Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

kb-ribaki.org


  • This topic is locked This topic is locked
13 replies to this topic

#1 Afgs1993

Afgs1993

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 20 October 2016 - 02:41 PM

Hey guys, i have issues with the kb-ribaki.org for a long time. could you maybe help me? i tried cc cleaner hitman pro and so on but nothing helped. 

 

 

 

 

 

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-10-2016

Gestart door Shoaib (Beheerder) op SHOAIB (20-10-2016 21:37:20)
Gestart vanaf C:\Users\Shoaib\Downloads
Geladen Profielen: Shoaib (Beschikbare Profielen: Shoaib)
Platform: Windows 10 Pro Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe
(Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\Receiver\Receiver.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\SelfServicePlugin\SelfServicePlugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Register (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [530560 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [239744 2016-04-25] (Citrix Systems, Inc.)
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [Shoaib] => explorer.exe hxxp://kb-ribaki.org <===== AANDACHT
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b4d81f50-ee4e-4b3f-9d47-b12cda274eba}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-25] (Microsoft Corporation)
BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-25] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://google.nl/"
CHR Profile: C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default [2016-10-20]
CHR Extension: (Google Presentaties) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-08-20]
CHR Extension: (Google Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-20]
CHR Extension: (Google Drive) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-20]
CHR Extension: (YouTube) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-20]
CHR Extension: (Block site) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-08-20]
CHR Extension: (Google Spreadsheets) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-08-20]
CHR Extension: (Offline Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-20]
CHR Extension: (AdBlock) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-10-11]
CHR Extension: (Citrix Receiver) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\haiffjcadagjlijoggckpgfnoeiflnem [2016-10-20]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-08-20]
CHR Extension: (Gmail) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-20]
CHR Extension: (Chrome Media Router) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]
 
==================== Services (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3190976 2016-09-01] (Microsoft Corporation)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 TConnectScheduler; C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe [2609312 2015-04-30] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ======================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-08-03] ()
R3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-13] (Intel Corporation)
R3 mwlu97w8; C:\WINDOWS\System32\drivers\mwlu97w8x64.sys [1602560 2014-05-28] (Marvell Semiconductors, Inc.)
R3 SurfaceAccessoryDevice; C:\WINDOWS\System32\drivers\SurfaceAccessoryDevice.sys [42048 2014-05-21] (Microsoft Corporation)
R3 SurfaceIntegrationDriver; C:\WINDOWS\System32\drivers\SurfaceIntegrationDriver.sys [38552 2015-07-14] (Microsoft Corporation)
R3 SurfaceTypeCover; C:\WINDOWS\System32\drivers\SurfaceTypeCover.sys [37944 2013-08-07] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-20 21:37 - 2016-10-20 21:38 - 00017080 _____ C:\Users\Shoaib\Downloads\FRST.txt
2016-10-20 21:37 - 2016-10-20 21:37 - 00000000 ____D C:\FRST
2016-10-20 21:35 - 2016-10-20 21:37 - 02407424 _____ (Farbar) C:\Users\Shoaib\Downloads\FRST64.exe
2016-10-20 18:44 - 2016-10-20 18:44 - 00000180 _____ C:\Users\Shoaib\Desktop\txt1 r.txt
2016-10-20 18:26 - 2016-10-20 18:26 - 01187130 _____ C:\Users\Shoaib\Downloads\Stuvia-1954-samenvatting-stuvia.pdf
2016-10-20 18:25 - 2016-10-20 18:25 - 03085080 _____ C:\Users\Shoaib\Downloads\Stuvia-4190-consumentengedrag-stuvia.pdf
2016-10-20 18:22 - 2016-10-20 18:22 - 00530922 _____ C:\Users\Shoaib\Downloads\samenvatting-consumentengedrag-de-basis.pdf
2016-10-20 18:06 - 2016-10-20 18:06 - 00002357 _____ C:\Users\Shoaib\Desktop\MissingVerhouten.R
2016-10-19 22:54 - 2016-10-19 22:54 - 00317976 _____ C:\Users\Shoaib\Downloads\Factuur IMDS 18-10-2016.pdf
2016-10-19 22:52 - 2016-10-19 22:52 - 00317980 _____ C:\Users\Shoaib\Downloads\factuur.pdf
2016-10-19 22:52 - 2016-10-19 22:52 - 00317980 _____ C:\Users\Shoaib\Downloads\Factuur IMDS 17-10-2016.pdf
2016-10-18 21:51 - 2016-10-18 21:51 - 00973279 _____ C:\Users\Shoaib\Downloads\Analysis Period 1.pptx
2016-10-18 18:32 - 2016-10-18 18:32 - 00025957 _____ C:\Users\Shoaib\Downloads\quantico-second-season_HI_english-1426339.zip
2016-10-18 13:35 - 2016-10-18 13:35 - 01083263 _____ C:\Users\Shoaib\Downloads\19. Machine Learning and Big Data.pdf
2016-10-16 20:07 - 2016-10-16 20:07 - 00508799 _____ C:\Users\Shoaib\Downloads\Fwd%3a_Samsung_merchandising_wk_42.zip
2016-10-15 22:09 - 2016-10-15 22:09 - 01551540 _____ C:\WINDOWS\Minidump\101516-9437-01.dmp
2016-10-15 10:06 - 2016-10-15 10:06 - 00024406 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_english-1424609.zip
2016-10-15 10:04 - 2016-10-15 10:04 - 00024378 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_HI_english-1424606.zip
2016-10-14 21:11 - 2016-10-14 21:11 - 00066461 _____ C:\Users\Shoaib\Downloads\IntroToDataScience-master.zip
2016-10-14 20:24 - 2016-10-14 20:24 - 00023142 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1423811.zip
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\AppData\Local\ContinuumIO
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\.anaconda
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\Documents\Python Scripts
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
2016-10-13 20:20 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\Anaconda2
2016-10-13 20:17 - 2016-10-13 20:19 - 399546128 _____ (Continuum Analytics, Inc.) C:\Users\Shoaib\Downloads\Anaconda2-4.2.0-Windows-x86_64.exe
2016-10-13 20:14 - 2016-10-13 20:14 - 00000000 ____D C:\Users\Shoaib\.idlerc
2016-10-13 20:09 - 2016-10-13 20:09 - 18907136 _____ C:\Users\Shoaib\Downloads\python-2.7.12.msi
2016-10-12 22:10 - 2016-10-05 09:56 - 01644736 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 01242304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00144576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00085696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 22:10 - 2016-10-05 06:10 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 22:10 - 2016-10-05 06:10 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 22:10 - 2016-10-05 05:09 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 22:10 - 2016-10-05 04:39 - 24611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:33 - 14255104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 22:10 - 2016-10-05 04:26 - 07836672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 19349504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 18675200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:06 - 12587008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-12 22:10 - 2016-09-17 09:45 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-12 22:10 - 2016-09-17 08:45 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00602304 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00591040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00329920 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-12 22:09 - 2016-10-05 09:20 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 22:09 - 2016-10-05 09:20 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 22:09 - 2016-10-05 09:19 - 00129376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 22:09 - 2016-10-05 09:18 - 07468384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 22:09 - 2016-10-05 09:18 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 22:09 - 2016-10-05 09:18 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 22:09 - 2016-10-05 09:01 - 01637216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 22:09 - 2016-10-05 09:01 - 01337184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 22:09 - 2016-10-05 08:54 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 08:17 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 22:09 - 2016-10-05 08:15 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 08:14 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 22:09 - 2016-10-05 08:09 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 22:09 - 2016-10-05 07:45 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 07:39 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-12 22:09 - 2016-10-05 07:39 - 00576856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-12 22:09 - 2016-10-05 07:38 - 00636296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 07:38 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-12 22:09 - 2016-10-05 07:37 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-12 22:09 - 2016-10-05 07:31 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-12 22:09 - 2016-10-05 07:25 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-12 22:09 - 2016-10-05 07:23 - 00305808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 07:08 - 02937896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 22:09 - 2016-10-05 07:05 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 07:01 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-10-12 22:09 - 2016-10-05 07:00 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-12 22:09 - 2016-10-05 06:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-12 22:09 - 2016-10-05 06:50 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-10-12 22:09 - 2016-10-05 06:47 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 06:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 22:09 - 2016-10-05 06:38 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 06:34 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 22:09 - 2016-10-05 06:33 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 06:32 - 00538744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 06:29 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 06:27 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-10-12 22:09 - 2016-10-05 06:23 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-10-12 22:09 - 2016-10-05 06:19 - 00717152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-12 22:09 - 2016-10-05 06:18 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 06:15 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 06:07 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-10-12 22:09 - 2016-10-05 06:05 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 22:09 - 2016-10-05 06:04 - 01718272 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 06:02 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 01661952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 22:09 - 2016-10-05 06:00 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 22:09 - 2016-10-05 05:57 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-10-12 22:09 - 2016-10-05 05:55 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 05:48 - 02437120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 22:09 - 2016-10-05 05:40 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 22:09 - 2016-10-05 05:40 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 22:09 - 2016-10-05 05:30 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 22:09 - 2016-10-05 05:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 05:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 05:15 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 05:14 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-12 22:09 - 2016-10-05 05:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 05:10 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 22:09 - 2016-10-05 05:05 - 01467904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 04:59 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 04:55 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:54 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 22:09 - 2016-10-05 04:40 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 22:09 - 2016-10-05 04:27 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 22:09 - 2016-10-05 04:22 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:13 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:01 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 22:09 - 2016-10-01 04:16 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 22:09 - 2016-09-27 04:39 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-12 22:09 - 2016-09-17 10:08 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 09:28 - 03077120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 22:09 - 2016-09-17 09:12 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 08:43 - 02552832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 22:09 - 2016-09-17 08:22 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-06-18 06:55 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:51 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-12 22:09 - 2016-06-18 06:49 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:45 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-10-12 22:00 - 2016-10-12 22:00 - 00134620 _____ C:\Users\Shoaib\Downloads\Presentation2.pptx
2016-10-12 16:54 - 2016-10-12 16:54 - 00011743 _____ C:\Users\Shoaib\Downloads\Bank-Loan-Proposal-NEW.zip
2016-10-10 22:30 - 2016-10-10 22:30 - 00000679 _____ C:\Users\Shoaib\Desktop\txt.txt
2016-10-10 15:26 - 2016-10-10 15:26 - 00001335 _____ C:\Users\Shoaib\Desktop\Bollywood.lnk
2016-10-09 22:45 - 2016-10-09 22:45 - 00039699 _____ C:\Users\Shoaib\Downloads\Bijlage 2. Planning AH Hertog topkaart wk41.xlsx
2016-10-08 20:35 - 2016-10-08 20:35 - 00024422 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_english-1420115.zip
2016-10-08 20:35 - 2016-10-08 20:35 - 00022672 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_english-1420104.zip
2016-10-06 19:12 - 2016-10-06 19:12 - 00025400 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1419155.zip
2016-10-06 19:12 - 2016-10-06 19:12 - 00025400 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1419155 (1).zip
2016-10-04 20:51 - 2016-10-04 20:51 - 00015922 _____ C:\Users\Shoaib\Downloads\ShoaibSahel.pdf
2016-10-04 13:43 - 2016-10-04 13:43 - 03377560 _____ C:\Users\Shoaib\Downloads\Marug 2016 Onlia Themes.pptx
2016-10-03 18:01 - 2016-10-03 18:01 - 00023044 _____ C:\Users\Shoaib\Downloads\quantico-second-season_english-1417043.zip
2016-10-03 16:42 - 2016-10-03 16:42 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-10-03 16:36 - 2016-10-03 16:37 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-03 16:35 - 2016-10-03 16:35 - 00001230 _____ C:\WINDOWS\system32\.crusader
2016-10-03 16:24 - 2016-10-03 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-03 16:24 - 2016-10-03 16:24 - 11579432 _____ (SurfRight B.V.) C:\Users\Shoaib\Downloads\hitmanpro_x64.exe
2016-10-03 13:35 - 2016-10-03 13:35 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0 (2).pdf
2016-10-03 12:56 - 2016-10-03 13:20 - 00014690 _____ C:\Users\Shoaib\Downloads\kasboek met pin september.xlsx
2016-10-03 12:54 - 2016-10-03 12:54 - 00014690 _____ C:\Users\Shoaib\Downloads\kasboek met pin augustus.xlsx
2016-10-03 12:54 - 2016-10-03 12:54 - 00014681 _____ C:\Users\Shoaib\Downloads\kasboek met pin juli.xlsx
2016-10-02 19:24 - 2016-10-02 19:24 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0 (1).pdf
2016-10-01 20:37 - 2016-10-01 20:37 - 00025902 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_HI_english-1415114.zip
2016-10-01 20:36 - 2016-10-01 20:36 - 00017398 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_english-1414955.zip
2016-09-29 11:05 - 2016-09-29 11:05 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0.pdf
2016-09-28 21:47 - 2016-09-28 21:47 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00001084 _____ C:\Users\Public\Desktop\R i386 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00001077 _____ C:\Users\Public\Desktop\R x64 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\Users\Shoaib\Documents\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2016-09-28 21:45 - 2016-09-28 21:45 - 00000000 ____D C:\Program Files\R
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\RStudio
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Local\RStudio-Desktop
2016-09-28 21:43 - 2016-09-28 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2016-09-28 21:42 - 2016-09-28 22:43 - 00000000 ____D C:\Users\Shoaib\Desktop\Assignment 1
2016-09-28 21:42 - 2016-09-28 21:43 - 00000000 ____D C:\Program Files\RStudio
2016-09-22 15:05 - 2016-09-22 15:06 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-20 10:51 - 2016-10-18 13:25 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-20 21:29 - 2015-03-28 22:15 - 00000000 ____D C:\ProgramData\MFAData
2016-10-20 21:27 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-20 21:27 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-20 21:26 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-20 21:23 - 2016-08-20 23:41 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-20 18:44 - 2013-07-23 22:57 - 00000000 ____D C:\Users\Shoaib\Desktop\Shoaib
2016-10-20 18:09 - 2015-03-28 22:04 - 00000000 ____D C:\Users\Shoaib\Desktop\Films
2016-10-20 16:56 - 2016-08-20 23:41 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-20 16:48 - 2015-03-28 21:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9C288F5-8C6D-4BA1-82B3-BA989FF4100D}
2016-10-20 09:30 - 2015-03-28 20:45 - 00000000 ____D C:\Users\Shoaib\AppData\Local\Packages
2016-10-18 22:56 - 2015-03-28 22:12 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\uTorrent
2016-10-18 21:49 - 2015-03-28 22:17 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\vlc
2016-10-18 18:35 - 2015-10-30 20:05 - 00781236 _____ C:\WINDOWS\system32\perfh013.dat
2016-10-18 18:35 - 2015-10-30 20:05 - 00151692 _____ C:\WINDOWS\system32\perfc013.dat
2016-10-18 18:35 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-18 18:35 - 2015-09-04 17:53 - 01756766 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-18 18:30 - 2016-02-26 18:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-18 18:29 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-15 22:11 - 2016-02-26 18:35 - 00000000 ____D C:\Users\Shoaib
2016-10-15 22:09 - 2016-02-28 20:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-14 22:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-14 22:10 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 22:02 - 2016-02-08 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-13 22:02 - 2015-06-24 10:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-13 13:15 - 2015-03-28 20:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-13 13:03 - 2016-02-26 18:31 - 00346048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 23:00 - 2015-03-28 21:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 22:50 - 2015-03-28 21:09 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-05 09:57 - 2016-08-20 23:42 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-05 09:57 - 2016-08-20 23:42 - 00002287 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 16:00 - 2016-08-03 19:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-01 20:35 - 2015-03-29 17:56 - 00000000 ____D C:\Users\Shoaib\Downloads\Overig
2016-10-01 02:23 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:23 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-23 14:48 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-23 14:46 - 2016-06-01 18:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-22 17:54 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-22 17:54 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-22 17:54 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-22 15:06 - 2016-03-30 11:47 - 00000000 ____D C:\WINDOWS\Panther
2016-09-21 22:28 - 2016-01-05 17:04 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\ICAClient
2016-09-21 22:28 - 2016-01-05 17:03 - 00000000 ____D C:\Users\Shoaib\AppData\Local\Citrix
 
