Ga naar inhoud

logje nine

nine

Door nine
in Archief Bestrijding malware & virussen

 Delen

Aanbevolen berichten

  • Reacties 26
  • Aangemaakt
  • Laatste reactie

Beste reacties in dit topic

Populaire dagen

Beste reacties in dit topic

Populaire dagen

Populaire berichten

abbs
abbs

Hallo,   Plaats de logjes waar je in kan zien wat er is gevonden;    

nine Vaste Klant

nine

Geplaatst:
  • Auteur
Geplaatst:

360 Total Security Scan Log

Scan Time:2017-02-10 17:56:39
Time Taken:00:42:18
Object(s) Scanned:492355
Threat(s) Found:4
Threat(s) Resolved:4

Scan Settings
----------------------
Compressed Files Scan:No
Scan Engine:Bitdefender Engine

Scan Scope
----------------------
Full Scan

Scan Result
======================
High-risk Items
----------------------
C:\Windows\Temp\nsi14CF.tmp\amule_update.dll-201701221856.dll.exe    Win32/Trojan.aef    Resolved
C:\Windows\Temp\nsi14CF.tmp\GubedZL.dll    Gen:Variant.Adware.Elex.10    Resolved
C:\Windows\Temp\nsi14CF.tmp\Lancer.dll    Gen:Variant.Adware.Elex.7    Resolved
C:\Windows\Temp\nsi14CF.tmp\yacqq.exe    Adware.GenericKD.4222348    Resolved

Link naar reactie
Delen op andere sites
nine Vaste Klant

nine

Geplaatst:
  • Auteur
Geplaatst:

360 Total Security Scan Log

Scan Time:2017-02-22 21:05:17
Time Taken:00:42:37
Object(s) Scanned:493990
Threat(s) Found:1
Threat(s) Resolved:1

Scan Settings
----------------------
Compressed Files Scan:No
Scan Engine:Bitdefender Engine

Scan Scope
----------------------
Full Scan

Scan Result
======================
High-risk Items
----------------------
C:\Windows\Temp\nsi1F5D.tmp\Lancer.dll    Gen:Variant.Application.Elex.95    Resolved

Link naar reactie
Delen op andere sites
abbs Grootmeester

abbs

Geplaatst:
Geplaatst:

Hallo,

 

Heel goed zo kom ik verder.

 

Download de 577bf0efb8088-FRST.pngFarbar Recovery Scan Tool 32 of 64 bit van één van de onderstaande links


Hier staat een beschrijving hoe u kunt kijken of u een 32 of 64 bit versie van Windows heeft.

Farbar Recovery Scan Tool uitvoeren

  • Klik met de rechtermuisknop op FRST.exe en kies voor de optie "Als administrator uitvoeren".
  • Als het programma is geopend klik Yes (Ja) bij de disclaimer.
  • Druk vervolgens op de Scan knop, er zal nu eerst een back-up van het register worden gemaakt.
  • Wanneer de scan gereed is worden er twee logbestanden aangemaakt met de naam (FRST.txt) & (Addition.txt) op dezelfde plaats vanwaar de 'tool' is gestart.
  • Voeg beide logbestanden als bijlage toe aan het volgende bericht.

Een handleiding via een filmpje van Farbar Recovery Scan Tool kan je HIER vinden.

Link naar reactie
Delen op andere sites
nine Vaste Klant

nine

Geplaatst:
  • Auteur
Geplaatst:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017
Ran by louisa-jeaninne (administrator) on DESKTOP-T6HV9R6 (23-02-2017 16:31:37)
Running from C:\Users\louisa-jeaninne\Desktop
Loaded Profiles: louisa-jeaninne (Available Profiles: louisa-jeaninne)
Platform: Windows 10 Home Version 1607 (X64) Language: Engels (Verenigd Koninkrijk)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Nolarry\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(hxxp://www.amule.org/) C:\Program Files (x86)\walalala co\aMuleCustom\ed2k.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlsInterface.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Windows\SysWOW64\PSIService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(MysticCoder) C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7912.40507.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7912.40507.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Nolarry\Application\chrome.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe [531784 2007-10-31] (Corel, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [657424 2016-01-11] (HP Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [26220296 2017-02-07] (Dropbox, Inc.)
HKLM-x32\...\Run: [Corel File Shell Monitor] => C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe [16200 2007-10-30] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-01-22] (QIHU 360 SOFTWARE CO. LIMITED)
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29635712 2016-09-12] (Skype Technologies S.A.)
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc)
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [MysticThumbs] => C:\Program Files\MysticCoder\MysticThumbs\MysticThumbsTray.exe [461312 2011-01-04] (MysticCoder)
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\Run: [GoogleChromeAutoLaunch_C19FDEC061B0A11B3978871A695A3D4E] => C:\Program Files (x86)\Nolarry\Application\chrome.exe [921192 2016-10-12] (Google Inc.)
HKU\S-1-5-18\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.14.0.dll [2017-02-07] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 195.130.130.4 195.130.131.4
Tcpip\..\Interfaces\{89f65e47-a353-474d-8ab3-71aee1d1ed9c}: [DhcpNameServer] 195.130.130.4 195.130.131.4

