BranchReadinessLevel": { "PolicyEnum": 5, "Enterprise": true }, "BranchReadinessLevelSource": { "PolicyEnum": 5, "Enterprise": true, "UseSource": true }, "DeferQualityUpdatePeriodInDays": { "PolicyEnum": 7, "Enterprise": true }, "DeferFeatureUpdatePeriodInDays": { "PolicyEnum": 9, "Enterprise": true } } }"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\AVAST Software]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\Chrome\NativeMessagingHosts\com.avast.nativeproxy]
""="C:\Program Files\AVAST Software\Avast\AvastNM.json"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Google\No Chrome Offer Until]
"AVAST Software"="20190614"
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"=""C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\aswbIDSAgent]
"Path"=""C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"ServiceName"="avast! Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"Path"=""C:\Program Files\AVAST Software\Avast\AvastSvc.exe""
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\avast! Antivirus]
"DisplayName"="Avast Antivirus"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"ServiceName"="AvastWscReporter"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"Path"=""C:\Program Files\AVAST Software\Avast\wsc_proxy.exe" /runassvc"
[HKEY_LOCAL_MACHINE\SYSTEM\Setup\FirstBoot\Services\AvastWscReporter]
"DisplayName"="AvastWscReporter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bam\UserSettings\S-1-5-21-3888337827-4225290478-3517265855-1001]
"\Device\HarddiskVolume5\Program Files\AVAST Software\Avast\AvastUI.exe"="0x0AF41EB82B9DD40100000000000000000000000002000000"
[HKEY_USERS\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\AvastAdSDK]
[HKEY_USERS\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\154be5ea_0]
""="{2}.\\?\hdaudio#func_01&ven_10ec&dev_0274&subsys_17aa36dc&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume5\Program Files\AVAST Software\Avast\AvastUI.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\AvastUI.exe"="0x534143500100000000000000070000002800000088D3B400C178B50001000000000000000000000A0021000067077CBAC54CD4010000000000000000020000002800000000000000000000000000000000000000000000000000000029010000000000000100000001000000"
[HKEY_USERS\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files\AVAST Software\Avast\setup\instup.exe"="0x5341435001000000000000000700000028000000B88B1C000000000003000000000000000000000A0021000067077CBAC54CD401000000000000000002000000280000000000000000000000000000000000000000000000000000008FDD0000000000000100000001000000"
[HKEY_USERS\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Piriform\CCleaner]
"CookiesToSave"=".avast.com|.ccleaner.com|.ccleanercloud.com|.piriform.com|accounts.google.com|facebook.com|google.com|login.live.com|twitter.com|www.google.com|yahoo.com"

====== Einde van Zoeken ======
 

Abraham54

Admin
Ondersteuning
Goed gedaan - start FRST weer met adminrechten en en zet een vinkje bij Additions.

Voeg beide logs toe aan jouw volgende antwoord.
 

vanschagen

Gevestigd lid
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 4.02.2019
Gestart door anoud (04-02-2019 14:15:47)
Gestart vanaf C:\Users\anoud\Desktop
Windows 10 Home Versie 1809 17763.292 (X64) (2018-12-26 17:44:58)
Boot Modus: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3888337827-4225290478-3517265855-500 - Administrator - Disabled)
anoud (S-1-5-21-3888337827-4225290478-3517265855-1001 - Administrator - Enabled) => C:\Users\anoud
DefaultAccount (S-1-5-21-3888337827-4225290478-3517265855-503 - Limited - Disabled)
Gast (S-1-5-21-3888337827-4225290478-3517265855-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3888337827-4225290478-3517265855-504 - Limited - Disabled)

==================== Security Center ========================

(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Geïnstalleerde programma's ======================

(Alleen de adware-programma's met 'verborgen' vlag kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeïnstalleerd worden.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 32.0.0.89 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM-x32\...\{738DCBE9-20A3-4CE6-84C7-E0A5B82F7617}) (Version: 2.5.3646 - Famatech)
Aspire 8.5 (HKLM\...\AspireV85) (Version: 8.5 - Vectric)
Aspire 9.5 (HKLM\...\AspireV95) (Version: 9.5 - Vectric)
Autodesk Fusion 360 (HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5119 - Autodesk, Inc.)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
Cdrom List Creator (HKLM-x32\...\Cdrom List Creator) (Version: - )
Common Desktop Agent (HKLM\...\{031A0E14-0413-4C97-9772-2639B782F46F}) (Version: 1.62.0 - OEM) Hidden
Dolby Audio X2 Windows API SDK (HKLM\...\{8738A898-221B-4279-BC87-FEF7938022C1}) (Version: 0.8.8.87 - Dolby Laboratories, Inc.)
Dolby Audio X2 Windows APP (HKLM\...\{9207D68E-666A-49C7-A900-9F5B2FF289E4}) (Version: 0.8.0.71 - Dolby Laboratories, Inc.)
Dropbox (HKLM-x32\...\Dropbox) (Version: 65.4.177 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.141.1 - Dropbox, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
GrabIt 1.7.5 Beta (build 1016) (HKLM-x32\...\GrabIt_is1) (Version: - Ilan Shemes)
ideaMaker 3.3.0.2343 (HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\ideaMaker) (Version: 3.3.0.2343 - Raise3D)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.4944 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
Lenovo Essential Wireless Keyboard (HKLM\...\Lenovo Essential Wireless Keyboard) (Version: 1.0 - Lenovo)
Malwarebytes versie 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\OneDriveSetup.exe) (Version: 18.240.1202.0004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{d6f233bd-3f8c-43f6-878b-07bd0568d595}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{cb7c3049-21de-415b-bd85-b65c14e547df}) (Version: 14.10.25017.0 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 nl) (HKLM\...\Mozilla Firefox 64.0 (x64 nl)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.3.3 - Mozilla)
Mozilla Thunderbird 60.5.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 60.5.0 (x86 nl)) (Version: 60.5.0 - Mozilla)
OpenOffice 4.1.6 (HKLM-x32\...\{137C9FE3-DD3B-402F-893C-01AF8ED4E06B}) (Version: 4.16.9790 - Apache Software Foundation)
Open-Shell (HKLM\...\{FD722BB1-4960-455F-89C6-EFAEB79527EF}) (Version: 4.4.131 - The Open-Shell Team)
Rainbow Web 2 (HKLM-x32\...\BFG-Rainbow Web 2) (Version: - )
REALTEK Bluetooth Filter Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AD}) (Version: 1.5.1012.180530 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.31235 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek PCI-E Wireless LAN Driver (HKLM-x32\...\InstallShield_{70714FB7-4084-4202-A599-2D5935DECB67}) (Version: Drv_3.00.0024 - REALTEK Semiconductor Corp.)
Revo Uninstaller Pro 4.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 4.0.5 - VS Revo Group, Ltd.)
Samsung C460 Series (HKLM-x32\...\Samsung C460 Series) (Version: 1.17 (23-2-2016) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 2.02.53 (30-5-2018) - HP Printing Korea Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 2.00.01.24 - HP Printing Korea Co., Ltd.)
Samsung Network PC Fax (HKLM-x32\...\Samsung Network PC Fax) (Version: 2.02.28 (29-5-2018) - HP Printing Korea Co., Ltd.)
Samsung Printer Diagnostics (HKLM-x32\...\Samsung Printer Diagnostics) (Version: 1.0.1.6.02 - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (HKLM-x32\...\Samsung Scan Process Machine) (Version: 1.03.05.28 - Samsung Electronics Co., Ltd.) Hidden
Silhouette Link (HKLM-x32\...\{C2136C80-F9D4-4096-86D4-C641BB36DFF3}) (Version: 1.0.096 - Silhouette America)
Silhouette Studio (HKLM-x32\...\{6746AE87-B89C-444A-990E-99DD26C25830}) (Version: 4.1.479 - Silhouette America)
Simplify3D Software (HKLM\...\Simplify3D Software 4.1.1) (Version: 4.1.1 - Simplify3D)
Skype versie 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
SpaceClaim Translators 19.1 (HKLM\...\{448949D6-7829-DADD-883F-0388FC997F41}) (Version: 19.1.0 - SpaceClaim Corporation)
Spotnet (HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\Spotnet) (Version: 2.0.0.276 - Spotnet)
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.1.2 - Krzysztof Kowalczyk)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-23733 - Synology)
Synology Cloud Station Drive (HKLM-x32\...\{5DE9756A-0548-4AD5-AC5E-C4FF8B72A22F}) (Version: 4.2.8.4421 - Synology)
TeamViewer 14 (HKLM-x32\...\TeamViewer) (Version: 14.1.3399 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.21a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Vectric Shell Extensions 1.2 (HKLM-x32\...\VectricThumbnailShellExt) (Version: - Vectric)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0-2) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8 - Winamp SA)
Winamp Applicatie Detect (HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows-stuurprogrammapakket - Arduino LLC (www.arduino.cc) Arduino USB Driver (01/04/2013 1.0.0.0) (HKLM\...\1E3EA5624DD04BEFECF3FFF6D3A21CCE9CD70A91) (Version: 01/04/2013 1.0.0.0 - Arduino LLC (www.arduino.cc))
Wise Disk Cleaner 10.1.4 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 10.1.4 - WiseCleaner.com, Inc.)