==================== Bestanden in de root van sommige mappen =======
 
2016-05-26 16:24 - 2016-05-26 16:24 - 0004463 _____ () C:\Users\Shoaib\AppData\Local\recently-used.xbel
2016-02-26 18:33 - 2016-02-26 18:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-04 12:03 - 2016-02-04 12:10 - 0000034 _____ () C:\ProgramData\_rputil_rport.dat
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\_rputil_rport.dat
 
 
Sommige bestanden in TEMP:
====================
C:\Users\Shoaib\AppData\Local\Temp\AskSLib.dll
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081277859914.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081468270183.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081569062737.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081799409838.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08183106316.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08297407065.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08468163917.exe
C:\Users\Shoaib\AppData\Local\Temp\HitmanPro.exe
C:\Users\Shoaib\AppData\Local\Temp\_is2FFF.exe
C:\Users\Shoaib\AppData\Local\Temp\_unps.exe
 
 
==================== Bamital & volsnap ======================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2016-10-13 22:08
 
==================== Eind van FRST.txt ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 21 October 2016 - 04:33 PM

Hi Afgs1993 :)

My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.
  • As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happens;
  • As long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist you;
  • The same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your system;
  • If you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!;
  • If you don't reply to your thread within 3 days, I'll bump this thread to let you know that I'm waiting for you. If you don't reply after 5 days, it'll be closed. If you return after that period, you can send me a PM to get it unlocked and we'll continue where we left off;
  • Since malware can work quickly, we want to get rid of them as fast as we can, before they make unknown changes to the system. This being said, I would appreciate if you could reply to this thread within 24 hours of me posting. This way, we'll have a good clean-up rhythm and the chances of complications will be reduced;
  • I'm against any form of pirated, illegal and counterfeit software and material. So if you have any installed on your system, I'll ask you to uninstall them right now. You don't have to tell me if you indeed had some or not, I'll give you the benefit of the doubt. Plus, this would be against BleepingComputer's rules;
  • In the end, you are the one asking for assistance here. So if you wish to go a different way during the clean-up, like format and reinstall Windows, you are free to do so. I would appreciate you to let me know about it first, and if you need, I can also assist you in the process;
  • I would appreciate if you were to stay with me until the end, which means, until I declare your system clean. Just because your system isn't behaving weirdly anymore, or is running better than before, it doesn't mean that the infection is completely gone;
    This being said, I have a full time job so sometimes it'll take longer for me to reply to you. Don't worry, you'll be my first priority as soon as I get home and have time to look at your thread;
This being said, it's time to clean-up some malware, so let's get started, shall we? :)

Follow the instructions below please.

iO3R662.pngFarbar Recovery Scan Tool (FRST) - Fix mode
Follow the instructions below to execute a fix on your system using FRST, and provide the log in your next reply.
  • Right-click on your Desktop, select New and click on Text Document. Name it fixlist (make sure it's a .txt file) and press on Enter;
  • Open the file you just created and copy/paste the content below in it, then save it (Ctrl + S);
    CloseProcesses:
    CreateRestorePoint:
    
    HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [Shoaib] => explorer.exe hxxp://kb-ribaki.org <===== AANDACHT
    
    Task: {06DABC0E-8737-476F-89E0-1B07D466B7BA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
    Task: {1FE1EEE2-35B2-42D3-9C28-A9C3EA5D5A92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
    Task: {44A7049F-79A0-4523-80A3-71C39E9583DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
    Task: {77EA723B-32D9-4031-AAE7-4E5DF51A6CDF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
    Task: {9188317C-EF71-477C-AF12-077B3942645F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
    Task: {A0956B81-761F-4E99-87F3-E9D8DD7D52AB} - System32\Tasks\Shoaib => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Shoaib /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== AANDACHT
    Task: {A603673E-E968-4202-9E61-F97590CFEDFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
    Task: {B9425454-E8E8-4B57-B7C5-7403DA44F267} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
    Task: {D340D17F-F832-4486-B2EA-40D569937B0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
    Task: {E3C08174-5EF0-4648-BBA1-64FE39DDD102} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
    Task: {E5DEEEE9-FB3E-4EE2-88C6-EDAE45F0CD10} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
    Task: {F54F7312-DEAB-4F20-AE15-838248DF6EEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
    Task: C:\WINDOWS\Tasks\0215piUpdateInfo.job => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe
    Task: C:\WINDOWS\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
    Task: C:\WINDOWS\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
    Task: C:\WINDOWS\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
    
    EmptyTemp:
    
  • Right-click on the FRST executable and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Click on the Fix button;
    NYA5Cbr.png
  • On completion, a message will come up saying that the fix has been completed and it'll open a log in Notepad;
  • Copy and paste its content in your next reply;
After the restart, do you still get the prompt for kb-ribaki.org?

Your next reply(ies) should include:
  • Copy/pasted content of FRST's fixlog.txt;
  • Answer to my question about the kb-ribaki.org pop-up;

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 Afgs1993

Afgs1993
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 22 October 2016 - 02:57 AM

Dear Yoan, Thank you for helping me. I deleted something in my regedit, now it seems that it does not appear again. Therefore i will post again my results of the farbar scan tool so that we are in sync with each other.

 

FRST file

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-10-2016

Gestart door Shoaib (Beheerder) op SHOAIB (22-10-2016 09:50:37)
Gestart vanaf C:\Users\Shoaib\Downloads
Geladen Profielen: Shoaib (Beschikbare Profielen: Shoaib)
Platform: Windows 10 Pro Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe
(Farbar) C:\Users\Shoaib\Downloads\FRST64 (1).exe
 
 
==================== Register (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [530560 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [239744 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [6718224 2016-08-26] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b4d81f50-ee4e-4b3f-9d47-b12cda274eba}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-08-25] (Microsoft Corporation)
BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-08-25] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-08-25] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-08-25] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-08-25] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-08-25] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.nl/"
CHR Profile: C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default [2016-10-20]
CHR Profile: C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-22]
CHR Extension: (Google Presentaties) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-20]
CHR Extension: (Google Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-20]
CHR Extension: (Google Drive) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-20]
CHR Extension: (YouTube) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-20]
CHR Extension: (Adblock Plus) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-20]
CHR Extension: (Block site) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-10-20]
CHR Extension: (Google Spreadsheets) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-20]
CHR Extension: (Offline Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-20]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-20]
CHR Extension: (Gmail) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-20]
CHR Extension: (Chrome Media Router) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-20]
 