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HRTE
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-547428184-218225385-153729512-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-12-28] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-12-28] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-10-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-10-18] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-12-28] (Microsoft Corporation)

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-08-24] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-10-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-12-28] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://jigsaw%20puzzle/
CHR StartupUrls: Default -> "hxxp://www.jigsawplanet.com/","hxxp://www.mylucky123.com/?type=hp&ts=1476777238&z=b1292b6b19f427a99b6aeaagbz3m2q2m0m7m0obz2g&from=amule1017&uid=SAMSUNGXMZ7LN256HCHP-000H1_S1ZPNX0H716508"
CHR Profile: C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Google Presentaties) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-11]
CHR Extension: (Google Documenten) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-11]
CHR Extension: (Google Drive) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-11]
CHR Extension: (YouTube) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-11]
CHR Extension: (Google Spreadsheets) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-11]
CHR Extension: (Offline Documenten) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-11]
CHR Extension: (360 Internet Protection) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-10-23]
CHR Extension: (https://account.microsoft.com/profile?lang=nl) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\lijcnbfjfcjlmbdmaijofohaanagmngj [2016-10-11]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-11]
CHR Extension: (Bloxorz Block Puzzle) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2016-10-11]
CHR Extension: (Gmail) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\louisa-jeaninne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-26]
CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASTSRV; C:\windows\SysWOW64\ASTSRV.EXE [57344 2008-05-19] (Nalpeiron Ltd.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3699904 2016-12-28] (Microsoft Corporation)
S3 cplspcon; C:\WINDOWS\system32\IntelCpHDCPSvc.exe [604280 2016-01-22] (Intel Corporation)
S3 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-07] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-09-07] (Dropbox, Inc.)
R3 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [46400 2017-02-07] (Dropbox, Inc.)
R2 ed2kidle; C:\Program Files (x86)\walalala co\aMuleCustom\ed2k.exe [236544 2016-09-12] (hxxp://www.amule.org/) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [606224 2016-01-11] (HP Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
S3 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [354936 2016-01-22] (Intel Corporation)
S2 IlS; C:\WINDOWS\System32\svchost.exe [44496 2016-07-16] (Microsoft Corporation)
S2 IlS; C:\WINDOWS\SysWOW64\svchost.exe [38792 2016-07-16] (Microsoft Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 IRMTService; C:\Program Files\Intel\Intel(R) Ready Mode Technology\IRMTService.exe [182336 2015-12-01] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-12-01] (Intel Corporation)
S3 MyWiFiDHCPDNS; c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2016-02-08] ()
R2 nlsInterface; C:\windows\system32\nlsInterface.exe [72192 2009-04-03] (Nalpeiron Ltd.) [File not signed]
R2 ProtexisLicensing; C:\windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-01-22] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-02-23] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7534864 2016-08-25] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ZeroConfigService; c:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3833248 2016-02-08] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker64.sys [160768 2016-09-28] (360.cn)
R3 360AvFlt; C:\WINDOWS\System32\DRIVERS\360AvFlt.sys [95232 2016-11-25] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [95232 2017-01-22] (360.cn)
R1 360Box64; C:\WINDOWS\System32\DRIVERS\360Box64.sys [339456 2017-01-22] (360.cn)
S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera64.sys [57856 2016-09-28] (360.cn)
R1 360FsFlt; C:\WINDOWS\System32\DRIVERS\360FsFlt.sys [400384 2016-09-28] (360.cn)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [40720 2016-03-31] (Advanced Micro Devices, Inc.)