==================== Aangepaste CLSID (gefilterd): ==========================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\anoud\AppData\Local\Autodesk\webdeploy\production\2999ad1e8304a04ebab33de5fd0e13a002d7edaa\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-3888337827-4225290478-3517265855-1001_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-12-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-12-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-12-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-12-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ 05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\iconOverlay.dll [2018-12-29] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Geen bestand
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => D:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => D:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
ContextMenuHandlers1: [!NetFax0] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax1] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax2] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax3] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax4] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax5] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax6] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [!NetFax7] -> {35308360-D4A6-436D-B701-1FEC7E96BA48} => C:\Windows\system32\spool\drivers\x64\3\NetFaxShell64.dll [2018-05-29] (HP Printing Korea Co., Ltd.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.0.dll [2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Geen bestand
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe5e116bb07c0629\igfxDTCM.dll [2018-07-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2018-09-06] (VS Revo Group Ltd. -> VS Revo Group)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2018-08-18] (Open-Shell)
ContextMenuHandlers1_S-1-5-21-3888337827-4225290478-3517265855-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-12-29] ()
ContextMenuHandlers6_S-1-5-21-3888337827-4225290478-3517265855-1001: [CloudStation.SyncFolderContextMenu] -> {2C4A5D61-009C-4561-9A33-6AFD542FD237} => C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll [2018-12-29] ()

==================== Geplande Taken (gefilterd) =============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

Task: {3D54C527-F7EF-420F-9F06-A8A45116EF43} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
Task: {40E85B09-9378-47FA-A603-9DEA66CB9573} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {45328408-2996-4990-A5F2-3BCE2525DAEF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-14] (Google Inc -> Google Inc.)
Task: {5703D5C2-D58D-4459-8446-116FE93DCE5E} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\d44ad80e-833b-4f5a-b7b5-a420babe6dc8 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-01-07] (Lenovo -> Lenovo Group Ltd.)
Task: {944BA118-3EF1-43B5-93D6-6DAFE2BACBA9} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\c1efe0c4-0260-4c24-9d6c-275fb65ec99d => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-01-07] (Lenovo -> Lenovo Group Ltd.)
Task: {9C7058D3-8261-4E69-9257-8DFECD942C48} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {A3F907B8-A69E-4882-BDE7-FF715E5B2B43} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B2CCB97E-2F76-4154-83C4-1C5F9D048A2B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3B1298E-3CBB-4C6D-89FD-1F514C4608AE} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\5451c7c1-00fd-4caa-805d-fd62a7097c70 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-01-07] (Lenovo -> Lenovo Group Ltd.)
Task: {B4EE6293-A6BE-4946-A690-D11469159FC1} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {B918650C-0234-4038-888F-9384CD905644} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-12-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {C162AF4D-657D-43F2-BD31-090758A6253B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-12-14] (Google Inc -> Google Inc.)
Task: {CF234146-D9B8-4DF6-938A-A52FBD89EBF9} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-12-14] (Dropbox, Inc -> Dropbox, Inc.)
Task: {D102CA33-5661-4645-9BA6-B57EA28E19AC} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MpCmdRun.exe [2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {D2E4A425-7B9F-4BF7-92B0-7E91C3045AB6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2019-01-07] (Lenovo -> Lenovo Group Ltd.)
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] (Microsoft Windows -> )
Task: {F1A7F213-0ADF-4FE7-A9B3-3ABE52C720D1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\15839be8-9b6b-415e-8361-01c176ae52e0 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2019-01-07] (Lenovo -> Lenovo Group Ltd.)
Task: {F2A00AB0-FCA3-4F7A-AAA8-9A2E8EAA910E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {F3DA48CD-EF72-477D-9A71-562CD057ADF4} - System32\Tasks\EPM Preload => C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2DotNetHandler.exe [2018-05-21] (HP Inc. -> )
Task: {F496E4AF-3C48-494F-BB21-D3A04CAEE405} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2019-01-10] (Piriform Software Ltd -> Piriform Ltd)
Task: {F6C798B7-7872-4F8E-8C80-B1CF7D9C171F} - System32\Tasks\WiseCleaner\WDCSkipUAC => d:\Program Files (x86)\Wise\Wise Disk Cleaner\WiseDiskCleaner.exe [2018-12-18] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {FE0B0D47-6C48-4B23-8799-1DA9F1AF580C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)

(Als een item is opgenomen in de fixlist, wordt de taak (job) bestand verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Snelkoppelingen & WMI ========================

(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)


==================== Geladen Modules (gefilterd) ==============

2018-12-14 19:10 - 2015-04-24 14:27 - 000022528 _ () C:\WINDOWS\System32\sst9clm.dll
2019-01-07 16:55 - 2019-01-07 16:55 - 000031256 _ () C:\WINDOWS\System32\us008lm.dll
2018-12-14 19:15 - 2015-04-10 03:44 - 000091136 _ () C:\WINDOWS\System32\ssdevm64.dll
2018-08-13 21:18 - 2018-08-13 21:18 - 000287768 _ () C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
2016-12-06 12:06 - 2016-12-06 12:06 - 000897200 _ () C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe
2018-05-11 12:21 - 2018-05-11 12:21 - 000248856 _ () d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
2018-12-14 19:10 - 2015-04-24 14:27 - 001604096 _ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\sst9cdu.dll
2019-01-07 16:55 - 2019-01-07 16:55 - 001730400 _ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\us008du.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _ () C:\Windows\ShellExperiences\TileControl.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002801152 _ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 001253376 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\icon-overlay\18\x64\ContextMenu.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001740800 _ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-12-14 17:01 - 2018-12-14 17:01 - 000009216 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 000060416 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 000019456 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 011029504 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 002923520 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\skypert.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 000688128 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2019-01-31 17:28 - 2019-01-31 17:28 - 000182272 _ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2019-01-11 08:36 - 2019-01-11 08:36 - 005172224 _ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
2019-01-11 08:36 - 2019-01-11 08:36 - 002172928 _ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.AppCore.dll
2019-01-11 08:36 - 2019-01-11 08:36 - 001795584 _ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneContentDataStore.dll
2018-12-14 16:56 - 2018-12-14 16:57 - 001004032 _ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2019-01-11 08:36 - 2019-01-11 08:36 - 002907136 _ () C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\PhoneCommunicationAppService.dll
2014-09-08 13:39 - 2014-09-08 13:39 - 000464608 _ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2014-09-08 13:38 - 2014-09-08 13:38 - 000051200 _ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2018-09-24 02:14 - 2016-11-30 07:39 - 000443192 ____N () C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe
2019-01-31 17:27 - 2019-01-31 17:27 - 000282624 _ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-12-14 17:02 - 2018-12-14 17:02 - 002538056 _ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2019-01-31 17:27 - 2019-01-31 17:27 - 001757696 _ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-12-14 17:37 - 2018-08-21 09:21 - 000158288 _ () D:\totalcmd\wcmzip64.dll
2019-02-04 13:15 - 2019-02-04 13:15 - 000013312 _ () C:\Users\anoud\AppData\Local\Temp\WNL876F.tmp\ml_online.lng
2019-02-04 13:15 - 2019-02-04 13:15 - 000007680 _ () C:\Users\anoud\AppData\Local\Temp\WNL876F.tmp\ombrowser.lng
2018-10-18 23:13 - 2018-10-18 23:13 - 000268288 _ () D:\Program Files (x86)\Winamp\Shared\libFLAC.dll
2018-10-18 23:13 - 2018-10-18 23:13 - 000939008 _ () D:\Program Files (x86)\Winamp\Plugins\in_mod.dll
2018-10-18 23:13 - 2018-10-18 23:13 - 000012800 _ () D:\Program Files (x86)\Winamp\Plugins\out_wasapi.dll
2018-12-14 17:46 - 2019-01-16 23:33 - 001837672 _ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-01-23 08:59 - 2019-01-16 23:33 - 002388832 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2019-01-23 08:59 - 2019-01-16 23:33 - 000097840 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2019-01-23 08:59 - 2019-01-16 23:33 - 000219696 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2019-01-23 08:59 - 2019-01-16 23:33 - 000081768 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-12-14 17:46 - 2019-01-16 23:33 - 002901504 _ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-12-14 17:46 - 2019-01-16 23:33 - 000015360 _ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-23 08:59 - 2019-01-16 23:33 - 000405056 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2019-01-23 08:59 - 2019-01-16 23:33 - 000138816 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2019-01-23 08:59 - 2019-01-16 23:34 - 003239784 _ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\Processing.NDI.Lib.x86.dll
2019-01-24 08:58 - 2019-01-22 14:14 - 001213768 _ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2019-01-24 08:58 - 2019-01-22 14:14 - 002103112 _ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2019-01-10 08:43 - 2019-01-22 14:16 - 000023376 _ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000025456 _ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:14 - 000148968 _ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 001878888 _ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000025960 _ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:14 - 000118232 _ () C:\Program Files (x86)\Dropbox\Client\pywintypes36.dll
2019-01-10 08:43 - 2019-01-22 14:14 - 000109024 _ () C:\Program Files (x86)\Dropbox\Client\win32api.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000082760 _ () C:\Program Files (x86)\Dropbox\Client\fastpath.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:14 - 000418776 _ () C:\Program Files (x86)\Dropbox\Client\pythoncom36.dll
2019-01-24 08:58 - 2019-01-22 14:15 - 000074072 _ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000027616 _ () C:\Program Files (x86)\Dropbox\Client\win32event.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000049128 _ () C:\Program Files (x86)\Dropbox\Client\win32process.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000026600 _ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000131552 _ () C:\Program Files (x86)\Dropbox\Client\win32file.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000182752 _ () C:\Program Files (x86)\Dropbox\Client\win32gui.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000027616 _ () C:\Program Files (x86)\Dropbox\Client\win32pipe.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000119272 _ () C:\Program Files (x86)\Dropbox\Client\win32security.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000401752 _ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000028640 _ () C:\Program Files (x86)\Dropbox\Client\win32job.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000034664 _ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000062304 _ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:14 - 000023520 _ () C:\Program Files (x86)\Dropbox\Client\mmapfile.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 001457488 _ () C:\Program Files (x86)\Dropbox\Client\dbxlog._dbxlog.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000027488 _ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000053736 _ () C:\Program Files (x86)\Dropbox\Client\win32service.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000065504 _ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000025944 _ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000068968 _ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000028520 _ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000032224 _ () C:\Program Files (x86)\Dropbox\Client\win32ts.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 001755472 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000101200 _ () C:\Program Files (x86)\Dropbox\Client\PyQt592.sip.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 001885520 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000523600 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 003755344 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000061408 _ () C:\Program Files (x86)\Dropbox\Client\win32print.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000169304 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000061784 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000042840 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000202584 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000117584 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000214872 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000099664 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:17 - 000029544 _ () C:\Program Files (x86)\Dropbox\Client\winffi.shell32.compiled._winffi_shell32.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000028008 _ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000033632 _ () C:\Program Files (x86)\Dropbox\Client\winreindex.compiled._winreindex.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:14 - 000027624 _ () C:\Program Files (x86)\Dropbox\Client\win32profile.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000025960 _ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000025448 _ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000025960 _ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000031600 _ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:14 - 000486880 _ () C:\Program Files (x86)\Dropbox\Client\winxpgui.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000051552 _ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000029040 _ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 011941712 _ () C:\Program Files (x86)\Dropbox\Client\nucleus_python.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000029024 _ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:14 - 000036312 _ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2019-01-24 08:58 - 2019-01-22 14:15 - 000036712 _ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000272208 _ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2019-01-10 08:43 - 2019-01-22 14:16 - 000025960 _ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000433992 _ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2019-01-10 08:43 - 2019-01-22 14:16 - 000038240 _ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000026432 _ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2019-01-24 08:58 - 2019-01-22 14:15 - 001967936 _ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2019-01-10 08:43 - 2019-01-22 14:17 - 000025960 _ () C:\Program Files (x86)\Dropbox\Client\winffi.shcore.compiled._winffi_shcore.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000095592 _ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000054096 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngine.cp36-win32.pyd
2019-01-24 08:57 - 2019-01-22 14:17 - 000029544 _ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.cp36-win32.pyd
2019-01-10 08:43 - 2019-01-22 14:16 - 000025448 _ () C:\Program Files (x86)\Dropbox\Client\winffi.gdi32.compiled._winffi_gdi32.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000557392 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.cp36-win32.pyd
2019-01-24 08:58 - 2019-01-22 14:15 - 000335184 _ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.cp36-win32.pyd
2018-12-29 09:45 - 2018-12-29 09:45 - 000123918 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 001026062 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000596986 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 003036430 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 001798570 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 003095505 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000120334 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 021565192 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000712704 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000031744 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000046080 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000032768 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000516608 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000243200 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2018-12-29 09:45 - 2018-12-29 09:45 - 000431616 _ () C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2017-09-25 21:28 - 2017-09-25 21:28 - 001244304 _ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (gefilterd) =========