==================== Services (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [674552 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2048920 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5285344 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [760024 2016-08-26] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3190976 2016-09-01] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 TConnectScheduler; C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe [2609312 2015-04-30] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ======================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [310016 2016-08-23] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [260352 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [262400 2016-08-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-08-03] ()
R3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-13] (Intel Corporation)
R3 mwlu97w8; C:\WINDOWS\System32\drivers\mwlu97w8x64.sys [1602560 2014-05-28] (Marvell Semiconductors, Inc.)
R3 SurfaceAccessoryDevice; C:\WINDOWS\System32\drivers\SurfaceAccessoryDevice.sys [42048 2014-05-21] (Microsoft Corporation)
R3 SurfaceIntegrationDriver; C:\WINDOWS\System32\drivers\SurfaceIntegrationDriver.sys [38552 2015-07-14] (Microsoft Corporation)
R3 SurfaceTypeCover; C:\WINDOWS\System32\drivers\SurfaceTypeCover.sys [37944 2013-08-07] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-22 09:49 - 2016-10-22 09:50 - 02407424 _____ (Farbar) C:\Users\Shoaib\Downloads\FRST64 (1).exe
2016-10-20 21:39 - 2016-10-20 21:40 - 00034135 _____ C:\Users\Shoaib\Downloads\Addition.txt
2016-10-20 21:37 - 2016-10-22 09:50 - 00016254 _____ C:\Users\Shoaib\Downloads\FRST.txt
2016-10-20 21:37 - 2016-10-22 09:50 - 00000000 ____D C:\FRST
2016-10-20 21:35 - 2016-10-20 21:37 - 02407424 _____ (Farbar) C:\Users\Shoaib\Downloads\FRST64.exe
2016-10-20 18:26 - 2016-10-20 18:26 - 01187130 _____ C:\Users\Shoaib\Downloads\Stuvia-1954-samenvatting-stuvia.pdf
2016-10-20 18:25 - 2016-10-20 18:25 - 03085080 _____ C:\Users\Shoaib\Downloads\Stuvia-4190-consumentengedrag-stuvia.pdf
2016-10-20 18:22 - 2016-10-20 18:22 - 00530922 _____ C:\Users\Shoaib\Downloads\samenvatting-consumentengedrag-de-basis.pdf
2016-10-20 18:06 - 2016-10-20 18:06 - 00002357 _____ C:\Users\Shoaib\Desktop\MissingVerhouten.R
2016-10-19 22:54 - 2016-10-19 22:54 - 00317976 _____ C:\Users\Shoaib\Downloads\Factuur IMDS 18-10-2016.pdf
2016-10-19 22:52 - 2016-10-19 22:52 - 00317980 _____ C:\Users\Shoaib\Downloads\factuur.pdf
2016-10-19 22:52 - 2016-10-19 22:52 - 00317980 _____ C:\Users\Shoaib\Downloads\Factuur IMDS 17-10-2016.pdf
2016-10-18 21:51 - 2016-10-18 21:51 - 00973279 _____ C:\Users\Shoaib\Downloads\Analysis Period 1.pptx
2016-10-18 18:32 - 2016-10-18 18:32 - 00025957 _____ C:\Users\Shoaib\Downloads\quantico-second-season_HI_english-1426339.zip
2016-10-18 13:35 - 2016-10-18 13:35 - 01083263 _____ C:\Users\Shoaib\Downloads\19. Machine Learning and Big Data.pdf
2016-10-16 20:07 - 2016-10-16 20:07 - 00508799 _____ C:\Users\Shoaib\Downloads\Fwd%3a_Samsung_merchandising_wk_42.zip
2016-10-15 22:09 - 2016-10-15 22:09 - 01551540 _____ C:\WINDOWS\Minidump\101516-9437-01.dmp
2016-10-15 10:06 - 2016-10-15 10:06 - 00024406 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_english-1424609.zip
2016-10-15 10:04 - 2016-10-15 10:04 - 00024378 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_HI_english-1424606.zip
2016-10-14 21:11 - 2016-10-14 21:11 - 00066461 _____ C:\Users\Shoaib\Downloads\IntroToDataScience-master.zip
2016-10-14 20:24 - 2016-10-14 20:24 - 00023142 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1423811.zip
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\AppData\Local\ContinuumIO
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\.anaconda
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\Documents\Python Scripts
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
2016-10-13 20:20 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\Anaconda2
2016-10-13 20:17 - 2016-10-13 20:19 - 399546128 _____ (Continuum Analytics, Inc.) C:\Users\Shoaib\Downloads\Anaconda2-4.2.0-Windows-x86_64.exe
2016-10-13 20:14 - 2016-10-13 20:14 - 00000000 ____D C:\Users\Shoaib\.idlerc
2016-10-13 20:09 - 2016-10-13 20:09 - 18907136 _____ C:\Users\Shoaib\Downloads\python-2.7.12.msi
2016-10-12 22:10 - 2016-10-05 09:56 - 01644736 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 01242304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00144576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00085696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 22:10 - 2016-10-05 06:10 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 22:10 - 2016-10-05 06:10 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 22:10 - 2016-10-05 05:09 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 22:10 - 2016-10-05 04:39 - 24611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:33 - 14255104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 22:10 - 2016-10-05 04:26 - 07836672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 19349504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 18675200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:06 - 12587008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-12 22:10 - 2016-09-17 09:45 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-12 22:10 - 2016-09-17 08:45 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00602304 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00591040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00329920 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-12 22:09 - 2016-10-05 09:20 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 22:09 - 2016-10-05 09:20 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 22:09 - 2016-10-05 09:19 - 00129376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 22:09 - 2016-10-05 09:18 - 07468384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 22:09 - 2016-10-05 09:18 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 22:09 - 2016-10-05 09:18 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 22:09 - 2016-10-05 09:01 - 01637216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 22:09 - 2016-10-05 09:01 - 01337184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 22:09 - 2016-10-05 08:54 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 08:17 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 22:09 - 2016-10-05 08:15 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 08:14 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 22:09 - 2016-10-05 08:09 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 22:09 - 2016-10-05 07:45 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 07:39 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-12 22:09 - 2016-10-05 07:39 - 00576856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-12 22:09 - 2016-10-05 07:38 - 00636296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 07:38 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-12 22:09 - 2016-10-05 07:37 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-12 22:09 - 2016-10-05 07:31 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-12 22:09 - 2016-10-05 07:25 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-12 22:09 - 2016-10-05 07:23 - 00305808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 07:08 - 02937896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 22:09 - 2016-10-05 07:05 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 07:01 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-10-12 22:09 - 2016-10-05 07:00 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-12 22:09 - 2016-10-05 06:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-12 22:09 - 2016-10-05 06:50 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-10-12 22:09 - 2016-10-05 06:47 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 06:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 22:09 - 2016-10-05 06:38 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 06:34 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 22:09 - 2016-10-05 06:33 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 06:32 - 00538744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 06:29 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 06:27 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-10-12 22:09 - 2016-10-05 06:23 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-10-12 22:09 - 2016-10-05 06:19 - 00717152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-12 22:09 - 2016-10-05 06:18 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 06:15 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 06:07 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-10-12 22:09 - 2016-10-05 06:05 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 22:09 - 2016-10-05 06:04 - 01718272 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 06:02 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 01661952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 22:09 - 2016-10-05 06:00 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 22:09 - 2016-10-05 05:57 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-10-12 22:09 - 2016-10-05 05:55 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 05:48 - 02437120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 22:09 - 2016-10-05 05:40 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 22:09 - 2016-10-05 05:40 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 22:09 - 2016-10-05 05:30 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 22:09 - 2016-10-05 05:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 05:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 05:15 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 05:14 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-12 22:09 - 2016-10-05 05:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 05:10 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 22:09 - 2016-10-05 05:05 - 01467904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 04:59 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 04:55 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:54 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 22:09 - 2016-10-05 04:40 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 22:09 - 2016-10-05 04:27 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 22:09 - 2016-10-05 04:22 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:13 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:01 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 22:09 - 2016-10-01 04:16 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 22:09 - 2016-09-27 04:39 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-12 22:09 - 2016-09-17 10:08 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 09:28 - 03077120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 22:09 - 2016-09-17 09:12 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 08:43 - 02552832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 22:09 - 2016-09-17 08:22 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-06-18 06:55 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:51 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-12 22:09 - 2016-06-18 06:49 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:45 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-10-12 22:00 - 2016-10-12 22:00 - 00134620 _____ C:\Users\Shoaib\Downloads\Presentation2.pptx
2016-10-12 16:54 - 2016-10-12 16:54 - 00011743 _____ C:\Users\Shoaib\Downloads\Bank-Loan-Proposal-NEW.zip
2016-10-10 22:30 - 2016-10-10 22:30 - 00000679 _____ C:\Users\Shoaib\Desktop\txt.txt
2016-10-10 15:26 - 2016-10-10 15:26 - 00001335 _____ C:\Users\Shoaib\Desktop\Bollywood.lnk
2016-10-09 22:45 - 2016-10-09 22:45 - 00039699 _____ C:\Users\Shoaib\Downloads\Bijlage 2. Planning AH Hertog topkaart wk41.xlsx
2016-10-08 20:35 - 2016-10-08 20:35 - 00024422 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_english-1420115.zip
2016-10-08 20:35 - 2016-10-08 20:35 - 00022672 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_english-1420104.zip
2016-10-06 19:12 - 2016-10-06 19:12 - 00025400 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1419155.zip
2016-10-06 19:12 - 2016-10-06 19:12 - 00025400 _____ C:\Users\Shoaib\Downloads\blindspot-second-season-2015_HI_english-1419155 (1).zip
2016-10-04 20:51 - 2016-10-04 20:51 - 00015922 _____ C:\Users\Shoaib\Downloads\ShoaibSahel.pdf
2016-10-04 13:43 - 2016-10-04 13:43 - 03377560 _____ C:\Users\Shoaib\Downloads\Marug 2016 Onlia Themes.pptx
2016-10-03 18:01 - 2016-10-03 18:01 - 00023044 _____ C:\Users\Shoaib\Downloads\quantico-second-season_english-1417043.zip
2016-10-03 16:42 - 2016-10-03 16:42 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-10-03 16:36 - 2016-10-03 16:37 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-03 16:35 - 2016-10-03 16:35 - 00001230 _____ C:\WINDOWS\system32\.crusader
2016-10-03 16:24 - 2016-10-03 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2016-10-03 16:24 - 2016-10-03 16:24 - 11579432 _____ (SurfRight B.V.) C:\Users\Shoaib\Downloads\hitmanpro_x64.exe
2016-10-03 13:35 - 2016-10-03 13:35 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0 (2).pdf
2016-10-03 12:56 - 2016-10-03 13:20 - 00014690 _____ C:\Users\Shoaib\Downloads\kasboek met pin september.xlsx
2016-10-03 12:54 - 2016-10-03 12:54 - 00014690 _____ C:\Users\Shoaib\Downloads\kasboek met pin augustus.xlsx
2016-10-03 12:54 - 2016-10-03 12:54 - 00014681 _____ C:\Users\Shoaib\Downloads\kasboek met pin juli.xlsx
2016-10-02 19:24 - 2016-10-02 19:24 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0 (1).pdf
2016-10-01 20:37 - 2016-10-01 20:37 - 00025902 _____ C:\Users\Shoaib\Downloads\how-to-get-away-with-murder-third-season-2016_HI_english-1415114.zip
2016-10-01 20:36 - 2016-10-01 20:36 - 00017398 _____ C:\Users\Shoaib\Downloads\the-blacklist-fourth-season_english-1414955.zip
2016-09-29 11:05 - 2016-09-29 11:05 - 00950792 _____ C:\Users\Shoaib\Downloads\Othello N P0.pdf
2016-09-28 21:47 - 2016-09-28 21:47 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00001084 _____ C:\Users\Public\Desktop\R i386 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00001077 _____ C:\Users\Public\Desktop\R x64 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\Users\Shoaib\Documents\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2016-09-28 21:45 - 2016-09-28 21:45 - 00000000 ____D C:\Program Files\R
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\RStudio
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Local\RStudio-Desktop
2016-09-28 21:43 - 2016-09-28 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2016-09-28 21:42 - 2016-09-28 22:43 - 00000000 ____D C:\Users\Shoaib\Desktop\Assignment 1
2016-09-28 21:42 - 2016-09-28 21:43 - 00000000 ____D C:\Program Files\RStudio
2016-09-22 15:05 - 2016-09-22 15:06 - 00000000 ___HD C:\$WINDOWS.~BT
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-22 09:50 - 2015-03-28 22:15 - 00000000 ____D C:\ProgramData\MFAData
2016-10-22 09:50 - 2015-03-28 21:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9C288F5-8C6D-4BA1-82B3-BA989FF4100D}
2016-10-22 09:47 - 2016-08-20 23:41 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-21 23:12 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-21 18:05 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-20 22:56 - 2016-08-20 23:41 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-20 22:21 - 2015-03-28 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-10-20 22:18 - 2016-09-20 10:51 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-10-20 22:09 - 2015-10-30 20:05 - 00781236 _____ C:\WINDOWS\system32\perfh013.dat
2016-10-20 22:09 - 2015-10-30 20:05 - 00151692 _____ C:\WINDOWS\system32\perfc013.dat
2016-10-20 22:09 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-20 22:09 - 2015-09-04 17:53 - 01756766 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-20 22:03 - 2016-02-26 18:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-20 22:03 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-20 21:26 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-20 18:44 - 2013-07-23 22:57 - 00000000 ____D C:\Users\Shoaib\Desktop\Shoaib
2016-10-20 18:09 - 2015-03-28 22:04 - 00000000 ____D C:\Users\Shoaib\Desktop\Films
2016-10-20 09:30 - 2015-03-28 20:45 - 00000000 ____D C:\Users\Shoaib\AppData\Local\Packages
2016-10-18 22:56 - 2015-03-28 22:12 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\uTorrent
2016-10-18 21:49 - 2015-03-28 22:17 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\vlc
2016-10-15 22:11 - 2016-02-26 18:35 - 00000000 ____D C:\Users\Shoaib
2016-10-15 22:09 - 2016-02-28 20:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-14 22:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-14 22:10 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 22:02 - 2016-02-08 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-13 22:02 - 2015-06-24 10:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-13 13:15 - 2015-03-28 20:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-13 13:03 - 2016-02-26 18:31 - 00346048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 23:00 - 2015-03-28 21:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 22:50 - 2015-03-28 21:09 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-05 09:57 - 2016-08-20 23:42 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-05 09:57 - 2016-08-20 23:42 - 00002287 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 16:00 - 2016-08-03 19:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-01 20:35 - 2015-03-29 17:56 - 00000000 ____D C:\Users\Shoaib\Downloads\Overig
2016-10-01 02:23 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:23 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-23 14:48 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-23 14:46 - 2016-06-01 18:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-22 17:54 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-22 17:54 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-22 17:54 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-22 15:06 - 2016-03-30 11:47 - 00000000 ____D C:\WINDOWS\Panther
 