R1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV64.sys [197632 2016-09-28] (360.cn)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [341256 2016-03-18] (Intel Corporation)
R3 IntelReadyModeDriver; C:\WINDOWS\System32\drivers\IntelReadyModeDriver.sys [33512 2015-12-01] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 Netwtw04; C:\WINDOWS\System32\drivers\Netwtw04.sys [7116288 2016-07-16] (Intel Corporation)
S3 pmxdrv; C:\windows\system32\drivers\pmxdrv.sys [31152 2016-09-17] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-12-17] (Realtek                                            )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 16:31 - 2017-02-23 16:31 - 00022370 _____ C:\Users\louisa-jeaninne\Desktop\FRST.txt
2017-02-23 16:31 - 2017-02-23 16:31 - 00000000 ____D C:\FRST
2017-02-23 16:29 - 2017-02-23 16:30 - 02423296 _____ (Farbar) C:\Users\louisa-jeaninne\Desktop\FRST64.exe
2017-02-22 20:45 - 2017-02-22 20:45 - 00000000 ____D C:\Users\louisa-jeaninne\Desktop\s23+24
2017-02-20 20:25 - 2017-02-20 20:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ulead GIF-X.Plugin 2.0
2017-02-20 20:18 - 2017-02-20 20:25 - 00000016 _____ C:\WINDOWS\Wininit.ini
2017-02-20 20:18 - 2017-02-20 20:25 - 00000000 ____D C:\Program Files (x86)\Ulead GIF-X.Plugin 2.0
2017-02-20 20:18 - 2017-02-20 20:18 - 00000000 ____D C:\WINDOWS\PreviewSoft
2017-02-20 20:16 - 2017-02-20 20:25 - 00000000 ____D C:\WINDOWS\Noslip
2017-02-20 20:16 - 1998-10-29 16:45 - 00306688 _____ (InstallShield Software Corporation) C:\WINDOWS\IsUninst.exe
2017-02-08 10:24 - 2017-02-08 10:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-07 05:38 - 2017-02-07 05:38 - 00046400 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2017-02-07 05:38 - 2017-02-07 05:38 - 00046192 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2017-01-25 11:55 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-01-25 11:55 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 15:18 - 2016-10-23 16:18 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\LocalLow\360WD
2017-02-23 15:07 - 2016-09-07 18:57 - 00000000 ___RD C:\Users\louisa-jeaninne\Dropbox
2017-02-23 11:57 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-23 10:40 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-22 21:55 - 2016-10-23 16:18 - 00000000 ____D C:\ProgramData\360safe
2017-02-22 21:54 - 2016-11-16 18:13 - 00000000 __SHD C:\$360Section
2017-02-22 21:54 - 2016-10-23 16:19 - 00000000 ____D C:\ProgramData\360Quarant
2017-02-22 21:29 - 2016-09-10 19:02 - 00000000 ____D C:\Users\louisa-jeaninne\AppData\Local\Corel
2017-02-22 20:46 - 2016-09-10 19:02 - 00001056 ___SH C:\WINDOWS\SysWOW64\KGyGaAvL.sys
2017-02-21 22:22 - 2016-09-29 22:40 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-02-20 20:52 - 2016-09-14 19:41 - 00000000 ____D C:\Users\louisa-jeaninne\Desktop\animatie groep
2017-02-20 20:25 - 2016-09-18 16:23 - 00000000 ____D C:\Users\louisa-jeaninne\bureaublad
2017-02-18 19:26 - 2016-09-29 22:48 - 00003336 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForlouisa-jeaninne
2017-02-18 19:26 - 2016-09-17 20:51 - 00000404 _____ C:\WINDOWS\Tasks\HPCeeScheduleForlouisa-jeaninne.job
2017-02-18 18:33 - 2016-10-11 18:51 - 00003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-02-18 18:33 - 2016-10-11 18:51 - 00003278 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-02-18 15:01 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-02-12 17:42 - 2016-09-11 22:06 - 00000000 ___RD C:\Users\louisa-jeaninne\Desktop\nieuwe tubes
2017-02-10 19:02 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-08 10:24 - 2016-07-22 20:06 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-02-07 21:19 - 2016-11-13 19:26 - 00000000 ____D C:\Users\louisa-jeaninne\Desktop\sica
2017-02-07 09:48 - 2016-10-11 18:51 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-05 19:26 - 2016-09-30 22:25 - 00000699 _____ C:\Users\louisa-jeaninne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xenofex 2 Manual.lnk
2017-02-05 19:24 - 2016-10-12 19:07 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-30 20:15 - 2016-09-09 18:58 - 00000000 ___RD C:\Users\louisa-jeaninne\Desktop\logins - allerhande
2017-01-29 14:57 - 2016-10-23 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2017-01-27 19:30 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp

==================== Files in the root of some directories =======

2016-09-10 19:02 - 2016-09-10 19:02 - 0008192 _____ () C:\Users\louisa-jeaninne\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2017-01-21 21:24 - 2000-06-12 11:30 - 0040960 _____ () C:\Users\louisa-jeaninne\AppData\Local\Temp\INST01.dll
2017-02-05 19:25 - 2002-06-27 16:32 - 0053248 _____ () C:\Users\louisa-jeaninne\AppData\Local\Temp\INST011.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-14 19:21

==================== End of FRST.txt ============================

Link naar reactie
Delen op andere sites
nine Vaste Klant

nine

Geplaatst:
  • Auteur
Geplaatst:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017
Ran by louisa-jeaninne (23-02-2017 16:31:59)
Running from C:\Users\louisa-jeaninne\Desktop
Windows 10 Home Version 1607 (X64) (2016-09-29 21:49:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-547428184-218225385-153729512-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-547428184-218225385-153729512-503 - Limited - Disabled)
Guest (S-1-5-21-547428184-218225385-153729512-501 - Limited - Disabled)
louisa-jeaninne (S-1-5-21-547428184-218225385-153729512-1001 - Administrator - Enabled) => C:\Users\louisa-jeaninne

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

360 Total Security (HKLM-x32\...\360TotalSecurity) (Version: 9.0.0.1115 - 360 Security Center)
7-Zip 16.02 (x64) (HKLM\...\7-Zip) (Version: 16.02 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Alien Skin Eye Candy 6 (HKLM-x32\...\Eye Candy 6) (Version:  - )
Alien Skin Xenofex 2 (HKLM\...\Alien Skin Xenofex 2) (Version:  - Alien Skin Software)
Alien Skin Xenofex 2.0 (HKLM-x32\...\Xenofex2) (Version:  - )
Alien Skin Xenofex 2.0 Demo (HKLM-x32\...\Xenofex2Demo) (Version:  - )
AMD Catalyst Install Manager (HKLM\...\{B2179A5A-A467-55D7-1EB7-BE1AE40757FA}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
aMuleCustom (HKLM-x32\...\{58C69614-BB4F-4E55-BF6B-AFCB0B7377DB}) (Version: 1.0.1 - walalala co) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.010.0000 - Corel Corporation)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.3.6307 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.6.5109 - CyberLink Corp.)
CyberLink PowerDirector 12 (Version: 12.0.6.5109 - Uw bedrijfsnaam) Hidden
DAZ Install Manager (HKLM-x32\...\DAZ Install Manager 1.1.0.64) (Version: 1.1.0.64 - DAZ 3D)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 19.4.13 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.47.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Eye Candy 4000 (HKLM-x32\...\Eye Candy 4000) (Version:  - )
FM Patcher 1.01 (HKLM-x32\...\FM Patcher_is1) (Version:  - AFH Systems & The Plugin Site)
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.)
Google Chrome (HKLM-x32\...\{0CCF3C48-E676-36F2-B17B-B890488DEB34}) (Version: 53.0.2785.143 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP)
HP ePrint SW (HKLM-x32\...\{88970959-baf7-4864-a39a-69a58e8ae5cf}) (Version: 5.0.18701 - HP)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8318.5320 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.3.34.7 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.5.32.37 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{09D0DB68-90EA-4015-983E-A0BD777D5A02}) (Version: 1.4.10 - HP Inc.)
HP Welcome (HKLM\...\HPWelcome) (Version: 1.0 - HP Inc.)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1174 - Intel Corporation)