(Als een item is opgenomen in de fixlist, wordt alleen de ADS verwijderd.)

AlternateDataStreams: C:\ProgramData\TEMP:28DB0DC4 [442]
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F [134]

==================== Veilige Modus (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. De waarde van "AlternateShell" wordt hersteld.)


==================== Bestandskoppeling (gefilterd) ===============

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd.)


==================== Internet Explorer vertrouwde/beperkte toegang ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd.)


==================== Hosts inhoud: ==========================

(Indien nodig kan Hosts:-opdracht worden opgenomen in de fixlist om Hosts te resetten.)

2018-04-12 00:38 - 2019-01-10 13:20 - 000000990 _ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 75.126.120.203
127.0.0.1 46.4.58.71
127.0.0.1 46.4.62.150
127.0.0.1 46.4.28.80

==================== Andere gebieden ============================

(Momenteel is er geen automatische fix voor dit onderdeel.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 84.116.46.20 - 84.116.46.21
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is ingeschakeld.

==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==

Als een item is opgenomen in de fixlist, zal het worden verwijderd.


==================== Firewall regels (gefilterd) ===============

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

FirewallRules: [UDP Query User{9C420BF8-4F64-42D6-A6A6-A91F18762090}D:\program files\videolan\vlc\vlc.exe] => (Block) D:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{B051FB39-03BB-44F6-BF85-E332584CC26C}D:\program files\videolan\vlc\vlc.exe] => (Block) D:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [UDP Query User{56A4E424-8CC2-4CE8-9E5E-BCD18169E697}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [TCP Query User{DFB5FB54-15E7-4A44-8BAB-7EC50DF390EB}C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe] => (Block) C:\program files (x86)\samsung\easy printer manager\easyprintermanagerv2.exe (HP Inc. -> )
FirewallRules: [UDP Query User{F4D3B615-E3B3-4DCE-9620-4F1A52B74DA4}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{49CCF291-00AD-4212-9285-59C1B2E5CA2A}C:\program files (x86)\microsoft\skype for desktop\skype.exe] => (Allow) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{BD5C0015-694F-4C6E-AED0-7B030C5BE221}] => (Allow) C:\Windows\system32\spool\drivers\x64\3\NetFaxMon64.exe (HP Printing Korea Co., Ltd.)
FirewallRules: [{77FFFA3E-D7A8-4074-B1BD-E16E380FF432}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon.exe (HP Printing Korea Co., Ltd.)
FirewallRules: [{BFF9454A-D5EE-427E-B62B-37276700DDAA}] => (Allow) C:\Program Files (x86)\Samsung\Network PC Fax\drv\NetFaxMon64.exe (HP Printing Korea Co., Ltd.)
FirewallRules: [{149FD002-559F-4B33-BAC3-27D1DBA1E2A6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{4F76C124-8B36-42FA-9B37-B9F4CFF1BE8D}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe (HP Inc. -> )
FirewallRules: [{EF2C4FA2-FA58-471B-9A77-DA5182B5F886}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{1A5AB018-9D18-4054-9995-413713C9CEC2}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{9772F3FA-E1F4-435C-ADCB-9516478F3789}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDCApp.exe (HP Inc. -> )
FirewallRules: [{EDD7F7F1-E27D-4A0B-86E4-58E362263732}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A0A0B7C3-2ED4-4D5B-B81D-2EE574666A25}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{01E652A4-3364-4549-813D-CBB872C32BC7}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{D804EE90-F59D-4568-B32F-1C9722D40CAF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2Migrator.exe (HP Inc. -> )
FirewallRules: [{85264633-9284-4905-899D-2CDE2546E2D9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EPM2AlertList.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{9D28C4F9-F078-4127-BEB0-B2045620BC68}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe (HP Inc. -> HP Printing Korea Co., Ltd.)
FirewallRules: [{098260DF-91E0-4B30-BB2C-04FC6203EBFB}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\EasyPrinterManagerV2.exe (HP Inc. -> )
FirewallRules: [{292E2FC7-B973-4090-B7C1-47C4FFEE8015}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Printer Diagnostics\SEInstall\SPD\WebInstallAgent\SPNTInst.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{A8E8BD9F-18DE-4C31-8B3A-675940BF082A}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{0D182B5D-A5D5-464C-B52B-6D8B86CFD79C}] => (Allow) C:\Windows\twain_32\Samsung\SLC460\ScanCDLM\ScanCDLM.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{66785FEC-0FFA-4846-AF11-8BD9C99B94AE}] => (Block) D:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [{C5B3CBBB-2AB7-4E24-BD70-8E80259ECFFC}] => (Block) D:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [UDP Query User{48D7D6C8-F676-4C98-977A-AB1898C1D9BB}D:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) D:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [TCP Query User{79EB82FF-DB1A-4BB2-8720-DB453A51551E}D:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) D:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [{0501D02E-0A8A-449D-AE26-0886D1B91C94}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{60D9E6D8-2DC7-42E9-A3A2-63BB66854753}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DB2AB30D-D13C-4218-B4A4-867F9BC441E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{5DB92050-BC16-45D9-A97A-6A2786A04BFB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{10B3AAA5-597C-4EA0-991D-7FB268A7DD93}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{9417D72C-4EAC-43AA-97E9-57E4D800151B}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe (Silhouette Research & Technology Ltd -> )
FirewallRules: [{E18ADA74-D281-4D94-93FE-CAF95BE8B620}] => (Allow) C:\Program Files (x86)\Silhouette America\Silhouette Link\SilhouetteLinkConsole.exe (Silhouette Research & Technology Ltd -> )
FirewallRules: [{94A8F580-3926-4B31-BB3A-41245BFC02F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{52949E84-487F-4F08-ABBB-E36B49699EC3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{9E59092B-AEBD-414E-A29E-15B20E6316AA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5DCE13E-E318-4977-9180-05EF8B6A07E8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DB41D3C1-E5CA-4290-B88B-4CDAF830E235}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{8C4261EB-08E1-4654-8AB5-23EBBEB56A89}C:\users\anoud\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\anoud\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [UDP Query User{30B97264-3844-4589-B9F1-11D1DD034625}C:\users\anoud\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe] => (Allow) C:\users\anoud\appdata\local\cloudstation\cloudstation.app\bin\cloud-drive-ui.exe (Synology Inc. -> Synology Inc.)
FirewallRules: [{25C064F7-D967-4EE0-81C8-6EC0D198176F}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{68CA6301-E8BA-479F-A90F-E562555EDAFE}] => (Allow) d:\Program Files (x86)\Winamp\winamp.exe (Winamp SA -> Winamp SA)
FirewallRules: [{618FC6F2-511D-4109-B330-7B0950FCA34D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.Office.Desktop.Outlook_16051.11126.20266.0_x86__8wekyb3d8bbwe\Office16\OUTLOOK.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{CDD6EBBF-1F99-4D73-A886-9968908C5BA1}D:\program files\raise3d\ideamaker\ideamaker.exe] => (Allow) D:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D INC -> Raise3D)
FirewallRules: [UDP Query User{7470C294-F905-4951-8919-C2E64F713596}D:\program files\raise3d\ideamaker\ideamaker.exe] => (Allow) D:\program files\raise3d\ideamaker\ideamaker.exe (RAISE 3D INC -> Raise3D)
FirewallRules: [{32CE6E0D-C856-4FA9-A415-7C113CE30E4B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{6EC97EB9-28E7-4361-B0D6-DD3F4D3804E5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{58FE3147-921B-45F8-B03F-8CD434314507}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Dropbox, Inc -> Dropbox, Inc.)
FirewallRules: [{671EED10-68DC-4B69-B856-5ADC77FC00A8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)
FirewallRules: [{EEC8E078-71B7-433A-A941-8005DEF89486}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Ltd)