==================== Bestanden in de root van sommige mappen =======
 
2016-05-26 16:24 - 2016-05-26 16:24 - 0004463 _____ () C:\Users\Shoaib\AppData\Local\recently-used.xbel
2016-02-26 18:33 - 2016-02-26 18:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-04 12:03 - 2016-02-04 12:10 - 0000034 _____ () C:\ProgramData\_rputil_rport.dat
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\_rputil_rport.dat
 
 
Sommige bestanden in TEMP:
====================
C:\Users\Shoaib\AppData\Local\Temp\AskSLib.dll
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081277859914.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081468270183.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081569062737.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_081799409838.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08183106316.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08297407065.exe
C:\Users\Shoaib\AppData\Local\Temp\avguirn_08468163917.exe
C:\Users\Shoaib\AppData\Local\Temp\HitmanPro.exe
C:\Users\Shoaib\AppData\Local\Temp\_is2FFF.exe
C:\Users\Shoaib\AppData\Local\Temp\_unps.exe
 
 
==================== Bamital & volsnap ======================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2016-10-13 22:08
 
==================== Eind van FRST.txt ============================
 
 
ADDITION
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-10-2016
Gestart door Shoaib (22-10-2016 09:52:23)
Gestart vanaf C:\Users\Shoaib\Downloads
Windows 10 Pro Versie 1511 (X64) (2016-02-26 16:48:09)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2849808214-2652306205-950976280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2849808214-2652306205-950976280-503 - Limited - Disabled)
Gast (S-1-5-21-2849808214-2652306205-950976280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2849808214-2652306205-950976280-1003 - Limited - Enabled)
Shoaib (S-1-5-21-2849808214-2652306205-950976280-1001 - Administrator - Enabled) => C:\Users\Shoaib
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
µTorrent (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 16.111.7797 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.111.7797 - AVG Technologies)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
Data Rescue PC3 v110714 (HKLM-x32\...\Data Rescue PC3_is1) (Version: v110714 - Prosoft Engineering, Inc.)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Kodi (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Kodi) (Version:  - XBMC-Foundation)
Malwarebytes Anti-Malware versie 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.7167.2055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301043}) (Version: 7.02.9753 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7167.2055 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7167.2055 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7167.2055 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Python 2.7.12 (Anaconda2 4.2.0 64-bit) (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Python 2.7.12 (Anaconda2 4.2.0 64-bit)) (Version: 4.2.0 - Continuum Analytics, Inc.)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.903 - RStudio)
Self-service Plug-in (x32 Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40642 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-2849808214-2652306205-950976280-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Shoaib\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {06DABC0E-8737-476F-89E0-1B07D466B7BA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1B788AFC-BA82-44D5-B57C-BC731C1C3AE0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {1FA030A3-AFCE-443C-B8D6-0067DB7D2B4E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-02] (Microsoft Corporation)
Task: {1FE1EEE2-35B2-42D3-9C28-A9C3EA5D5A92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {44A7049F-79A0-4523-80A3-71C39E9583DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {4A9C1876-F0FA-4877-AC16-A1E9C5E81DD8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6A3A0EE2-C96B-47BF-99EB-601BAAC5E456} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {708B0047-663D-4E0A-A5BF-91534080D7F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-09-02] (Microsoft Corporation)
Task: {77EA723B-32D9-4031-AAE7-4E5DF51A6CDF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {7B976B51-E875-4248-B73F-6E815DA0A9BF} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {7FAAFEF9-6A32-492D-BEEE-007C3B7C96F4} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-01] (Microsoft Corporation)
Task: {86240158-6B13-4F60-BE24-1B4E396A6001} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-09-02] (Microsoft Corporation)
Task: {9188317C-EF71-477C-AF12-077B3942645F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {A0956B81-761F-4E99-87F3-E9D8DD7D52AB} - System32\Tasks\Shoaib => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Shoaib /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== AANDACHT
Task: {A603673E-E968-4202-9E61-F97590CFEDFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {B9425454-E8E8-4B57-B7C5-7403DA44F267} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {D28CC6DB-1D16-4F0E-8003-E6CC3D52FE4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {D340D17F-F832-4486-B2EA-40D569937B0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {D44DF984-954B-42F8-A860-857FFB8D36BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {D7C5AF85-7988-4541-9B22-C2A5D3CC0276} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-09-01] (Microsoft Corporation)
Task: {E3C08174-5EF0-4648-BBA1-64FE39DDD102} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {E5DEEEE9-FB3E-4EE2-88C6-EDAE45F0CD10} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {F54F7312-DEAB-4F20-AE15-838248DF6EEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\WINDOWS\Tasks\0215piUpdateInfo.job => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Snelkoppelingen =============================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
ShortcutWithArgument: C:\Users\Shoaib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Shoaib\Anaconda2\Scripts\activate.bat C:\Users\Shoaib\Anaconda2
ShortcutWithArgument: C:\Users\Shoaib\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Geladen Modules (gefilterd) ==============
 
2015-07-30 22:36 - 2015-04-30 10:26 - 02609312 _____ () C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-15 20:04 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 20:04 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-26 18:26 - 2016-02-26 18:26 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 15:56 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-15 20:02 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-15 20:02 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 20:02 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-15 20:02 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-05 09:57 - 2016-09-25 08:02 - 02279528 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libglesv2.dll
2016-10-05 09:57 - 2016-09-25 08:02 - 00107112 _____ () C:\Program Files (x86)\Google\Chrome\Application\53.0.2785.143\libegl.dll
2015-10-25 12:59 - 2016-04-07 22:40 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
 
==================== Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2013-08-22 15:25 - 2016-08-28 19:29 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBF66D6D-757F-471A-8D18-3B7E37CAE63B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FC9DEE7-DFC1-443B-A4B5-98A2A8A84BCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9042F818-D3C9-4718-B463-B0B2E242B82A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6158875D-9F61-4656-8594-4AA1C1004FDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29A850BD-0A1F-4404-838D-E66DC6E3A8F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D366B73F-E87F-470C-9BA6-7111638AF2AF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{57E19CA4-C594-4CD6-B150-BE8811A89BF5}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{5FDD7754-C635-4D94-A97C-A692789A1AA0}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1D9DFC54-4B2F-4F58-99D3-B5B18FC105F7}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [TCP Query User{F0B838D3-B970-452F-A76D-C87B8EF57A06}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [UDP Query User{9F87E56A-D27F-49ED-ACDC-4F36887F989F}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{06D4DCFF-902C-4D6D-9F47-E144ABC85A94}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{973B400D-D008-46C4-8FD0-ED4337AD526A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{3F10A4A4-A62B-431B-ABF7-BF72EF0B3601}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{7ACCD2E1-BFF7-4118-90E1-457BD0CC611B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{82D805FF-5258-4B0C-84F1-66F38E267039}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{F8037E8F-4C7B-4E90-AB2D-2F383C5CBB24}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{71A3EB08-69BD-4F2A-B761-5AB341097886}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{3CD3741C-B41E-4E1B-B012-2177AB4F9A22}] => (Allow) C:\Users\Shoaib\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{740B6055-0519-45F4-A06D-6ACA00EA7352}] => (Allow) C:\Users\Shoaib\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{057BB99D-B3F8-425B-BDF9-42C73CB95866}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2155D2C9-C706-4C83-BE7F-D31C9FCFF69B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AC78C03B-767D-4548-9DAF-601B6CCBCBAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB59DD64-0A59-4EDF-A3A1-D446CFC1AD8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D1A66B96-5ED5-46F9-8FC1-A8D52423FA76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C869F708-9DC3-4CE8-8622-7313910D1F06}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{72D62A15-BF57-46F4-9789-41C35A33A3A1}C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [UDP Query User{D446639E-0056-4F0D-B4BD-6E94881A0927}C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [TCP Query User{EE920A78-58A0-4EE5-A249-2F164B9CEF48}C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [UDP Query User{6EB9340B-CC6F-42B1-A072-6F8944143E25}C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [TCP Query User{E1C2A8E5-E1D1-453D-BC8E-9F030A63D9E9}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{2563A449-43A1-4EAF-BECB-DAB20F9E8EC6}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{29F16D48-7043-4A9B-A702-A63395A596E7}] => (Allow) C:\Users\Shoaib\AppData\Local\Temp\nswEB10.tmpMoboInstall\mobogenieP2sp.exe
FirewallRules: [{DE9F01F7-5890-42D0-B481-6520475950C4}] => (Allow) C:\Users\Shoaib\AppData\Local\Temp\nswEB10.tmpMoboInstall\mobogenieP2sp.exe
FirewallRules: [TCP Query User{3787780F-CB56-49E3-A9C9-2DAC25D6BAE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{7486607F-B838-448C-94A6-EA65622AFC42}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1A122739-F1C0-4ECA-9568-525ABBD54674}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{CD7725DE-6E22-4434-BF97-3DF8D2BD268D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{38636908-228A-44D1-B38F-1573D71689B6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{45D7761C-C56E-46FF-9923-A4C13578EE99}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{541D20B1-BCC1-4A2E-880D-CF81690E85F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{E0275181-7B44-4297-A008-13E9D52C3529}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0BF73C15-740E-4C34-B1FF-1A4E41ADC01F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B302DD0E-09F4-4033-8BEF-7C8591AA0D66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8715EB20-E05D-41B1-B7D2-36506C48D0FC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E65D1F80-3E06-4FEE-9531-02E3A98F6F41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AFF2665C-613A-4952-9589-D532D8BEEF7A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{21A1E4E5-995E-4189-A5D2-D309EA9C47B4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E5FC6609-50C7-44B9-BEE9-5AF2AA4C477D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{AB974D97-0A8E-447A-9F88-D15C76F7273E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{964EF41B-B2B2-443F-8F66-E663719FB3C7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E666D05A-2493-4634-8701-8E4025FCD449}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{CD76D802-E1F5-4E07-AFEF-18F47CBABF68}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9968749A-D44E-41E7-87C0-BA43F9E0BE70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{C793E07E-B1A9-42E8-9B06-D8AB573744BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Herstelpunten =========================
 
AANDACHT: Systeemherstel is uitgeschakeld
 
==================== Defecte Apparaatbeheer Apparaten =============
 
Name: 
Description: 
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (10/21/2016 06:11:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
 
Error: (10/20/2016 10:21:15 PM) (Source: MsiInstaller) (EventID: 11307) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 1307. SA_Error1307: StandardAction(0xC007051B): There is not enough disk space to install this file: C:\Program Files (x86)\AVG\Av\avgntopensslx.dll. Free some disk space and click Retry, or click Cancel to exit.
 
Error: (10/20/2016 05:34:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
 
Error: (10/19/2016 03:04:01 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {D9E5A956-1F91-4EF2-B6CD-C93F0F5D5E87}
 
Error: (10/19/2016 03:04:01 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {D9E5A956-1F91-4EF2-B6CD-C93F0F5D5E87}
 
Error: (10/19/2016 11:21:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Shoaib)
Description: Het activeren van de app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
 
Error: (10/19/2016 10:18:39 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5560FE3E-9B4F-44BB-AF4D-4CB111E4C49A}
 
Error: (10/19/2016 10:18:39 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5560FE3E-9B4F-44BB-AF4D-4CB111E4C49A}
 
Error: (10/19/2016 09:49:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Shoaib)
Description: Het activeren van de app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
 
Error: (10/19/2016 09:02:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: DllHost.exe, versie: 10.0.10586.0, tijdstempel: 0x5632d8f4
Naam van module met fout: ntdll.dll, versie: 10.0.10586.306, tijdstempel: 0x571af2eb
Uitzonderingscode: 0xc0000005
Foutmarge: 0x000000000002fe34
Id van proces met fout: 0x1d58
Starttijd van toepassing met fout: 0x01d229d6b601b01f
Pad naar toepassing met fout: C:\WINDOWS\system32\DllHost.exe
Pad naar module met fout: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-id: 903a8460-b622-4356-9482-271d39664e27
Volledige pakketnaam met fout: 
Relatieve toepassings-id van pakket met fout:
 
 
Systeemfouten:
=============
Error: (10/22/2016 09:49:55 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
 
Error: (10/22/2016 09:46:49 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.
 