Intel(R) PRO/Wireless Driver (HKLM\...\{8736f7db-10ee-4722-b588-3a7296eafc38}) (Version: 18.40.0000.4099 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4360 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) Ready Mode Technology (HKLM\...\{B61BD6D2-0B9F-49BF-9987-4038E3F748EA}) (Version: 1.1.70.520 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{719A511C-68F1-48C5-A5DE-0F9D4CDCA41C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Jasc Animation Shop 3 (HKLM-x32\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Uw bedrijfsnaam)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Malwarebytes Anti-Malware versie 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office 365 - fr-fr (HKLM\...\O365HomePremRetail - fr-fr) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office 365 - nl-nl (HKLM\...\O365HomePremRetail - nl-nl) (Version: 16.0.7571.2109 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla)
Mozilla Thunderbird 45.3.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 nl)) (Version: 45.3.0 - Mozilla)
MysticThumbs (HKLM\...\{79A7A51A-CC11-48C2-866D-105E35439F05}) (Version: 2.3.2 - MysticCoder)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7571.2109 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7743 - Realtek Semiconductor Corp.)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
Splat! 1.0 Demo (HKLM-x32\...\Splat) (Version:  - )
Sqirlz Water Reflections (HKLM-x32\...\Sqirlz Water Reflections) (Version: 2.6 - xiberpix)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.65452 - TeamViewer)
Ulead GIF-X.Plugin 2.0 (HKLM-x32\...\Ulead GIF-X.Plugin 2.0) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 Games for Windows 10 and 8 (HKLM\...\Win7Games) (Version: 2.0 - hxxp://winaero.com)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-547428184-218225385-153729512-1001\...\ChromeHTML: -> C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.) <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0FE2089E-FFB4-4F11-BABF-DAFF88EF9823} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {279F7C2C-FECE-4D8B-8A43-E35BF006ED5B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-05-09] (Hewlett-Packard)
Task: {2EAE3A28-FB5B-4E83-BA6F-0AC15D2B3EAF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {4D1FD166-97CE-44F4-BC71-EF1665DDBCCF} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-12-28] (Microsoft Corporation)
Task: {6B9603D7-B03E-455B-922F-FFD2C0278A74} - System32\Tasks\HPCeeScheduleForlouisa-jeaninne => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {876D810C-0A07-4BC3-ACB8-89EC6A918AD1} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22] (Oracle Corporation)
Task: {884B3F5D-8181-45D8-B092-8B01D278BE23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-11] (Google Inc.)
Task: {916581DB-4861-4234-8FBA-57399F668550} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-11] (Google Inc.)
Task: {97C04EF2-9C64-4E36-B42F-1696C6E872EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)
Task: {B0B475E7-2C0B-425F-A3F4-F8087F519131} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-07] (Dropbox, Inc.)
Task: {B2A358A7-4A93-4337-A890-38E26B0C7405} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {B6F0DE1C-82DA-45F7-8FED-9E91D5C01AA3} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2016-08-18] (HP Inc.)
Task: {BE313118-33E1-4BE5-90C7-CF4EB3107A15} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-08-23] (HP Inc.)
Task: {F169A618-0EB1-43C9-9D21-9CE05E0879B5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-09-07] (Dropbox, Inc.)
Task: {FA19CDD5-880B-4DDD-8F3C-8296C4718C8A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-08-03] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\HPCeeScheduleForlouisa-jeaninne.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\louisa-jeaninne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DAZ 3D\DAZ Install Manager\DAZ Install Manager Read Me.lnk -> hxxp:docs.daz3d.com\doku.php\public\read_me\index\1481
Shortcut: C:\Users\louisa-jeaninne\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Nolarry\Application\chrome.exe (Google Inc.)