==================== Herstelpunten =========================

20-01-2019 19:29:22 Gepland controlepunt
26-01-2019 09:39:08 Installatieprogramma voor Windows-modules
02-02-2019 13:01:25 Gepland controlepunt

==================== Defecte Apparaatbeheer Apparaten =============


==================== Eventlog fouten: =========================

Applicatiefouten:
==================
Error: (02/03/2019 12:17:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x4018
Starttijd van toepassing met fout: 0x01d4bb9793426352
Pad naar toepassing met fout: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: 1cba5dff-a148-4ac2-9559-c9b13b1d8e16
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/30/2019 10:56:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0xcc0
Starttijd van toepassing met fout: 0x01d4b870188aeda2
Pad naar toepassing met fout: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: 395edb3a-b46e-46e6-8b04-39f171189ca5
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/29/2019 11:27:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x1508
Starttijd van toepassing met fout: 0x01d4b7a0b5f5c70a
Pad naar toepassing met fout: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: 10c462c0-0db3-4834-b78d-155c14defdc9
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/28/2019 10:59:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x3574
Starttijd van toepassing met fout: 0x01d4b6dfbda5134c
Pad naar toepassing met fout: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: 1771212f-9938-4bef-bdb3-8e53b1af1b3e
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/27/2019 11:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RAVBg64.exe, versie: 1.0.0.294, tijdstempel: 0x5bb1cba3
Naam van module met fout: KERNELBASE.dll, versie: 10.0.17763.134, tijdstempel: 0x1659a33b
Uitzonderingscode: 0xc06d007e
Foutmarge: 0x0000000000055299
Id van proces met fout: 0x2998
Starttijd van toepassing met fout: 0x01d4b61704d45c26
Pad naar toepassing met fout: C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
Pad naar module met fout: C:\WINDOWS\System32\KERNELBASE.dll
Rapport-id: af9fee97-7199-423c-a9b0-98b747fd19d3
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/26/2019 09:04:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: RevoUninPro.exe, versie: 4.0.5.0, tijdstempel: 0x5c0f5930
Naam van module met fout: RevoUninPro.exe, versie: 4.0.5.0, tijdstempel: 0x5c0f5930
Uitzonderingscode: 0xc0000409
Foutmarge: 0x0000000000702a8c
Id van proces met fout: 0x1c04
Starttijd van toepassing met fout: 0x01d4b5b215ffca7b
Pad naar toepassing met fout: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
Pad naar module met fout: C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe
Rapport-id: 3aae5f66-943a-4fdb-82bd-d9787c0a6c32
Volledige pakketnaam met fout:
Relatieve toepassings-id van pakket met fout:

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden

Error: (01/24/2019 08:58:50 AM) (Source: DbxSvc) (EventID: 281) (User: )
Description: CertFindCertificateInStore failed with: (-2146885628) Kan object of eigenschap niet vinden


Systeemfouten:
=============
Error: (02/04/2019 01:26:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7O6IQ87)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker DESKTOP-7O6IQ87\anoud SID (S-1-5-21-3888337827-4225290478-3517265855-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:26:23 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7O6IQ87)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker DESKTOP-7O6IQ87\anoud SID (S-1-5-21-3888337827-4225290478-3517265855-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:16:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
Windows.SecurityCenter.SecurityAppBroker
en APPID
Niet beschikbaar
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:16:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
Windows.SecurityCenter.WscBrokerManager
en APPID
Niet beschikbaar
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:16:08 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
Windows.SecurityCenter.WscDataProtection
en APPID
Niet beschikbaar
aan de gebruiker NT AUTHORITY\SYSTEM SID (S-1-5-18) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:15:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7O6IQ87)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Starten niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
Windows.SecurityCenter.WscCloudBackupProvider
en APPID
Niet beschikbaar
aan de gebruiker DESKTOP-7O6IQ87\anoud SID (S-1-5-21-3888337827-4225290478-3517265855-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.

Error: (02/04/2019 01:14:14 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Update Orchestrator Service-service is gestopt met de volgende foutcode:
Deze bewerking is geretourneerd omdat de time-outperiode verlopen is.
.

Error: (02/04/2019 12:52:44 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-7O6IQ87)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
en APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
aan de gebruiker DESKTOP-7O6IQ87\anoud SID (S-1-5-21-3888337827-4225290478-3517265855-1001) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.


Windows Defender:
===================================
Date: 2019-02-04 14:10:51.871
Description:
C:\Windows\System32\notepad.exe mag %desktopdirectory%\ niet wijzigen door beperkte maptoegang.
Detectietijd: 2019-02-04T13:10:51.867Z
Gebruiker: DESKTOP-7O6IQ87\anoud
Pad: %desktopdirectory%\
Procesnaam: C:\Windows\System32\notepad.exe
Handtekeningversie: 1.285.836.0
Engine-versie: 1.1.15600.4
Productversie: 4.18.1901.7

Date: 2019-02-04 14:10:51.866
Description:
C:\Windows\System32\notepad.exe mag %desktopdirectory%\ niet wijzigen door beperkte maptoegang.
Detectietijd: 2019-02-04T13:10:51.865Z
Gebruiker: DESKTOP-7O6IQ87\anoud
Pad: %desktopdirectory%\
Procesnaam: C:\Windows\System32\notepad.exe
Handtekeningversie: 1.285.836.0
Engine-versie: 1.1.15600.4
Productversie: 4.18.1901.7

Date: 2019-02-04 14:09:05.186
Description:
C:\Users\anoud\Desktop\FRST64.exe mag %desktopdirectory%\ niet wijzigen door beperkte maptoegang.
Detectietijd: 2019-02-04T13:09:05.186Z
Gebruiker: DESKTOP-7O6IQ87\anoud
Pad: %desktopdirectory%\
Procesnaam: C:\Users\anoud\Desktop\FRST64.exe
Handtekeningversie: 1.285.836.0
Engine-versie: 1.1.15600.4
Productversie: 4.18.1901.7

Date: 2019-02-04 13:32:53.288
Description:
Gecontroleerde mappentoegang heeft C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe niet toegestaan het geheugen te wijzigen.
Detectietijd: 2019-02-04T12:32:53.287Z
Gebruiker: NT AUTHORITY\SYSTEM
Pad: \Device\Harddisk0\DR0
Procesnaam: C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
Handtekeningversie: 1.285.836.0
Engine-versie: 1.1.15600.4
Productversie: 4.18.1901.7

Date: 2019-02-04 13:16:15.868
Description:
Gecontroleerde mappentoegang heeft C:\Windows\System32\wbem\WmiPrvSE.exe niet toegestaan het geheugen te wijzigen.
Detectietijd: 2019-02-04T12:16:15.868Z
Gebruiker: NT AUTHORITY\NETWORK SERVICE
Pad: \Device\CdRom0
Procesnaam: C:\Windows\System32\wbem\WmiPrvSE.exe
Handtekeningversie: 1.285.836.0
Engine-versie: 1.1.15600.4
Productversie: 4.18.1901.7

Date: 2019-01-23 14:29:02.853
Description:
Windows Defender Antivirus heeft een fout aangetroffen bij het herstellen van een item dat in quarantaine was geplaatst.
Zie voor meer informatie:
Naam: HackTool:Win32/Keygen
Id: 2147593794
Ernst: Hoog
Categorie: Hulpprogramma
Gebruiker: DESKTOP-7O6IQ87\anoud
Foutcode: 0x80508014
Foutbeschrijving: Het item in quarantaine kan niet worden teruggezet.
Handtekeningversie: AV: 1.283.3546.0, AS: 1.283.3546.0
Engineversie: 1.1.15500.2

CodeIntegrity:
===================================

Date: 2019-01-09 22:11:46.431
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.420
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.395
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-09 22:11:46.389
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-08 17:04:03.691
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:21.356
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:21.163
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-01-07 17:03:20.856
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\AVAST Software\Avast\wsc_proxy.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Geheugen info ===========================

Processor: Intel(R) Core(TM) i3-7020U CPU @ 2.30GHz
Percentage geheugen in gebruik: 61%
Totaal fysiek RAM-geheugen: 8101.49 MB
Beschikbaar fysiek RAM-geheugen: 3101.9 MB
Totaal Virtueel geheugen: 9381.49 MB
Beschikbaar Virtueel geheugen: 3725.63 MB

==================== Schijven ================================

Drive c: (Windows) (Fixed) (Total:118 GB) (Free:76.65 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.39 GB) (Free:874.57 GB) NTFS

\\?\Volume{8639eebe-6ef5-4979-ae16-e33f7dbf0210}\ (WinRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.58 GB) NTFS
\\?\Volume{fd4db2dd-5f99-4f51-9fdb-7dcfd03a3dfc}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partitietabel ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 5A19A3E0)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 5A19A3D7)

Partition: GPT.