Error: (10/21/2016 11:30:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_42c65d-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/21/2016 11:30:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Storage_42c65d-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/21/2016 11:30:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Contact Data_42c65d-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/21/2016 11:30:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Host synchroniseren_42c65d-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/21/2016 11:19:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installatiefout: de volgende update kan niet worden geïnstalleerd, foutcode 0x80070490: Ricoh - Printers - RICOH Class Driver Plus.
 
Error: (10/21/2016 11:14:49 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
 
Error: (10/21/2016 11:11:46 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Er is een onbekende fout in de lokale Bluetooth-adapter opgetreden en deze wordt niet gebruikt. Het stuurprogramma wordt verwijderd.
 
Error: (10/21/2016 07:43:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De User Data Access_2be63e-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
 
CodeIntegrity:
===================================
  Date: 2016-10-20 21:33:27.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-15 10:04:56.275
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 23:32:57.252
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 20:31:07.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 13:04:47.512
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 19:56:56.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-23 14:47:26.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-23 10:40:54.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-22 19:54:09.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-22 15:40:03.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Geheugen info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage geheugen in gebruik: 58%
Totaal fysiek RAM-geheugen: 4016.04 MB
Beschikbaar fysiek RAM-geheugen: 1679.68 MB
Totaal Virtueel geheugen: 4720.04 MB
Beschikbaar Virtual geheugen: 2365.14 MB
 
==================== Schijven ================================
 
Drive c: (Windows) (Fixed) (Total:112.18 GB) (Free:0.65 GB) NTFS
Drive d: () (Removable) (Total:62.5 GB) (Free:62.49 GB) exFAT
 
==================== MBR & Partitietabel ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 65FA8504)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 62.5 GB) (Disk ID: 008FACB3)
Partition 1: (Active) - (Size=62.5 GB) - (Type=07 NTFS)
 
  • ==================== Eind van Addition.txt ============================


#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 22 October 2016 - 08:42 AM

The hijack is still not completely gone. Please follow the instructions in my previous post.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 Afgs1993

Afgs1993
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 22 October 2016 - 12:40 PM

Dear Yoan,

 

I followed your steps and the kb ribaki did not show up again. These are my results:

 

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 17-10-2016
Gestart door Shoaib (22-10-2016 19:33:02) Run:1
Gestart vanaf C:\Users\Shoaib\Downloads
Geladen Profielen: Shoaib (Beschikbare Profielen: Shoaib)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
CloseProcesses:
CreateRestorePoint:
 
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [Shoaib] => explorer.exe hxxp://kb-ribaki.org <===== AANDACHT
 
Task: {06DABC0E-8737-476F-89E0-1B07D466B7BA} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Geen bestand <==== AANDACHT
Task: {1FE1EEE2-35B2-42D3-9C28-A9C3EA5D5A92} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Geen bestand <==== AANDACHT
Task: {44A7049F-79A0-4523-80A3-71C39E9583DF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Geen bestand <==== AANDACHT
Task: {77EA723B-32D9-4031-AAE7-4E5DF51A6CDF} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Geen bestand <==== AANDACHT
Task: {9188317C-EF71-477C-AF12-077B3942645F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Geen bestand <==== AANDACHT
Task: {A0956B81-761F-4E99-87F3-E9D8DD7D52AB} - System32\Tasks\Shoaib => /c REG ADD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /f /v Shoaib /t REG_SZ /d "explorer.exe hxxp://kb-ribaki.org" <==== AANDACHT
Task: {A603673E-E968-4202-9E61-F97590CFEDFC} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Geen bestand <==== AANDACHT
Task: {B9425454-E8E8-4B57-B7C5-7403DA44F267} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Geen bestand <==== AANDACHT
Task: {D340D17F-F832-4486-B2EA-40D569937B0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Geen bestand <==== AANDACHT
Task: {E3C08174-5EF0-4648-BBA1-64FE39DDD102} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Geen bestand <==== AANDACHT
Task: {E5DEEEE9-FB3E-4EE2-88C6-EDAE45F0CD10} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Geen bestand <==== AANDACHT
Task: {F54F7312-DEAB-4F20-AE15-838248DF6EEA} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Geen bestand <==== AANDACHT
Task: C:\WINDOWS\Tasks\0215piUpdateInfo.job => C:\ProgramData\Avg_Update_0215pi\0215pi_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0415avUpdateInfo.job => C:\ProgramData\Avg_Update_0415av\0415av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0615avUpdateInfo.job => C:\ProgramData\Avg_Update_0615av\0615av_AVG-Secure-Search-Update.exe
Task: C:\WINDOWS\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
 
EmptyTemp:
*****************
 
Proces succesvol afgesloten.
Fout: (0) Mislukt een herstelpunt maken.
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Shoaib => waarde niet gevonden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06DABC0E-8737-476F-89E0-1B07D466B7BA}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06DABC0E-8737-476F-89E0-1B07D466B7BA}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1FE1EEE2-35B2-42D3-9C28-A9C3EA5D5A92}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FE1EEE2-35B2-42D3-9C28-A9C3EA5D5A92}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{44A7049F-79A0-4523-80A3-71C39E9583DF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{44A7049F-79A0-4523-80A3-71C39E9583DF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{77EA723B-32D9-4031-AAE7-4E5DF51A6CDF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{77EA723B-32D9-4031-AAE7-4E5DF51A6CDF}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9188317C-EF71-477C-AF12-077B3942645F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9188317C-EF71-477C-AF12-077B3942645F}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{A0956B81-761F-4E99-87F3-E9D8DD7D52AB}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0956B81-761F-4E99-87F3-E9D8DD7D52AB}" => sleutel is succesvol verwijderd.
C:\WINDOWS\System32\Tasks\Shoaib => is succesvol verplaatst.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Shoaib" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A603673E-E968-4202-9E61-F97590CFEDFC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A603673E-E968-4202-9E61-F97590CFEDFC}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9425454-E8E8-4B57-B7C5-7403DA44F267}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9425454-E8E8-4B57-B7C5-7403DA44F267}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D340D17F-F832-4486-B2EA-40D569937B0A}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D340D17F-F832-4486-B2EA-40D569937B0A}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3C08174-5EF0-4648-BBA1-64FE39DDD102}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3C08174-5EF0-4648-BBA1-64FE39DDD102}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E5DEEEE9-FB3E-4EE2-88C6-EDAE45F0CD10}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5DEEEE9-FB3E-4EE2-88C6-EDAE45F0CD10}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F54F7312-DEAB-4F20-AE15-838248DF6EEA}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F54F7312-DEAB-4F20-AE15-838248DF6EEA}" => sleutel is succesvol verwijderd.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => sleutel is succesvol verwijderd.
C:\WINDOWS\Tasks\0215piUpdateInfo.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\0415avUpdateInfo.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\0615avUpdateInfo.job => is succesvol verplaatst.
C:\WINDOWS\Tasks\0715avUpdateInfo.job => is succesvol verplaatst.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9851625 B
Java, Flash, Steam htmlcache => 22798674 B
Windows/system/drivers => 526422440 B
Edge => 1097039371 B
Chrome => 119984150 B
Firefox => 0 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 240504 B
NetworkService => 0 B
Shoaib => 2438222846 B
 
RecycleBin => 0 B
EmptyTemp: => 3.9 GB tijdelijke gegevens verwijderd.
 
================================
 
 
Het systeem moest herstart worden.
 
==== Eind van Fixlog 19:38:07 ====


#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 22 October 2016 - 12:45 PM

Good :) Now please provide me a new set of FRST logs (FRST.txt and Addition.txt) so I can confirm that it's really gone.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 Afgs1993

Afgs1993
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 22 October 2016 - 02:03 PM

Dear Yoan,

 

Hereby the frst and addition txt file. Thank you for your help. 

 

FRST

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 17-10-2016

Gestart door Shoaib (Beheerder) op SHOAIB (22-10-2016 21:00:17)
Gestart vanaf C:\Users\Shoaib\Downloads
Geladen Profielen: Shoaib (Beschikbare Profielen: Shoaib)
Platform: Windows 10 Pro Versie 1511 (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Alexander Roshal) C:\Program Files\WinRAR\WinRAR.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
 
 
==================== Register (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [530560 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [Redirector] => C:\Program Files (x86)\Citrix\ICA Client\redirector.exe [239744 2016-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [218896 2016-09-13] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2007-06-27] (Nero AG)
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{b4d81f50-ee4e-4b3f-9d47-b12cda274eba}: [DhcpNameServer] 192.168.1.1
 
Internet Explorer:
==================
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.nl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-22] (Microsoft Corporation)
BHO: Geen Naam -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Geen bestand
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-22] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-10-22] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-10-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-22] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2016-04-25] (Citrix Systems, Inc.)
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2016-04-25] (Citrix Systems, Inc.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-10-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.nl/"
CHR Profile: C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Default [2016-10-22]
CHR Profile: C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-10-22]
CHR Extension: (Google Presentaties) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-10-20]
CHR Extension: (Google Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-10-20]
CHR Extension: (Google Drive) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-10-20]
CHR Extension: (YouTube) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-20]
CHR Extension: (Adblock Plus) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-10-20]
CHR Extension: (Block site) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2016-10-20]
CHR Extension: (Google Spreadsheets) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-10-20]
CHR Extension: (Offline Documenten) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-10-20]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-10-20]
CHR Extension: (Gmail) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-20]
CHR Extension: (Chrome Media Router) - C:\Users\Shoaib\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-20]
 