==================== Loaded Modules (Whitelisted) ==============

2007-06-05 12:20 - 2007-06-05 12:20 - 00177704 _____ () C:\windows\SysWOW64\PSIService.exe
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 20:08 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-14 20:08 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-14 20:08 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-23 16:18 - 2017-01-22 07:16 - 00785320 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2016-09-29 22:52 - 2016-09-29 22:52 - 01864384 _____ () C:\Users\louisa-jeaninne\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64\ClientTelemetry.dll
2016-09-30 00:37 - 2016-09-30 00:37 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 20:22 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 20:21 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 20:21 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 20:21 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 20:21 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 20:21 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-22 10:57 - 2017-02-22 10:57 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-22 10:57 - 2017-02-22 10:57 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-22 10:57 - 2017-02-22 10:57 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-06 18:03 - 2017-02-06 18:03 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2007-10-30 18:52 - 2007-10-30 18:52 - 00016200 _____ () C:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
2017-02-22 10:57 - 2017-02-22 10:58 - 13170376 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7912.40507.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-02-22 10:57 - 2017-02-22 10:58 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.7912.40507.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2015-12-01 00:26 - 2015-12-01 00:26 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-10-23 16:18 - 2017-01-22 07:16 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2017-02-08 10:24 - 2017-02-07 05:48 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2016-09-07 18:54 - 2017-01-14 00:53 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-09-07 18:54 - 2017-01-14 00:53 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2016-09-07 18:54 - 2017-01-14 00:53 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2016-09-07 18:54 - 2017-01-14 00:53 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2016-09-07 18:54 - 2017-01-14 00:54 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 01682768 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-08 10:24 - 2017-01-14 00:53 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-02-08 10:24 - 2017-01-14 00:54 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-02-08 10:24 - 2017-01-14 00:53 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2016-09-07 18:54 - 2017-01-14 00:56 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00052544 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-02-08 10:24 - 2017-01-14 00:53 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-02-08 10:24 - 2017-01-14 00:56 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2016-09-07 18:54 - 2017-01-14 00:56 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00381760 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2016-09-07 18:54 - 2017-01-14 00:56 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2016-09-07 18:54 - 2017-01-14 00:56 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2016-09-07 18:54 - 2017-01-14 00:56 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-09-07 18:54 - 2017-01-14 00:56 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-09-07 18:54 - 2017-01-14 00:55 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2016-09-07 18:54 - 2017-01-14 00:54 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 01972536 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-01-24 10:53 - 2017-02-07 05:50 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00069968 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-01-24 10:53 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 10:53 - 2017-02-07 05:50 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 10:53 - 2017-02-07 05:50 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00103232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-08 10:24 - 2017-01-14 00:51 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-02-08 10:24 - 2017-02-07 05:50 - 00033112 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-08 10:24 - 2016-12-22 07:58 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-08 10:24 - 2017-02-07 05:50 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-08 10:24 - 2017-01-14 01:02 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-02-08 10:24 - 2017-01-14 01:02 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-02-08 10:24 - 2017-02-07 05:50 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-09-07 18:54 - 2017-01-14 00:57 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-09-07 18:54 - 2017-02-07 05:50 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-08 10:24 - 2017-02-07 05:50 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-10-23 16:18 - 2017-01-22 07:16 - 00497576 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2016-10-26 10:45 - 2016-09-06 11:00 - 05197312 _____ () C:\Users\louisa-jeaninne\AppData\Local\Nolarry\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-10-26 10:45 - 2016-09-06 11:00 - 00147456 _____ () C:\Users\louisa-jeaninne\AppData\Local\Nolarry\User Data\SwiftShader\3.3.0.1\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:AstInfo [0]
AlternateDataStreams: C:\Windows:nlsPreferences [0]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-547428184-218225385-153729512-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg
DNS Servers: 195.130.130.4 - 195.130.131.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "Corel Photo Downloader"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-547428184-218225385-153729512-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{C330E383-8450-496A-970D-310C5AD71F0A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FAB49149-69C0-4AF3-A4F2-59B96696225A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{59806B43-5DAA-48AA-B711-F855DF9EB985}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{068A5515-0518-4F02-A403-A718F33A45F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4F5D0456-4BEB-440A-BFB4-581AEF955C7A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F12424B7-2141-4C06-AAF8-33A532CF9325}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{23A1CEAF-F719-435E-9382-25F0D7847318}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe
FirewallRules: [{47E3C49A-0ADA-4DE4-AB25-C8698DF5559A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe
FirewallRules: [{21ECEC05-FCEB-4E64-9EEA-4808456EF06B}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe
FirewallRules: [{8561CE7C-4126-47A3-80C3-77F3C774964C}] => (Allow) c:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{5DFBDDFD-F960-475B-A076-25A95C576CD5}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{18504D7E-1CDF-4C22-B37E-A89274190F51}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B9FC4DCF-8716-4964-AB2A-81E2AA845A41}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A3292E90-B228-4B48-AB56-D693D11813DA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2E81C342-D65E-4BF7-B93D-4358A1795CE9}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{681F0A43-BD3A-454C-9095-81D5C2BCABA7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{3E788BE3-8AE7-487E-87B7-065D8956A2FA}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9C4D87F7-46E4-4561-89E8-020C8D3FFF8B}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{0C12F70D-DBD5-41E8-8A2C-E163632B4763}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{ED0378C7-F351-47B6-9204-D29BDF72E56D}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{818357DF-746A-40F1-BCA1-539CC09ECA9F}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{2477FC4D-07E4-4FCA-AA7D-E8D21E6CD0CF}] => (Allow) C:\Program Files (x86)\Nolarry\Application\chrome.exe
FirewallRules: [{9ADEE2A2-16C2-4A14-A1D0-52039BFC0DA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{571D8997-9B1E-46F7-AEB6-C10AE941CE7C}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{9F914735-6A90-4DC9-B64F-379B72997806}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{C288F856-EFFE-44DA-8057-04A9713F66D0}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe

==================== Restore Points =========================

27-01-2017 19:30:27 Windows Update
10-02-2017 19:02:01 Gepland controlepunt

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/23/2017 03:07:19 PM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: DESKTOP-T6HV9R6)
Description: 7.488: Kan geen gebruiker inrichten voor EDP. Foutcode: 0x80070005.

Error: (02/23/2017 03:07:19 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/23/2017 03:07:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-T6HV9R6.local already in use; will try DESKTOP-T6HV9R6-2.local instead

Error: (02/23/2017 03:07:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   16 DESKTOP-T6HV9R6.local. AAAA 2A02:1810:3510:1B00:7CD9:F8DE:6339:9452

Error: (02/23/2017 03:07:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:7CD9:F8DE:6339:9452:5353   16 DESKTOP-T6HV9R6.local. AAAA 2A02:1810:3510:1B00:A1C0:0979:121C:6785

Error: (02/23/2017 12:08:19 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/23/2017 12:08:18 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/23/2017 12:08:18 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/23/2017 12:08:18 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed

Error: (02/23/2017 12:08:18 PM) (Source: ATIeRecord) (EventID: 16391) (User: )
Description: ATI EEU maximum number of session has been surpassed


System errors:
=============
Error: (02/23/2017 04:28:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6)
Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (02/23/2017 04:26:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: 
Niet nader omschreven fout
.

Error: (02/23/2017 04:26:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6)
Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (02/23/2017 04:24:18 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: 
Niet nader omschreven fout
.

Error: (02/23/2017 03:12:30 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6)
Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (02/23/2017 03:10:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: 
Niet nader omschreven fout
.

Error: (02/23/2017 03:10:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6)
Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (02/23/2017 03:08:10 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: De Service Platform voor verbonden apparaten-service is gestopt met de volgende foutcode: 
Niet nader omschreven fout
.

Error: (02/23/2017 03:08:10 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6HV9R6)
Description: De server {37998346-3765-45B1-8C66-AA88CA6B20B8} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.

Error: (02/23/2017 03:07:19 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: In de machtigingsinstellingen toepassingsspecifiek wordt de machtiging Activeren niet verleend aan Lokaal voor de COM-servertoepassing met CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 en APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 aan de gebruiker NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) met het adres LocalHost (via LRPC) die wordt uitgevoerd in de toepassingscontainer Niet beschikbaar SID (Niet beschikbaar). Deze beveiligingsmachtiging kan worden gewijzigd met het beheerprogramma van Component Services.


CodeIntegrity:
===================================
  Date: 2016-10-23 16:19:41.961
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:19:41.959
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:18:22.404
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:18:22.402
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:18:21.847
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:18:21.845
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:13:48.459
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:13:48.458
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:13:35.727
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-10-23 16:13:35.726
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-6400 CPU @ 2.70GHz
Percentage of memory in use: 38%
Total physical RAM: 8091.74 MB
Available physical RAM: 4990.45 MB
Total Virtual: 9371.74 MB
Available Virtual: 6271.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:212.91 GB) (Free:153.07 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:16.33 GB) (Free:1.92 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA) (Fixed) (Total:931.51 GB) (Free:871.46 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 832FC32E)

Partition: GPT.

========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 249A13D3)

Partition: GPT.

==================== End of Addition.txt ============================

Link naar reactie
Delen op andere sites
Gast
Dit topic is nu gesloten voor nieuwe reacties.
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.