==================== Einde van Addition.txt ============================

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 4.02.2019
Gestart door anoud (Beheerder) op DESKTOP-7O6IQ87 (04-02-2019 14:14:54)
Gestart vanaf C:\Users\anoud\Desktop
Geladen Profielen: anoud (Beschikbare Profielen: anoud)
Platform: Windows 10 Home Versie 1809 17763.292 (X64) Taal: Nederlands (Nederland)
Standaardbrowser: FF
Boot Modus: Normal
Handleiding voor Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processen (gefilterd) =================

(Als een item is opgenomen in de fixlist, zal het proces worden gesloten. Het bestand zal niet worden verplaatst.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe5e116bb07c0629\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe5e116bb07c0629\IntelCpHDCPSvc.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(HP Printing Korea Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxServer64.exe
() C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1901.7-0\MsMpEng.exe
() D:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe5e116bb07c0629\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_fe5e116bb07c0629\igfxEM.exe
(Open-Shell) D:\Program Files\Open-Shell\StartMenu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.YourPhone_1.0.20094.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Winamp SA) D:\Program Files (x86)\Winamp\winamp.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(HP Printing Korea Co., Ltd.) C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Synology Inc.) C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-ui.exe
(Synology Inc.) C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-connect.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synology Inc.) C:\Users\anoud\AppData\Local\CloudStation\CloudStation.app\bin\cloud-drive-daemon.exe
(The Qt Company Ltd.) C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dolby Laboratories, Inc.) C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Lenovo Group Ltd.) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Lenovo Group Ltd.) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Ghisler Software GmbH) D:\totalcmd\TOTALCMD64.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe

==================== Register (gefilterd) ===========================

(Als een item is opgenomen in de fixlist, zal het registeritem worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18391096 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LVA] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505840 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_CTPreset] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505840 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505840 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Lenovo Essential Wireless Keyboard OSD] => C:\Program Files\Lenovo\Lenovo Essential Wireless Keyboard\KBOSD.exe [443192 2016-11-30] (PRIMAX ELECTRONICS LTD. -> )
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [464608 2014-09-08] (Samsung Electronics CO., LTD. -> )
HKLM\...\Run: [Open-Shell Start Menu] => D:\Program Files\Open-Shell\StartMenu.exe [216576 2018-08-18] (Open-Shell)
HKLM\...\Run: [RtsCM] => C:\WINDOWS\RTSCM64.EXE [225224 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
HKLM\...\Run: [RtHDVBg_HP_VOICEMODE_FOR_SKYPE] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1505840 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [DAX2_APP] => C:\Program Files\Dolby\Dolby DAX2\DAX2_APP\DolbyDAX2TrayIcon.exe [849920 2017-03-07] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4090176 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53535080 2019-01-16] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc -> Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Network PC Fax.lnk [2018-12-14]
ShortcutTarget: Samsung Network PC Fax.lnk -> C:\Windows\System32\spool\drivers\x64\3\NetFaxTray64.exe (HP Printing Korea Co., Ltd.)
Startup: C:\Users\anoud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station Drive.lnk [2019-02-04]
ShortcutTarget: Synology Cloud Station Drive.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)

==================== Internet (gefilterd) ====================

(Als een item is opgenomen in de fixlist en een registeritem is, wordt het verwijderd of hersteld naar de standaard.)

Hosts: Er is meer dan één item in Hosts. Zie Hosts deel van Addition.txt
Tcpip\Parameters: [DhcpNameServer] 84.116.46.20 84.116.46.21
Tcpip\..\Interfaces\{7e676ec0-ba03-4f4e-9819-10dd4edb75f9}: [DhcpNameServer] 84.116.46.20 84.116.46.21

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo17win10.msn.com/?pc=LCTE
HKU\S-1-5-21-3888337827-4225290478-3517265855-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com/
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> D:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> D:\Program Files\Open-Shell\ClassicIEDLL_64.dll [2018-08-18] (Open-Shell)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> D:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-18] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> D:\Program Files\Open-Shell\ClassicIEDLL_32.dll [2018-08-18] (Open-Shell)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Program Files\Open-Shell\ClassicExplorer64.dll [2018-08-18] (Open-Shell)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - D:\Program Files\Open-Shell\ClassicExplorer32.dll [2018-08-18] (Open-Shell)

FireFox:
========
FF DefaultProfile: 7eln8uqj.default
FF ProfilePath: C:\Users\anoud\AppData\Roaming\Mozilla\Firefox\Profiles\7eln8uqj.default [2019-02-04]
FF Homepage: Mozilla\Firefox\Profiles\7eln8uqj.default -> hxxps://piepcomp.nl/
FF Extension: (AdBlock) - C:\Users\anoud\AppData\Roaming\Mozilla\Firefox\Profiles\7eln8uqj.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2018-12-15]
FF Extension: (LastPass: Free Password Manager) - C:\Users\anoud\AppData\Roaming\Mozilla\Firefox\Profiles\7eln8uqj.default\Extensions\support@lastpass.com.xpi [2019-02-01]
FF Extension: (ImTranslator: Vertaler, Woordenboek, Spraak) - C:\Users\anoud\AppData\Roaming\Mozilla\Firefox\Profiles\7eln8uqj.default\Extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi [2019-01-30]
FF Plugin: @videolan.org/vlc,version=3.0.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-18] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)

Chrome:
=======
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default [2019-01-25]
CHR Extension: (Presentaties) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-12-14]
CHR Extension: (Docs) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-14]
CHR Extension: (Google Drive) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-14]
CHR Extension: (YouTube) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-12-14]
CHR Extension: (Spreadsheets) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-12-14]
CHR Extension: (Gmail) - C:\Users\anoud\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-14]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (gefilterd) ====================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R2 Cloud Station Drive VSS Service x64; C:\Program Files (x86)\Synology\CloudStation\bin\vss-service-x64.exe [287768 2018-08-13] (Synology Inc. -> )
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-14] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2018-12-14] (Dropbox, Inc -> Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2019-01-22] (Dropbox, Inc -> Dropbox, Inc.)
R2 Dolby DAX2 API Service; C:\Program Files\Dolby\Dolby DAX2\DAX2_API\DolbyDAX2API.exe [189464 2018-09-25] (Dolby Laboratories, Inc. -> Dolby Laboratories, Inc.)
S3 iaStorAfsService; C:\Windows\IAStorAfsService\iaStorAfsService.exe [2413720 2017-06-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [71336 2019-01-07] (Lenovo -> Lenovo Group Ltd.)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [742704 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
S2 Intel(R) TPM Provisioning Service; C:\Program Files\Intel\iCLS Client\TPMProvisioningService.exe [668472 2017-09-21] (Intel(R) Trust Services -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [197264 2017-09-25] (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268328 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [687552 2018-06-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R2 Samsung Network Fax Server; C:\Windows\system32\spool\drivers\x64\3\NetFaxServer64.exe [700928 2018-05-29] (HP Printing Korea Co., Ltd.) [Bestand niet getekend]
R2 SilhouetteLink; C:\Program Files (x86)\Silhouette America\Silhouette Link\Resources\Resources\SPEC_LK\SilhouetteLinkServer.32.exe [897200 2016-12-06] (Silhouette Research & Technology Ltd -> )
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] (Microsoft Windows -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11660528 2018-12-07] (TeamViewer GmbH -> TeamViewer GmbH)
R2 UsbClientService; d:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248856 2018-05-11] (Synology Inc. -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\NisSrv.exe [4096976 2019-01-25] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1901.7-0\MsMpEng.exe [113992 2019-01-25] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (gefilterd) ======================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)

R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [31816 2019-01-07] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronic Corp.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-01-07] (Martin Malik - REALiX -> REALiX(tm))
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [967696 2019-01-07] (Intel(R) Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [70632 2017-06-09] (Intel(R) Rapid Storage Technology -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1122200 2019-01-07] (Realtek Semiconductor Corp. -> Realtek )
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758216 2018-06-14] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [430016 2019-01-07] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3236800 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
R3 RTWlanE; C:\WINDOWS\System32\drivers\rtwlane.sys [8429416 2019-01-07] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation )
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46488 2019-01-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [343032 2019-01-25] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [63480 2019-01-25] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (gefilterd) ===================

(Als een item is opgenomen in de fixlist, wordt het uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)