==================== Services (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [647864 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [2050040 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5332384 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1149712 2016-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [727512 2016-10-13] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 TConnectScheduler; C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe [2609312 2015-04-30] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5447952 2015-03-25] (TeamViewer GmbH)
S3 vmicvss; C:\WINDOWS\System32\ICSvc.dll [511488 2016-09-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364456 2016-09-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-09-07] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ======================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73480 2016-06-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [311552 2016-09-22] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [272640 2016-07-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [265472 2016-09-20] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [254208 2016-09-26] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [22704 2016-08-03] ()
R3 LcUvcUpper; C:\WINDOWS\system32\DRIVERS\LcUvcUpper.sys [34408 2013-09-27] (Microsoft Corporation)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-13] (Intel Corporation)
R3 mwlu97w8; C:\WINDOWS\System32\drivers\mwlu97w8x64.sys [1602560 2014-05-28] (Marvell Semiconductors, Inc.)
R3 SurfaceAccessoryDevice; C:\WINDOWS\System32\drivers\SurfaceAccessoryDevice.sys [42048 2014-05-21] (Microsoft Corporation)
R3 SurfaceIntegrationDriver; C:\WINDOWS\System32\drivers\SurfaceIntegrationDriver.sys [38552 2015-07-14] (Microsoft Corporation)
R3 SurfaceTypeCover; C:\WINDOWS\System32\drivers\SurfaceTypeCover.sys [37944 2013-08-07] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-22 19:45 - 2016-10-22 19:46 - 00000000 ____D C:\Users\Shoaib\Downloads\Overig 2016
2016-10-22 19:42 - 2016-10-22 19:48 - 00000000 ____D C:\Users\Shoaib\Desktop\Blindspot.S02E06.HDTV.x264-LOL[ettv]
2016-10-22 19:42 - 2016-10-22 19:45 - 00000000 ____D C:\Users\Shoaib\Desktop\The.Blacklist.S04E05.HDTV.x264-KILLERS[ettv]
2016-10-22 19:42 - 2016-10-22 19:44 - 00000000 ____D C:\Users\Shoaib\Desktop\How.to.Get.Away.with.Murder.S03E05.HDTV.x264-LOL[ettv]
2016-10-22 19:33 - 2016-10-22 19:38 - 00009448 _____ C:\Users\Shoaib\Downloads\Fixlog.txt
2016-10-22 09:53 - 2016-10-22 21:00 - 00016133 _____ C:\Users\Shoaib\Downloads\FRST.txt
2016-10-22 09:53 - 2016-10-22 09:53 - 00034216 _____ C:\Users\Shoaib\Downloads\Addition.txt
2016-10-22 09:49 - 2016-10-22 09:50 - 02407424 _____ (Farbar) C:\Users\Shoaib\Downloads\FRST64 (1).exe
2016-10-20 21:37 - 2016-10-22 21:00 - 00000000 ____D C:\FRST
2016-10-20 21:35 - 2016-10-20 21:37 - 02407424 _____ (Farbar) C:\Users\Shoaib\Downloads\FRST64.exe
2016-10-20 18:06 - 2016-10-20 18:06 - 00002357 _____ C:\Users\Shoaib\Desktop\MissingVerhouten.R
2016-10-18 13:35 - 2016-10-18 13:35 - 01083263 _____ C:\Users\Shoaib\Downloads\19. Machine Learning and Big Data.pdf
2016-10-15 22:09 - 2016-10-15 22:09 - 01551540 _____ C:\WINDOWS\Minidump\101516-9437-01.dmp
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\AppData\Local\ContinuumIO
2016-10-13 20:29 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\.anaconda
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\Documents\Python Scripts
2016-10-13 20:28 - 2016-10-13 20:28 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)
2016-10-13 20:20 - 2016-10-13 20:29 - 00000000 ____D C:\Users\Shoaib\Anaconda2
2016-10-13 20:14 - 2016-10-13 20:14 - 00000000 ____D C:\Users\Shoaib\.idlerc
2016-10-12 22:10 - 2016-10-05 09:56 - 01644736 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 01242304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00144576 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-12 22:10 - 2016-10-05 09:56 - 00085696 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-12 22:10 - 2016-10-05 06:10 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-12 22:10 - 2016-10-05 06:10 - 00602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-12 22:10 - 2016-10-05 05:09 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-12 22:10 - 2016-10-05 04:39 - 24611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:33 - 14255104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-12 22:10 - 2016-10-05 04:26 - 07836672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 19349504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-12 22:10 - 2016-10-05 04:13 - 18675200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-12 22:10 - 2016-10-05 04:06 - 12587008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-12 22:10 - 2016-09-17 09:45 - 02610176 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-10-12 22:10 - 2016-09-17 08:45 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00602304 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00591040 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00329920 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-12 22:09 - 2016-10-05 09:56 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-12 22:09 - 2016-10-05 09:20 - 01030408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-12 22:09 - 2016-10-05 09:20 - 00875480 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-12 22:09 - 2016-10-05 09:19 - 00129376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-12 22:09 - 2016-10-05 09:18 - 07468384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-12 22:09 - 2016-10-05 09:18 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-12 22:09 - 2016-10-05 09:18 - 01142560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-12 22:09 - 2016-10-05 09:01 - 01637216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-12 22:09 - 2016-10-05 09:01 - 01337184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-12 22:09 - 2016-10-05 08:54 - 01297760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 08:17 - 03693064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-12 22:09 - 2016-10-05 08:15 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 08:14 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-12 22:09 - 2016-10-05 08:09 - 00604920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-12 22:09 - 2016-10-05 07:45 - 00987488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-10-12 22:09 - 2016-10-05 07:39 - 01988448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-12 22:09 - 2016-10-05 07:39 - 00576856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-12 22:09 - 2016-10-05 07:38 - 00636296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 07:38 - 00393056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-12 22:09 - 2016-10-05 07:37 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-12 22:09 - 2016-10-05 07:31 - 00422240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2016-10-12 22:09 - 2016-10-05 07:25 - 00871776 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-12 22:09 - 2016-10-05 07:23 - 00305808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 07:08 - 02937896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-12 22:09 - 2016-10-05 07:05 - 00256704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-10-12 22:09 - 2016-10-05 07:01 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-10-12 22:09 - 2016-10-05 07:00 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-12 22:09 - 2016-10-05 06:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-12 22:09 - 2016-10-05 06:50 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2016-10-12 22:09 - 2016-10-05 06:49 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-10-12 22:09 - 2016-10-05 06:47 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 06:47 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-12 22:09 - 2016-10-05 06:38 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 06:35 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 06:34 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-12 22:09 - 2016-10-05 06:33 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-12 22:09 - 2016-10-05 06:32 - 00538744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 06:30 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 06:29 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 06:27 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-10-12 22:09 - 2016-10-05 06:23 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-10-12 22:09 - 2016-10-05 06:19 - 00717152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-12 22:09 - 2016-10-05 06:18 - 00253080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2016-10-12 22:09 - 2016-10-05 06:17 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 06:15 - 00458240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 06:07 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-10-12 22:09 - 2016-10-05 06:05 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-12 22:09 - 2016-10-05 06:04 - 01718272 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 06:02 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 01661952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-12 22:09 - 2016-10-05 06:00 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-12 22:09 - 2016-10-05 06:00 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-12 22:09 - 2016-10-05 05:57 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-10-12 22:09 - 2016-10-05 05:55 - 03549696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 05:48 - 02437120 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-12 22:09 - 2016-10-05 05:40 - 03589120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-12 22:09 - 2016-10-05 05:40 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2016-10-12 22:09 - 2016-10-05 05:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-12 22:09 - 2016-10-05 05:30 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 05:29 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-12 22:09 - 2016-10-05 05:28 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-10-12 22:09 - 2016-10-05 05:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-12 22:09 - 2016-10-05 05:23 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2016-10-12 22:09 - 2016-10-05 05:15 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-10-12 22:09 - 2016-10-05 05:14 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-10-12 22:09 - 2016-10-05 05:13 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2016-10-12 22:09 - 2016-10-05 05:10 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-12 22:09 - 2016-10-05 05:05 - 01467904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-12 22:09 - 2016-10-05 05:04 - 00885248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-12 22:09 - 2016-10-05 04:59 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-12 22:09 - 2016-10-05 04:55 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:54 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-12 22:09 - 2016-10-05 04:40 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 13392384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:39 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-12 22:09 - 2016-10-05 04:27 - 09920512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-12 22:09 - 2016-10-05 04:22 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-12 22:09 - 2016-10-05 04:13 - 12134400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-12 22:09 - 2016-10-05 04:01 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-12 22:09 - 2016-10-01 04:16 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-12 22:09 - 2016-09-27 04:39 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-12 22:09 - 2016-09-17 10:08 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 09:28 - 03077120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-12 22:09 - 2016-09-17 09:12 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-12 22:09 - 2016-09-17 08:43 - 02552832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-12 22:09 - 2016-09-17 08:22 - 04405248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-12 22:09 - 2016-06-18 06:55 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:51 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-10-12 22:09 - 2016-06-18 06:49 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-10-12 22:09 - 2016-06-18 06:45 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-10-10 22:30 - 2016-10-10 22:30 - 00000679 _____ C:\Users\Shoaib\Desktop\txt.txt
2016-10-10 15:26 - 2016-10-10 15:26 - 00001335 _____ C:\Users\Shoaib\Desktop\Bollywood.lnk
2016-10-07 22:52 - 2016-10-07 22:52 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00394496 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00334608 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00089328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2016-10-07 22:52 - 2016-10-07 22:52 - 00085744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00639728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2016-10-07 22:49 - 2016-10-07 22:49 - 00244504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2016-10-07 22:45 - 2016-10-07 22:45 - 00271112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2016-10-03 16:42 - 2016-10-03 16:42 - 00012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2016-10-03 16:36 - 2016-10-03 16:37 - 00000000 ____D C:\Program Files\HitmanPro
2016-10-03 16:35 - 2016-10-03 16:35 - 00001230 _____ C:\WINDOWS\system32\.crusader
2016-10-03 16:24 - 2016-10-03 16:43 - 00000000 ____D C:\ProgramData\HitmanPro
2016-09-28 21:47 - 2016-09-28 21:47 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00001084 _____ C:\Users\Public\Desktop\R i386 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00001077 _____ C:\Users\Public\Desktop\R x64 3.3.1.lnk
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\Users\Shoaib\Documents\R
2016-09-28 21:46 - 2016-09-28 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2016-09-28 21:45 - 2016-09-28 21:45 - 00000000 ____D C:\Program Files\R
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\RStudio
2016-09-28 21:44 - 2016-10-20 18:44 - 00000000 ____D C:\Users\Shoaib\AppData\Local\RStudio-Desktop
2016-09-28 21:43 - 2016-09-28 21:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2016-09-28 21:42 - 2016-09-28 22:43 - 00000000 ____D C:\Users\Shoaib\Desktop\Assignment 1
2016-09-28 21:42 - 2016-09-28 21:43 - 00000000 ____D C:\Program Files\RStudio
2016-09-26 18:19 - 2016-09-26 18:19 - 00254208 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys
2016-09-22 15:05 - 2016-09-22 15:06 - 00000000 ___HD C:\$WINDOWS.~BT
2016-09-22 14:44 - 2016-09-22 14:44 - 00311552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdrivera.sys
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2016-10-22 20:56 - 2016-08-20 23:41 - 00001078 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-22 20:24 - 2015-03-28 22:15 - 00000000 ____D C:\ProgramData\MFAData
2016-10-22 20:04 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-22 20:01 - 2016-06-01 18:59 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-22 19:57 - 2015-10-25 13:02 - 00001016 _____ C:\Users\Public\Desktop\AVG Protection.lnk
2016-10-22 19:53 - 2016-09-20 10:51 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2016-10-22 19:52 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-22 19:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-22 19:48 - 2015-03-29 17:56 - 00000000 ____D C:\Users\Shoaib\Downloads\Overig
2016-10-22 19:48 - 2015-03-28 22:12 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\uTorrent
2016-10-22 19:45 - 2015-10-30 20:05 - 00781236 _____ C:\WINDOWS\system32\perfh013.dat
2016-10-22 19:45 - 2015-10-30 20:05 - 00151692 _____ C:\WINDOWS\system32\perfc013.dat
2016-10-22 19:45 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-10-22 19:45 - 2015-09-04 17:53 - 01756766 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-22 19:39 - 2016-08-20 23:41 - 00001074 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-22 19:38 - 2016-02-26 18:41 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-22 19:38 - 2015-10-30 08:28 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2016-10-22 19:35 - 2016-03-15 00:28 - 00000000 ____D C:\Users\Shoaib\AppData\LocalLow\Temp
2016-10-22 09:50 - 2015-03-28 21:44 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E9C288F5-8C6D-4BA1-82B3-BA989FF4100D}
2016-10-20 21:26 - 2015-10-30 08:28 - 00008192 ___SH C:\WINDOWS\system32\config\ELAM
2016-10-20 18:44 - 2013-07-23 22:57 - 00000000 ____D C:\Users\Shoaib\Desktop\Shoaib
2016-10-20 18:09 - 2015-03-28 22:04 - 00000000 ____D C:\Users\Shoaib\Desktop\Films
2016-10-20 09:30 - 2015-03-28 20:45 - 00000000 ____D C:\Users\Shoaib\AppData\Local\Packages
2016-10-18 21:49 - 2015-03-28 22:17 - 00000000 ____D C:\Users\Shoaib\AppData\Roaming\vlc
2016-10-15 22:11 - 2016-02-26 18:35 - 00000000 ____D C:\Users\Shoaib
2016-10-15 22:09 - 2016-02-28 20:17 - 00000000 ____D C:\WINDOWS\Minidump
2016-10-14 22:10 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-14 22:10 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-13 22:02 - 2016-02-08 21:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-13 22:02 - 2015-06-24 10:53 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-13 13:15 - 2015-03-28 20:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-13 13:03 - 2016-02-26 18:31 - 00346048 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 23:06 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 23:00 - 2015-03-28 21:09 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 22:50 - 2015-03-28 21:09 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-05 09:57 - 2016-08-20 23:42 - 00002299 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-05 09:57 - 2016-08-20 23:42 - 00002287 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-03 16:00 - 2016-08-03 19:23 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-01 02:23 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-01 02:23 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\setup
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-09-22 17:56 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:31 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-09-22 17:56 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-09-22 17:54 - 2015-10-30 09:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2016-09-22 17:54 - 2015-10-30 09:19 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2016-09-22 17:54 - 2015-10-30 09:18 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2016-09-22 15:06 - 2016-03-30 11:47 - 00000000 ____D C:\WINDOWS\Panther
 
==================== Bestanden in de root van sommige mappen =======
 
2016-05-26 16:24 - 2016-05-26 16:24 - 0004463 _____ () C:\Users\Shoaib\AppData\Local\recently-used.xbel
2016-02-26 18:33 - 2016-02-26 18:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2016-02-04 12:03 - 2016-02-04 12:10 - 0000034 _____ () C:\ProgramData\_rputil_rport.dat
 
Bestanden om te verplaatsen of verwijderen:
====================
C:\ProgramData\_rputil_rport.dat
 
 
==================== Bamital & volsnap ======================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\WINDOWS\system32\winlogon.exe => Bestand is getekend
C:\WINDOWS\system32\wininit.exe => Bestand is getekend
C:\WINDOWS\explorer.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\explorer.exe => Bestand is getekend
C:\WINDOWS\system32\svchost.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\svchost.exe => Bestand is getekend
C:\WINDOWS\system32\services.exe => Bestand is getekend
C:\WINDOWS\system32\User32.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\User32.dll => Bestand is getekend
C:\WINDOWS\system32\userinit.exe => Bestand is getekend
C:\WINDOWS\SysWOW64\userinit.exe => Bestand is getekend
C:\WINDOWS\system32\rpcss.dll => Bestand is getekend
C:\WINDOWS\system32\dnsapi.dll => Bestand is getekend
C:\WINDOWS\SysWOW64\dnsapi.dll => Bestand is getekend
C:\WINDOWS\system32\Drivers\volsnap.sys => Bestand is getekend
 
 
LastRegBack: 2016-10-13 22:08
 
==================== Eind van FRST.txt ============================
 
ADDITION
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 17-10-2016
Gestart door Shoaib (22-10-2016 21:02:01)
Gestart vanaf C:\Users\Shoaib\Downloads
Windows 10 Pro Versie 1511 (X64) (2016-02-26 16:48:09)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2849808214-2652306205-950976280-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2849808214-2652306205-950976280-503 - Limited - Disabled)
Gast (S-1-5-21-2849808214-2652306205-950976280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2849808214-2652306205-950976280-1003 - Limited - Enabled)
Shoaib (S-1-5-21-2849808214-2652306205-950976280-1001 - Administrator - Enabled) => C:\Users\Shoaib
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
µTorrent (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\uTorrent) (Version: 3.4.8.42576 - BitTorrent Inc.)
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 15.020.20039 - Adobe Systems Incorporated)
Apple Application Support (32-bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
AVG (Version: 16.121.7859 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4664 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.121.7859 - AVG Technologies)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.4.1000.16 - Citrix Systems, Inc.)
Data Rescue PC3 v110714 (HKLM-x32\...\Data Rescue PC3_is1) (Version: v110714 - Prosoft Engineering, Inc.)
FMW 1 (Version: 1.132.1 - AVG Technologies) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 53.0.2785.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Kodi (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Kodi) (Version:  - XBMC-Foundation)
Malwarebytes Anti-Malware versie 1.80.2.1012 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.80.2.1012 - Malwarebytes Corporation)
Microsoft Office 365 ProPlus - nl-nl (HKLM\...\O365ProPlusRetail - nl-nl) (Version: 16.0.7369.2038 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301043}) (Version: 7.02.9753 - Nero AG)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7369.2038 - Microsoft Corporation) Hidden
Online Plug-in (x32 Version: 14.4.1000.16 - Citrix Systems, Inc.) Hidden
Python 2.7.12 (Anaconda2 4.2.0 64-bit) (HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\Python 2.7.12 (Anaconda2 4.2.0 64-bit)) (Version: 4.2.0 - Continuum Analytics, Inc.)
R for Windows 3.3.1 (HKLM\...\R for Windows 3.3.1_is1) (Version: 3.3.1 - R Core Team)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.903 - RStudio)
Self-service Plug-in (x32 Version: 4.4.1000.13058 - Citrix Systems, Inc.) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40642 - TeamViewer)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-2849808214-2652306205-950976280-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Shoaib\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {17C41421-A42E-4089-BB5B-0F0D7973AB36} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-22] (Microsoft Corporation)
Task: {1B788AFC-BA82-44D5-B57C-BC731C1C3AE0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-09-16] (Adobe Systems Incorporated)
Task: {23BCB611-467C-482F-B90E-DFD6BA65D530} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {4A9C1876-F0FA-4877-AC16-A1E9C5E81DD8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {6A3A0EE2-C96B-47BF-99EB-601BAAC5E456} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {708B0047-663D-4E0A-A5BF-91534080D7F9} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-10-22] (Microsoft Corporation)
Task: {7B976B51-E875-4248-B73F-6E815DA0A9BF} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {D28CC6DB-1D16-4F0E-8003-E6CC3D52FE4B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {D44DF984-954B-42F8-A860-857FFB8D36BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-20] (Google Inc.)
Task: {D829BD57-2A81-48F0-8611-FC7E4DCD1988} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-10-08] (Microsoft Corporation)
Task: {E77413A8-8D89-4633-BEE1-AC09282BA59E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-10-22] (Microsoft Corporation)
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Snelkoppelingen =============================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
ShortcutWithArgument: C:\Users\Shoaib\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Anaconda2 (64-bit)\Anaconda Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation) -> "/K" C:\Users\Shoaib\Anaconda2\Scripts\activate.bat C:\Users\Shoaib\Anaconda2
ShortcutWithArgument: C:\Users\Shoaib\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
 
==================== Geladen Modules (gefilterd) ==============
 
2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-07-30 22:36 - 2015-04-30 10:26 - 02609312 _____ () C:\Program Files (x86)\Takeaway.com\Tconnect\tconnectservice.exe
2016-09-15 20:04 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-15 20:04 - 2016-09-07 07:39 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-02-26 18:26 - 2016-02-26 18:26 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 15:56 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-09-15 20:02 - 2016-09-07 06:15 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-09-15 20:02 - 2016-09-07 06:10 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-15 20:02 - 2016-09-07 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-09-15 20:02 - 2016-09-07 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-19 21:24 - 2016-04-19 21:25 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-08-25 15:24 - 2016-08-25 15:24 - 03763712 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1608.2213.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-10-25 12:59 - 2016-04-07 22:40 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-04-19 21:24 - 2016-04-19 21:24 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 21:24 - 2016-04-19 21:25 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00140568 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 02628888 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00551192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00039192 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00037144 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00083736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00075544 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 02155800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00111384 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00240920 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00086808 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00053016 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00069400 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00591128 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00768792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00128792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00049944 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00020760 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00137496 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01563928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00330008 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01261336 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00066840 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00045848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00236824 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00106264 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00093976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00034072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 11994904 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00088856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libtta_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00029464 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libnuv_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00082200 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmpc_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00027416 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libwav_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00032024 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libcaf_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00958744 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsid_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00134424 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdiracsys_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01300760 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmkv_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00125208 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libhttp_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00043800 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00020248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_cdg_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00084248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libvobsub_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00023832 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libdemux_stl_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00098072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libsubtitle_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00258328 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00024344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00301848 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01288472 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00751896 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00341784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00025880 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00034072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00049432 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00448792 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00033048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00154904 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01546520 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00353560 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00025368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00025368 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00028952 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00360728 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00119064 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00025880 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 13153048 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01530136 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvpx_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00035608 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libscte27_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01571096 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libzvbi_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00064280 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libsubsdec_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00769816 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00036120 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00027416 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00699160 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00034072 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00122648 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00061720 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00025880 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00024856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021784 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00027928 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00024856 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00026392 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00034584 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00021272 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00020760 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00020248 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00019736 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 00024344 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-02-27 16:21 - 2015-02-27 16:21 - 01501976 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
 
==================== Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2013-08-22 15:25 - 2016-08-28 19:29 - 00000826 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "ConnectionCenter"
HKLM\...\StartupApproved\Run32: => "Redirector"
HKU\S-1-5-21-2849808214-2652306205-950976280-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FBF66D6D-757F-471A-8D18-3B7E37CAE63B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{8FC9DEE7-DFC1-443B-A4B5-98A2A8A84BCD}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{9042F818-D3C9-4718-B463-B0B2E242B82A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6158875D-9F61-4656-8594-4AA1C1004FDF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29A850BD-0A1F-4404-838D-E66DC6E3A8F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{D366B73F-E87F-470C-9BA6-7111638AF2AF}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{57E19CA4-C594-4CD6-B150-BE8811A89BF5}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{5FDD7754-C635-4D94-A97C-A692789A1AA0}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [UDP Query User{1D9DFC54-4B2F-4F58-99D3-B5B18FC105F7}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [TCP Query User{F0B838D3-B970-452F-A76D-C87B8EF57A06}C:\program files\ibm\spss\statistics\22\stats.exe] => (Allow) C:\program files\ibm\spss\statistics\22\stats.exe
FirewallRules: [UDP Query User{9F87E56A-D27F-49ED-ACDC-4F36887F989F}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [TCP Query User{06D4DCFF-902C-4D6D-9F47-E144ABC85A94}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe
FirewallRules: [{973B400D-D008-46C4-8FD0-ED4337AD526A}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{3F10A4A4-A62B-431B-ABF7-BF72EF0B3601}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com
FirewallRules: [{7ACCD2E1-BFF7-4118-90E1-457BD0CC611B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{82D805FF-5258-4B0C-84F1-66F38E267039}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe
FirewallRules: [{F8037E8F-4C7B-4E90-AB2D-2F383C5CBB24}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{71A3EB08-69BD-4F2A-B761-5AB341097886}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe
FirewallRules: [{3CD3741C-B41E-4E1B-B012-2177AB4F9A22}] => (Allow) C:\Users\Shoaib\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{740B6055-0519-45F4-A06D-6ACA00EA7352}] => (Allow) C:\Users\Shoaib\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{057BB99D-B3F8-425B-BDF9-42C73CB95866}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2155D2C9-C706-4C83-BE7F-D31C9FCFF69B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AC78C03B-767D-4548-9DAF-601B6CCBCBAC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CB59DD64-0A59-4EDF-A3A1-D446CFC1AD8E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D1A66B96-5ED5-46F9-8FC1-A8D52423FA76}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{C869F708-9DC3-4CE8-8622-7313910D1F06}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{72D62A15-BF57-46F4-9789-41C35A33A3A1}C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [UDP Query User{D446639E-0056-4F0D-B4BD-6E94881A0927}C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.272\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [TCP Query User{EE920A78-58A0-4EE5-A249-2F164B9CEF48}C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [UDP Query User{6EB9340B-CC6F-42B1-A072-6F8944143E25}C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe] => (Allow) C:\users\shoaib\appdata\local\temp\rar$exa0.395\tl-wpa2220_v1_utility\powerline scan.exe
FirewallRules: [TCP Query User{E1C2A8E5-E1D1-453D-BC8E-9F030A63D9E9}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{2563A449-43A1-4EAF-BECB-DAB20F9E8EC6}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{29F16D48-7043-4A9B-A702-A63395A596E7}] => (Allow) C:\Users\Shoaib\AppData\Local\Temp\nswEB10.tmpMoboInstall\mobogenieP2sp.exe
FirewallRules: [{DE9F01F7-5890-42D0-B481-6520475950C4}] => (Allow) C:\Users\Shoaib\AppData\Local\Temp\nswEB10.tmpMoboInstall\mobogenieP2sp.exe
FirewallRules: [TCP Query User{3787780F-CB56-49E3-A9C9-2DAC25D6BAE2}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{7486607F-B838-448C-94A6-EA65622AFC42}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [{1A122739-F1C0-4ECA-9568-525ABBD54674}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{CD7725DE-6E22-4434-BF97-3DF8D2BD268D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{38636908-228A-44D1-B38F-1573D71689B6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{45D7761C-C56E-46FF-9923-A4C13578EE99}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{541D20B1-BCC1-4A2E-880D-CF81690E85F6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{E0275181-7B44-4297-A008-13E9D52C3529}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{0BF73C15-740E-4C34-B1FF-1A4E41ADC01F}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{B302DD0E-09F4-4033-8BEF-7C8591AA0D66}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8715EB20-E05D-41B1-B7D2-36506C48D0FC}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E65D1F80-3E06-4FEE-9531-02E3A98F6F41}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{AFF2665C-613A-4952-9589-D532D8BEEF7A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{21A1E4E5-995E-4189-A5D2-D309EA9C47B4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C793E07E-B1A9-42E8-9B06-D8AB573744BD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E5FC6609-50C7-44B9-BEE9-5AF2AA4C477D}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{AB974D97-0A8E-447A-9F88-D15C76F7273E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{CD76D802-E1F5-4E07-AFEF-18F47CBABF68}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9968749A-D44E-41E7-87C0-BA43F9E0BE70}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
 
==================== Herstelpunten =========================
 
AANDACHT: Systeemherstel is uitgeschakeld
 
==================== Defecte Apparaatbeheer Apparaten =============
 
Name: 
Description: 
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: 
Service: 
Problem: : Reinstall the drivers for this device. (Code 18)
Resolution: The drivers for this device must be reinstalled.
 Click "Update Driver", which starts the Hardware Update wizard.
Alternately, uninstall the driver, and then click "Scan for hardware changes" to reload the drivers.
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (10/22/2016 08:00:34 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: Shoaib)
Description: Kan toepassing of service 'Office Telemetry Agent' niet afsluiten.
 