==================== Een maand (aangemaakt) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-02-04 14:14 - 2019-02-04 14:15 - 000020220 _ C:\Users\anoud\Desktop\FRST.txt
2019-02-04 13:56 - 2019-02-04 14:14 - 000000000 ____D C:\FRST
2019-02-04 13:51 - 2019-02-04 13:47 - 002433024 _ (Farbar) C:\Users\anoud\Desktop\FRST64.exe
2019-02-04 13:35 - 2019-02-04 13:35 - 000024329 _ C:\Users\anoud\Desktop\MTB.txt
2019-02-04 13:15 - 2019-02-04 13:15 - 000000000 ___HD C:\OneDriveTemp
2019-02-04 13:13 - 2019-02-04 13:13 - 026806784 _ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 023439360 _ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 020811776 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 019284480 _ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 019024384 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 008875520 _ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 007897088 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 007857152 _ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 007724992 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 006057984 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 005440008 _ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 005112792 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 003656192 _ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 003550384 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002942464 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002469648 _ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002392576 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002323904 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002298880 _ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 002278448 _ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001783296 _ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001387520 _ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001309696 _ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001309184 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001289192 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001282640 _ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001259024 _ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-02-04 13:13 - 2019-02-04 13:13 - 001224704 _ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001200920 _ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001064448 _ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001047552 _ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 001018880 _ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000913920 _ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000912384 _ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000833536 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000829440 _ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000794112 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000762272 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000742912 _ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000663040 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000622592 _ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000522312 _ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-02-04 13:13 - 2019-02-04 13:13 - 000481792 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000429056 _ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000427520 _ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000371712 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000349184 _ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000314368 _ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000289792 _ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000263360 _ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000241152 _ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000176640 _ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000137216 _ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-02-04 13:13 - 2019-02-04 13:13 - 000093696 _ (Microsoft Corporation) C:\WINDOWS\system32\nlahc.dll
2019-02-04 13:13 - 2019-02-04 13:13 - 000092672 _ (Microsoft Corporation) C:\WINDOWS\system32\PktMon.exe
2019-02-04 13:12 - 2019-02-04 13:13 - 005584864 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 022111856 _ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 017520640 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 015224832 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 009684000 _ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 007645600 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 006549232 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 005565952 _ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 005561856 _ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 005527552 _ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 005205464 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 005088256 _ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004991096 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004702704 _ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004630016 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004588544 _ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 004526080 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004298752 _ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 004019200 _ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 003982848 _ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 003662336 _ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 003556352 _ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 003386368 _ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002992640 _ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002927112 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 002776920 _ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002766136 _ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002721792 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 002702528 _ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002689024 _ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002626568 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 002618880 _ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002488320 _ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 002466304 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002275888 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002187264 _ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002149368 _ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002085376 _ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 002072728 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001994768 _ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001975296 _ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001969704 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 001899160 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001720936 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001715712 _ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001700880 _ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001696936 _ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-02-04 13:12 - 2019-02-04 13:12 - 001674480 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001671864 _ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001641400 _ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001604096 _ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001533440 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001467552 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001467384 _ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 001462272 _ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001446400 _ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001415680 _ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001341584 _ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-02-04 13:12 - 2019-02-04 13:12 - 001331744 _ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001314304 _ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001271608 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001258512 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 001255944 _ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 001254912 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001221120 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 001209360 _ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001178344 _ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 001168384 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001098136 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001054200 _ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 001051152 _ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 001048576 _ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001032704 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 001010176 _ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000970256 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000956416 _ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000954368 _ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000925184 _ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000901632 _ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000887808 _ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000875008 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000865784 _ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000864056 _ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000850968 _ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000822448 _ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000820736 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000806560 _ C:\WINDOWS\SysWOW64\locale.nls
2019-02-04 13:12 - 2019-02-04 13:12 - 000806560 _ C:\WINDOWS\system32\locale.nls
2019-02-04 13:12 - 2019-02-04 13:12 - 000800256 _ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000799568 _ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000787456 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000770048 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000762368 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000752136 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000744960 _ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000741888 _ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000726208 _ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000700416 _ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000684544 _ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000681984 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000652320 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000651792 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000651304 _ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000649272 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000648192 _ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000629576 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000624640 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000615936 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000612368 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000604552 _ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000588304 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000580024 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000556544 _ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000553984 _ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000547840 _ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000543744 _ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000535048 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000527872 _ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000516608 _ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000506408 _ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000496872 _ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000494080 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000494080 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000474936 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-02-04 13:12 - 2019-02-04 13:12 - 000434176 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000433152 _ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000430904 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000420864 _ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000408800 _ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000407552 _ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000407040 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000394752 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000388096 _ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000375544 _ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000365056 _ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000353488 _ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000349184 _ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000346624 _ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000326144 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000324408 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000320000 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000305664 _ (Microsoft Corporation) C:\WINDOWS\system32\rasppp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000298296 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000284160 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasppp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000277536 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000276488 _ (Microsoft Corporation) C:\WINDOWS\system32\MTF.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000273920 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000262672 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000251904 _ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000217600 _ (Microsoft Corporation) C:\WINDOWS\system32\container.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000203280 _ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000202552 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MTF.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000201216 _ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000198144 _ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000195896 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000195072 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000193032 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000184320 _ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000179712 _ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000171520 _ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000165376 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000165376 _ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000162304 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000160256 _ (Microsoft Corporation) C:\WINDOWS\system32\spopk.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000159744 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000157192 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000156672 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000155648 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000151040 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\container.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000148480 _ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000146888 _ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000143872 _ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000140288 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000132104 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000129024 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spopk.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000122368 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000121872 _ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000120320 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000119296 _ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000114856 _ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000104960 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000104960 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000097592 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000091424 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000090632 _ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000086528 _ (Microsoft Corporation) C:\WINDOWS\system32\nslookup.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000080400 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000077824 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nslookup.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000074424 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2019-02-04 13:12 - 2019-02-04 13:12 - 000062464 _ (Microsoft Corporation) C:\WINDOWS\system32\umpo-overrides.dll
2019-02-04 13:12 - 2019-02-04 13:12 - 000041984 _ (Microsoft Corporation) C:\WINDOWS\system32\lpkinstall.exe
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth8.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth7.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth6.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth5.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth4.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth3.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth2.bin
2019-02-04 13:12 - 2019-02-04 13:12 - 000000315 _ C:\WINDOWS\system32\DrtmAuth1.bin
2019-02-04 12:46 - 2019-02-04 12:45 - 000892416 _ (Farbar) C:\Users\anoud\Desktop\MiniToolBox.exe
2019-01-29 20:50 - 2019-01-29 20:50 - 005766791 _ C:\Users\anoud\Documents\SM-T713_T813_UM_Open_Nougat_Dut_Rev.1.0_170515.pdf
2019-01-26 16:11 - 2019-01-07 18:38 - 000205992 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.CoreTypes.dll
2019-01-26 16:11 - 2019-01-07 18:38 - 000130216 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.Utilities.dll
2019-01-26 16:11 - 2019-01-07 18:38 - 000097448 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.Modern.ImController.ImClient.dll
2019-01-26 16:11 - 2019-01-07 18:38 - 000043688 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\Lenovo.ImController.EventLogging.dll
2019-01-26 16:06 - 2019-01-26 21:00 - 000001129 _ C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2019-01-26 16:06 - 2019-01-26 21:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2019-01-26 16:06 - 2019-01-26 16:06 - 000000000 ____D C:\Users\anoud\AppData\Local\VS Revo Group
2019-01-26 16:06 - 2019-01-26 16:06 - 000000000 ____D C:\ProgramData\VS Revo Group
2019-01-26 16:06 - 2019-01-26 16:06 - 000000000 ____D C:\Program Files\VS Revo Group
2019-01-26 16:06 - 2016-12-21 14:52 - 000040240 _ (VS Revo Group) C:\WINDOWS\system32\Drivers\revoflt.sys
2019-01-24 08:58 - 2019-01-24 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2019-01-23 21:03 - 2019-02-04 13:14 - 000295368 _ C:\WINDOWS\system32\FNTCACHE.DAT
2019-01-22 14:14 - 2019-01-22 14:14 - 000051024 _ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2019-01-22 14:14 - 2019-01-22 14:14 - 000047800 _ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2019-01-21 15:13 - 2019-01-21 15:13 - 000000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2019-01-21 15:13 - 2019-01-21 15:13 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2019-01-21 15:13 - 2019-01-21 15:13 - 000000000 ____D C:\Users\anoud\AppData\Roaming\GWizard.10BF72DB3E21DFA5E488DD435BD80808DFD917E3.1
2019-01-21 15:13 - 2019-01-21 15:13 - 000000000 ____D C:\ProgramData\Adobe
2019-01-21 15:13 - 2019-01-21 15:13 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-01-21 15:12 - 2019-01-21 15:12 - 000000000 ____D C:\Users\anoud\AppData\Local\Adobe
2019-01-20 15:48 - 2019-01-20 15:48 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cdrom List Creator
2019-01-20 12:48 - 2019-01-20 12:48 - 000000000 ____D C:\Users\anoud\AppData\Roaming\com.silhouettesoftware.scratch.1
2019-01-20 12:48 - 2019-01-20 12:48 - 000000000 ____D C:\Users\anoud\AppData\Roaming\com.aspexsoftware.ss_bluetooth
2019-01-20 12:47 - 2019-01-20 12:47 - 000004814 _ C:\Users\anoud\Documents\Silhouette Studio Permissions Debug
2019-01-20 12:47 - 2019-01-20 12:47 - 000001984 _ C:\Users\Public\Desktop\Silhouette Studio.lnk
2019-01-20 12:46 - 2019-01-20 12:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Silhouette America
2019-01-18 19:43 - 2019-01-18 19:43 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-17 13:09 - 2019-01-17 13:09 - 000000947 _ C:\Users\Public\Desktop\ideaMaker.lnk
2019-01-17 13:09 - 2019-01-17 13:09 - 000000000 ____D C:\Users\anoud\AppData\Local\Raise3D
2019-01-17 13:09 - 2019-01-17 13:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raise3D
2019-01-17 13:09 - 2019-01-17 13:09 - 000000000 ____D C:\Program Files\DIFX
2019-01-15 15:34 - 2019-01-19 11:22 - 000001636 _ C:\Users\Public\Desktop\Browse Aspire V9.5 Tutorials.lnk
2019-01-15 15:34 - 2019-01-15 15:34 - 000000927 _ C:\Users\Public\Desktop\Aspire 9.5.lnk
2019-01-15 15:34 - 2019-01-15 15:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aspire 9.5
2019-01-09 08:08 - 2019-01-09 08:08 - 012858368 _ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 012151808 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 003952952 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 002986352 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 001022464 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000870400 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000662528 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Pipeline.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000570368 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000448000 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000352768 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000312832 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000139776 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintWorkflowService.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000098816 ____R (Microsoft Corporation) C:\WINDOWS\system32\MixedRealityCapture.Broker.dll
2019-01-09 08:08 - 2019-01-09 08:08 - 000092160 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2019-01-09 08:07 - 2019-01-09 08:07 - 003338328 _ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 003270144 _ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 002929152 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 002594872 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 002437552 _ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 002021584 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 001616384 _ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 001212416 _ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000998912 _ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000773120 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000735232 _ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000463672 _ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000387384 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000178696 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-01-09 08:07 - 2019-01-09 08:07 - 000155648 _ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-01-09 08:07 - 2019-01-09 08:07 - 000140808 _ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-01-09 08:07 - 2019-01-09 08:07 - 000047112 _ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2019-01-08 19:11 - 2019-01-08 19:11 - 001321918 _ C:\Users\anoud\Documents\cc_20190108_191040.reg
2019-01-08 17:02 - 2019-01-08 17:03 - 000000000 ____D C:\AdwCleaner
2019-01-07 17:01 - 2019-01-07 17:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2019-01-07 17:00 - 2019-01-07 17:00 - 000000000 ____D C:\ProgramData\Dolby
2019-01-07 17:00 - 2019-01-07 17:00 - 000000000 ____D C:\Program Files\Dolby
2019-01-07 16:59 - 2019-01-07 16:59 - 023073815 _ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2019-01-07 16:59 - 2019-01-07 16:59 - 007178544 _ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 007101824 _ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 003677224 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2019-01-07 16:59 - 2019-01-07 16:59 - 003319480 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 003159472 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 002930216 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001971448 _ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001544328 _ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOProp.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001372472 _ (Dolby Laboratories) C:\WINDOWS\system32\DAX3APOv251.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001353384 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001259808 _ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOvlldp.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 001159264 _ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOProp.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000453352 _ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000406528 _ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2APIPCLL.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000343768 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000333088 _ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000157408 _ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000139832 _ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000122424 _ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2019-01-07 16:59 - 2019-01-07 16:59 - 000090232 _ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2019-01-07 16:57 - 2019-01-07 16:57 - 000967696 _ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorAC.sys
2019-01-07 16:57 - 2019-01-07 16:57 - 000046937 _ C:\WINDOWS\system32\Drivers\rtldata.txt
2019-01-07 16:56 - 2019-01-07 16:56 - 009900032 _ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2019-01-07 16:56 - 2019-01-07 16:56 - 003236800 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\rtsuvc.sys
2019-01-07 16:56 - 2019-01-07 16:56 - 000666048 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamP64.dll
2019-01-07 16:56 - 2019-01-07 16:56 - 000577472 _ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RtCamP.dll
2019-01-07 16:56 - 2019-01-07 16:56 - 000225224 _ (Realtek Semiconductor Corp.) C:\WINDOWS\RtsCM64.exe
2019-01-07 16:56 - 2019-01-07 16:56 - 000104384 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtCamO64.dll
2019-01-07 16:56 - 2019-01-07 16:56 - 000003034 _ C:\WINDOWS\RtsCM64.xml
2019-01-07 16:55 - 2019-01-07 16:55 - 000166768 _ C:\WINDOWS\system32\us008ci.exe
2019-01-07 16:55 - 2019-01-07 16:55 - 000098328 _ (SS) C:\WINDOWS\system32\us008ci.dll
2019-01-07 16:55 - 2019-01-07 16:55 - 000031256 _ () C:\WINDOWS\system32\us008lm.dll
2019-01-07 16:54 - 2019-01-07 16:54 - 001804688 _ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll
2019-01-07 16:54 - 2019-01-07 16:54 - 000031816 _ (ELAN Microelectronic Corp.) C:\WINDOWS\system32\Drivers\ETDSMBus.sys
2019-01-07 16:48 - 2019-01-07 16:48 - 000027552 _ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\WINDOWS\IObit
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\Users\anoud\AppData\Roaming\IObit
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\Users\anoud\AppData\Roaming\DataWorks
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\Users\anoud\AppData\LocalLow\IObit
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\ProgramData\ProductData
2019-01-07 16:48 - 2019-01-07 16:48 - 000000000 ____D C:\ProgramData\IObit
2019-01-06 17:08 - 2019-01-06 17:07 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-01-06 16:00 - 2019-01-06 16:00 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Applicatie Detect
2019-01-06 13:55 - 2019-01-24 10:43 - 000000747 _ C:\Users\Public\Desktop\Winamp.lnk
2019-01-06 13:55 - 2019-01-06 16:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2019-01-06 13:55 - 2009-09-04 17:29 - 001892184 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2019-01-06 13:55 - 2006-09-28 16:05 - 002414360 _ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-01-06 13:54 - 2019-01-24 11:37 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Winamp
2019-01-06 11:29 - 2019-01-06 11:29 - 000000000 ____D C:\ProgramData\Playrix Entertainment
2019-01-05 19:05 - 2019-01-05 19:05 - 000000000 ____D C:\Users\anoud\AppData\LocalLow\CrispApp
2019-01-05 19:02 - 2019-01-29 09:52 - 000000000 ____D C:\Users\anoud\Downloads\incomplete
2019-01-05 19:01 - 2019-01-05 19:01 - 000002174 _ C:\Users\anoud\Desktop\Spotnet.lnk
2019-01-05 19:01 - 2019-01-05 19:01 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotnet

==================== Een maand (gewijzigd) ========

(Als een item is opgenomen in de fixlist, wordt de map of het bestand verplaatst.)

2019-02-04 14:09 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-02-04 14:03 - 2018-12-14 21:08 - 000000000 ____D C:\Users\anoud\AppData\Local\OpenShell
2019-02-04 13:32 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2019-02-04 13:30 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-02-04 13:20 - 2018-12-26 18:47 - 001681090 _ C:\WINDOWS\system32\PerfStringBackup.INI
2019-02-04 13:20 - 2018-09-15 17:42 - 000748362 _ C:\WINDOWS\system32\perfh013.dat
2019-02-04 13:20 - 2018-09-15 17:42 - 000146222 _ C:\WINDOWS\system32\perfc013.dat
2019-02-04 13:16 - 2018-12-14 18:43 - 000000000 ___RD C:\Users\anoud\Dropbox
2019-02-04 13:15 - 2018-12-26 18:39 - 000000000 ____D C:\Users\anoud
2019-02-04 13:15 - 2018-12-14 16:59 - 000000000 ____D C:\Users\anoud\AppData\LocalLow\Mozilla
2019-02-04 13:15 - 2018-12-14 16:48 - 000000000 ___RD C:\Users\anoud\OneDrive
2019-02-04 13:15 - 2018-12-14 16:45 - 000000000 __SHD C:\Users\anoud\IntelGraphicsProfiles
2019-02-04 13:15 - 2018-12-14 16:45 - 000000000 ___RD C:\Users\anoud\3D Objects
2019-02-04 13:15 - 2018-04-17 20:03 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-02-04 13:14 - 2018-12-26 18:44 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-02-04 13:14 - 2018-12-14 18:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-02-04 13:14 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-02-04 13:14 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-02-04 13:14 - 2018-09-15 07:09 - 000524288 _ C:\WINDOWS\system32\config\BBI
2019-02-04 13:14 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-02-04 13:07 - 2018-12-16 10:13 - 000000000 ____D C:\ProgramData\Spotnet
2019-02-04 13:06 - 2018-12-14 18:31 - 000152688 _ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-02-04 12:45 - 2018-12-14 21:08 - 000000000 ____D C:\ProgramData\OpenShell
2019-02-04 12:27 - 2018-12-26 18:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-02-04 09:54 - 2018-12-29 09:45 - 000000000 ____D C:\Users\anoud\AppData\Local\CloudStation
2019-02-04 09:54 - 2018-12-14 17:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2019-02-04 09:54 - 2018-12-14 17:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-02-03 12:18 - 2018-12-16 09:51 - 000000000 ____D C:\Users\anoud\AppData\Local\CrashDumps
2019-02-03 11:59 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-02-01 08:46 - 2018-12-14 17:31 - 000001289 _ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2019-01-31 19:04 - 2018-12-14 19:27 - 000000000 ____D C:\Users\anoud\AppData\Local\D3DSCache
2019-01-28 09:05 - 2018-12-15 09:20 - 000000000 ____D C:\ProgramData\Packages
2019-01-25 12:46 - 2018-12-14 18:34 - 000000000 ____D C:\Users\anoud\AppData\Roaming\TeamViewer
2019-01-25 09:01 - 2018-04-17 20:02 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-01-25 08:56 - 2018-12-26 18:44 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-01-25 08:56 - 2018-09-15 08:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-01-25 08:55 - 2018-12-26 18:44 - 000003936 _ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-01-25 08:55 - 2018-12-14 18:33 - 000000870 _ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-24 08:58 - 2018-12-14 18:39 - 000000000 ____D C:\Program Files (x86)\Dropbox
2019-01-23 16:54 - 2018-12-14 16:45 - 000000000 ____D C:\Users\anoud\AppData\Local\VirtualStore
2019-01-23 08:59 - 2018-12-14 17:46 - 000001390 _ C:\Users\Public\Desktop\Skype.lnk
2019-01-23 08:59 - 2018-12-14 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-22 12:39 - 2018-12-26 15:59 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Wise Disk Cleaner
2019-01-22 12:03 - 2018-12-14 18:39 - 000001044 _ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-01-22 12:03 - 2018-12-14 18:39 - 000001040 _ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-01-21 15:12 - 2018-12-14 16:45 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Adobe
2019-01-20 13:13 - 2018-12-14 18:15 - 000000000 ____D C:\Users\anoud\AppData\Roaming\com.silhouettesoftware
2019-01-20 13:13 - 2018-12-14 18:15 - 000000000 ____D C:\Users\anoud\AppData\Roaming\com.aspexsoftware.Silhouette_Studio
2019-01-20 12:51 - 2018-12-14 18:15 - 000000000 ____D C:\ProgramData\com.aspexsoftware.Silhouette_Studio.8
2019-01-20 12:46 - 2018-12-14 18:02 - 000000000 ____D C:\Users\anoud\AppData\Roaming\Silhouette America
2019-01-19 19:28 - 2018-12-26 18:44 - 000003378 _ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3888337827-4225290478-3517265855-1001
2019-01-19 19:27 - 2018-12-26 18:39 - 000002376 _ C:\Users\anoud\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-01-18 19:54 - 2018-12-26 18:44 - 000003558 _ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-01-18 19:54 - 2018-12-26 18:44 - 000003504 _ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-01-18 19:54 - 2018-12-26 18:44 - 000003334 _ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-01-18 19:54 - 2018-12-26 18:44 - 000003280 _ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-01-18 19:54 - 2018-12-26 18:44 - 000003118 _ C:\WINDOWS\System32\Tasks\Intel PTT EK Recertification
2019-01-18 19:54 - 2018-12-26 18:44 - 000002770 _ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-01-18 19:54 - 2018-12-26 18:44 - 000002728 _ C:\WINDOWS\System32\Tasks\EPM Preload
2019-01-18 19:54 - 2018-12-26 18:44 - 000002238 _ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-01-18 19:44 - 2018-12-14 18:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-18 19:43 - 2018-12-14 18:57 - 000099192 _ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-01-17 09:53 - 2018-12-16 20:51 - 000000000 ____D C:\Users\anoud\AppData\Local\ElevatedDiagnostics
2019-01-10 13:42 - 2018-12-14 17:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-09 22:12 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2019-01-09 22:11 - 2018-09-15 17:44 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-09 22:11 - 2018-09-15 17:44 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-09 08:12 - 2018-12-14 20:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-01-09 08:12 - 2018-09-15 08:36 - 000835480 _ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-01-09 08:12 - 2018-09-15 08:36 - 000179600 _ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 08:08 - 2018-12-14 20:07 - 132790320 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-01-07 18:38 - 2018-12-14 19:42 - 000425128 _ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2019-01-07 18:38 - 2018-12-14 19:42 - 000104616 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\WudfUpdate_02000.dll
2019-01-07 18:38 - 2018-12-14 19:42 - 000053416 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.InfInstaller.exe
2019-01-07 18:38 - 2018-09-24 02:10 - 000104616 _ (Lenovo Group Ltd.) C:\WINDOWS\system32\ImController.CoInstaller.dll
2019-01-07 17:03 - 2018-12-14 19:10 - 000000000 ____D C:\ProgramData\Samsung
2019-01-07 17:03 - 2018-09-24 02:14 - 000490392 _ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2019-01-07 17:02 - 2018-09-24 02:09 - 000000000 ____D C:\ProgramData\Package Cache
2019-01-07 17:00 - 2018-09-24 02:14 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2019-01-07 17:00 - 2018-09-24 02:14 - 000000000 ____D C:\WINDOWS\system32\DAX3
2019-01-07 17:00 - 2018-09-24 02:14 - 000000000 ____D C:\WINDOWS\system32\DAX2
2019-01-07 16:59 - 2017-06-09 15:04 - 006400040 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2019-01-07 16:59 - 2017-06-09 15:04 - 005347072 _ (Dolby Laboratories) C:\WINDOWS\system32\DolbyDAX2APOv211.dll
2019-01-07 16:59 - 2017-06-09 15:04 - 003761640 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2019-01-07 16:59 - 2017-06-09 15:04 - 000378456 _ (Dolby Laboratories) C:\WINDOWS\system32\HiFiDAX2API.dll
2019-01-07 16:59 - 2017-06-09 15:04 - 000278352 _ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2019-01-07 16:59 - 2017-06-09 15:04 - 000193040 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2019-01-07 16:59 - 2017-06-09 15:04 - 000023752 _ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2019-01-07 16:57 - 2018-09-24 02:14 - 001122200 _ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2019-01-07 16:57 - 2018-09-24 02:13 - 008429416 _ (Realtek Semiconductor Corporation ) C:\WINDOWS\system32\Drivers\rtwlane.sys
2019-01-07 16:56 - 2018-09-24 02:16 - 000430016 _ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2019-01-07 16:56 - 2018-09-24 02:14 - 000000000 ____D C:\Program Files\Realtek
2019-01-07 16:54 - 2017-07-27 16:47 - 000228992 _ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2019-01-06 17:17 - 2018-09-15 08:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-01-06 17:07 - 2018-09-15 07:09 - 000032768 _ C:\WINDOWS\system32\config\ELAM
2019-01-05 19:15 - 2018-12-16 10:13 - 000000000 ____D C:\Users\anoud\AppData\Local\Spotnet
2019-01-05 19:01 - 2018-12-16 10:13 - 000000000 ____D C:\Users\anoud\AppData\Local\SquirrelTemp

==================== Bestanden in de root van sommige mappen =======

2018-12-14 18:16 - 2018-12-14 18:16 - 000000008 _ () C:\Users\anoud\AppData\Roaming\com.silhouettesoftware.id

==================== Bamital & volsnap ======================

(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)

C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\dllhost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\dllhost.exe => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend

==================== Einde van FRST.txt ============================
 
Laatst bewerkt:

Abraham54

Admin
Ondersteuning
Waarschuwing: onderstaande bewerking is enkel voor deze computer bedoeld, het toepassen hiervan in een andere computer kan tot schade in Windows leiden.


We gaan


Farbar Recovery Scan Tool (FRST.exe) opnieuw gebruiken.

Open een nieuw kladblok (of anders: notepad) bestand, via "Start\Alle programma’s\Bureau-accessoires\Kladblok (of Notepad)".
Kopieer nu de tekst die in het code-venster staat en plak die tekst in het lege kladblokvenster.

Code:
start
CreateRestorePoint:

C:\Program Files\AVAST Software
Task: {3D54C527-F7EF-420F-9F06-A8A45116EF43} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe

EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end
Sla nu dit kladblokbestand in de dezelfde locatie waar ook FRST.exe aanwezig is op als Fixlist.txt

Farbar Recovery Scan Tool (FRST.exe) met de fixlist.txt gebruiken

  • Windows Vista, Windows 7, Windows 8 en Windows 10: via rechtsklik op FRST.exe en kies voor "Als Administrator uitvoeren".
  • Als het programma wordt gestart, klik dan op Ja in de popup.
  • Druk op de Fix knop.
  • Na de fix wordt een logbestand - Fixlog.txt - in dezelfde locatie aangemaakt van waaruit FRST.exe is gestart.
  • Post de inhoud van dit logbestand in jouw volgende bericht.
 

vanschagen

Gevestigd lid
Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 4.02.2019
Gestart door anoud (04-02-2019 14:34:48) Run:1
Gestart vanaf C:\Users\anoud\Desktop
Geladen Profielen: anoud (Beschikbare Profielen: anoud)
Boot Modus: Normal
==============================================

fixlist inhoud:
*

Code:

start
CreateRestorePoint:

C:\Program Files\AVAST Software
Task: {3D54C527-F7EF-420F-9F06-A8A45116EF43} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe

EmptyTemp:
CloseProcesses:
cmd: ipconfig /flushdns
cmd: netsh winsock reset
end


*

Code: => Fout: Geen automatische fix gevonden voor dit item.
Herstelpunt is succesvol gemaakt.
"C:\Program Files\AVAST Software" => niet gevonden
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{3D54C527-F7EF-420F-9F06-A8A45116EF43}" => is succesvol verwijderd
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3D54C527-F7EF-420F-9F06-A8A45116EF43}" => is succesvol verwijderd
C:\WINDOWS\System32\Tasks\Avast Software\Overseer => is succesvol verplaatst
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Avast Software\Overseer" => is succesvol verwijderd
Proces succesvol afgesloten.

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= Einde van CMD: =========


========= netsh winsock reset =========


Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.


========= Einde van CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 7364608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 54512483 B
Java, Flash, Steam htmlcache => 524 B
Windows/system/drivers => 258766 B
Edge => 608217 B
Chrome => 141079 B
Firefox => 1087919200 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 27780 B
NetworkService => 0 B
anoud => 72333153 B

RecycleBin => 183641 B
EmptyTemp: => 1.1 GB tijdelijke gegevens verwijderd.

================================


Het systeem moest herstart worden.

==== Einde van Fixlog 14:35:18 ====
 

Abraham54

Admin
Ondersteuning
Maak jij Windows nog wel schoon?
EmptyTemp: => 1.1 GB tijdelijke gegevens verwijderd.

Jij dient de Realtek High Definition Audio Codecs Software te verwijderen.

Maar download eerst de verbeterde inofficiële versie via
Klik bij Chip NIET op de grote blauwe knop, maar klik op Manuelle Installation >

Na verwijdering van de bestaande Realtek drivers eerst de computer opnieuw opstarten.
 

vanschagen

Gevestigd lid
ik gebruik op zijn tijd ccleaner en ,wise disk cleaner
driver is geinstalleerd.
krijg nog steeds die melding die ik eerste post zei
 
Laatst bewerkt:

Abraham54

Admin
Ondersteuning
Laat maar weten of het met RealTek lukt.
 

vanschagen

Gevestigd lid
driver is geinstalleerd.
krijg nog steeds die melding die ik eerste post zei
WMIPRVSE.exe heeft niet toegestaan om een verandering in geheugen te wijzigen
 

Abraham54

Admin
Ondersteuning
Vraagje - in Windows Defender soms de Ransomware beveiliging geactiveerd?
 
Bovenaan Onderaan