Error: (10/22/2016 07:51:39 PM) (Source: SideBySide) (EventID: 35) (User: )
Description: Kan activeringscontext voor 'C:\Program Files (x86)\Microsoft Office\root\Office16\lync.exe.Manifest' niet maken. Fout in manifest of beleidsbestand 'C:\Program Files (x86)\Microsoft Office\root\Office16\UccApi.DLL op regel 1.
Onderdeel-id in manifest komt niet overeen met de id van het gevraagde onderdeel.
Verwijzing is UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definitie is UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Gebruik sxstrace.exe voor gedetailleerde diagnose.
 
Error: (10/21/2016 06:11:15 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
 
Error: (10/20/2016 10:21:15 PM) (Source: MsiInstaller) (EventID: 11307) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 1307. SA_Error1307: StandardAction(0xC007051B): There is not enough disk space to install this file: C:\Program Files (x86)\AVG\Av\avgntopensslx.dll. Free some disk space and click Retry, or click Cancel to exit.
 
Error: (10/20/2016 05:34:54 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: De openprocedure voor de BITS-service in DLL-bestand C:\Windows\System32\bitsperf.dll is mislukt. Prestatiemetergegevens voor deze service zijn niet beschikbaar. De eerste vier bytes (DWORD) in de sectie Gegevens bevatten de foutcode.
 
Error: (10/19/2016 03:04:01 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {D9E5A956-1F91-4EF2-B6CD-C93F0F5D5E87}
 
Error: (10/19/2016 03:04:01 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {D9E5A956-1F91-4EF2-B6CD-C93F0F5D5E87}
 
Error: (10/19/2016 11:21:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Shoaib)
Description: Het activeren van de app Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen is mislukt door de fout -2147023170. Kijk in het logboek Microsoft-Windows-TWinUI/Operational voor aanvullende informatie.
 
Error: (10/19/2016 10:18:39 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5560FE3E-9B4F-44BB-AF4D-4CB111E4C49A}
 
Error: (10/19/2016 10:18:39 AM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x803D0010; CorrelationId: {5560FE3E-9B4F-44BB-AF4D-4CB111E4C49A}
 
 
Systeemfouten:
=============
Error: (10/22/2016 07:53:27 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
 
Error: (10/22/2016 07:38:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Host synchroniseren_63440e-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 10000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/22/2016 07:33:37 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: De server {784E29F4-5EBE-4279-9948-1E8FE941646D} heeft zich niet binnen de vereiste termijn bij DCOM geregistreerd.
 
Error: (10/22/2016 07:33:32 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Servicebesturingsbeheer heeft na het onverwachte afsluiten van de Windows Search-service geprobeerd een herstelactie (Service opnieuw starten) uit te voeren, maar deze actie is met de volgende fout mislukt: 
De service is al gestart.
 
Error: (10/22/2016 07:33:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De AVG Firewall-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.
 
Error: (10/22/2016 07:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De AVG WatchDog-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 0 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/22/2016 07:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Windows Search-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 30000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/22/2016 07:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De Apple Mobile Device Service-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 60000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
Error: (10/22/2016 07:33:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De TConnectSchedulerService-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd.
 
Error: (10/22/2016 07:33:02 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: De TeamViewer 10-service is onverwacht gestopt. Dit is 1 keer gebeurd. De volgende herstelbewerking zal over 2000 milliseconden worden uitgevoerd: Service opnieuw starten.
 
 
CodeIntegrity:
===================================
  Date: 2016-10-22 20:02:32.401
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-20 21:33:27.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-15 10:04:56.275
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 23:32:57.252
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 20:31:07.558
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-10-13 13:04:47.512
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 19:56:56.070
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-23 14:47:26.977
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-23 10:40:54.152
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-22 19:54:09.467
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Geheugen info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage geheugen in gebruik: 51%
Totaal fysiek RAM-geheugen: 4016.04 MB
Beschikbaar fysiek RAM-geheugen: 1932.19 MB
Totaal Virtueel geheugen: 4720.04 MB
Beschikbaar Virtual geheugen: 2425.09 MB
 
==================== Schijven ================================
 
Drive c: (Windows) (Fixed) (Total:112.18 GB) (Free:4.77 GB) NTFS
Drive d: () (Removable) (Total:62.5 GB) (Free:62.49 GB) exFAT
 
==================== MBR & Partitietabel ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 65FA8504)
 
Partition: GPT.
 
========================================================
Disk: 1 (Size: 62.5 GB) (Disk ID: 008FACB3)
Partition 1: (Active) - (Size=62.5 GB) - (Type=07 NTFS)
 
==================== Eind van Addition.txt ============================


#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 22 October 2016 - 02:09 PM

I don't see any traces of the infection anymore. Did you need assistance with other malware-related issues, or was it everything?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 25 October 2016 - 07:37 AM

Hi Afgs,

Are you still with me?

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#10 Afgs1993

Afgs1993
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 25 October 2016 - 07:45 AM

Hey Aura,

Thank you for you help. Dont need anything else. Have a nice day!

#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 25 October 2016 - 07:49 AM

Awesome!

Since I don't see traces of infection in your logs anymore, and you just confirmed me that there are no other issues to address, I guess we're done here. We'll just run DelFix to delete the tools and logs that were used in this clean-up.

BWuhenj.pngDelFix
Follow the instructions below to download and execute DelFix.
  • Download DelFix and move the executable to your Desktop;
  • Right-click on DelFix.exe and select Spcusrh.pngRun as Administrator (for Windows Vista, 7, 8, 8.1 and 10 users);
  • Check the following options :
    • Activate UAC;
    • Remove disinfection tools;
    • Create registry backup;
    • Purge system restore;
    • Reset system settings;
  • Once all the options mentionned above are checked, click on Run;
  • After DelFix is done running, a log will open. Please copy/paste the content of the output log in your next reply;
Qt25440.pngTips, tricks, advice and recommendations

Now it's time to give you some tips, tricks, advice and recommendations on how to protect your system and prevent you from being infected in the future. This is where I'll explain basic security measures that you should take to protect and harden your system, and also make sure it stays as safe and secure as possible against hackers and malware. You are free to ignore the recommendations listed below, although I obviously do not recommend it. If you have any questions about one of the points covered in the speech below, feel free to ask me your questions here directly so I can answer them and guide you.

Windows Updates

Keeping Windows up to date is one of the first steps in having a safe and secure system. The Security Updates that Windows receives are meant to fix exploits and flaws in it that makes it more secure and not exploitable by hackers. In order to do that, you should always install the Security Updates, known as "Important Updates" on your Windows system. These updates are released on the second Tuesday of every month, but some are also released before if they are emergency/critical Security Updates. Let's make sure that you have all your Important Updates and Recommended Updates installed and that your Windows Updates are set to be installed automatically.Keeping your programs up-to-date

Like keeping Windows updated, keeping your installed programs up-to-date is another important step in having a safe and secure system. Outdated programs can be exploited by hackers and malware to infect a system and take it over. This is especially true today with the rise of Exploit Kits which is one of the biggest attack vectors to distribute malware. Therefore, you should always keep vulnerable programs like Adobe Flash Player, Adobe Shockwave Player, Java, Silverlight, etc. updated to their most recent version (even better, you don't have to install them if you don't use them). Programs like eLDnJfI.pngSecuniaPSI and dqVs5wj.pngHeimdal Free will scan your system for outdated programs, and help you identify them, as well as update them.

Antivirus, Antimalware, Firewall and Anti-Exploit/Ransomware

Having a decent security setup (led by an Antivirus) is the most crucial step to protect a system. These programs are a layer of defence that will prevent a system from being infected, or if it somehow ends up infected, help mitigate the infection and remediate it. Ideally, you should have on your system one Antivirus (never more than one installed at the time), one Antimalware (you can install multiple of these, assuming they do not conflict with each other and the other security programs installed), one Firewall and if you wish, one Anti-Exploit and/or Anti-Ransomware (since Ransomware are currently the most dangerous threat around and it can hit anywhere). Here are a few programs worth checking out if you don't have one yet.

Note: The programs listed below are all free to use or they have some sort of trial. Some of them have a paid version that provides more features, while a lot of other good programs only have a paid version but aren't listed there (such as Kaspersky and ESET Antivirus products).

AntivirusAntimalwareFirewall
Starting in Windows Vista, the Windows Firewall greatly improved and will satisfy the needs of most users. If you do not have an Internet Suite Antivirus program (which includes a firewall) and you want to use a 3rd party firewall, you can consider the options below.
  • 7p3JzTS.pngGlassWire - Has both a free and paid version (with different packages);
  • MQIMh6k.pngWindows Firewall Control - Gives you more control over your Windows Firewall;
  • 5RXGshU.pngTinyWall - Lightweight firewall implementing the Windows Firewall and giving you more control over it;
Anti-Exploit/Anti-RansomwareWeb Browsers and Web Browsing

Web Browsers could be considered as the closest door between a malware and your system. This is where most malware goes through to infect a system, and therefore it should be the program(s) you want to secure the most. There are two ways of going about it: hardening your web browser via extensions, and having good browsing habits.

Hardening your web browser means to install extensions that will help it protect itself (and your system on the same occasion) against Exploit Kits, MiTM attacks, etc. but also you at the same time. Here are a few extensions that I recommend you to install.
  • uBlock Origin: Efficient multi-purpose blocker that is lightweight on RAM and CPU usage (Google Chrome and Mozilla Firefox, called uBlock on Opera);
  • HTTPS Everywhere: Extension that converts your HTTP (unencrypted) requests to HTTPS (encrypted) ones (Google Chrome, Mozilla Firefox and Opera);
  • Web of Trust: Website reputation, rating and review extension that will help you quickly identify bad and suspicious sites from good ones (every web browsers);
  • NoScript: NoScript is a script blocker (Java, Flash, JavaScript, etc.) for Mozilla Firefox and Firefox-based browsers (Mozilla Firefox and Firefox-based web browsers);
  • uMatrix: For advanced users, a point and click matrix-like extensions that allow you to control requests done on a webpage (based on source, destination and type) (Google Chrome, Mozilla Firefox and Opera);
  • LastPass: Secure password manager allowing you to create, manage, and use passwords you save in your LastPass account (every web browser);
As for safe browsing habits, you can find tons of guides, tutorials, articles, etc. online that will highlight the basics you need to follow (only visit websites you trust, do not click on ads, do not download files from untrusted sources, use a password manager, always verify the URL of a website and make sure it's correctly typed, etc.), and even what you can do if you want to take it a step further (create a fake email address for spam emails, browse the web in a privacy mode, etc.). Here are a few:As you can see, there are plenty of resources out there. Simply Googling "good browsing habits" or "safe browsing habits" should allow you to find a lot of them.

Other recommendations

Even if you follow every recommendation that I listed here, in the end, it's also your job to be careful when browsing the web and downloading files if you don't want to get infected. Therefore, if you use your brain (common sense) when browsing the web, downloading programs and files, etc., you have far less chances to get infected by a malware. If for example you're not sure if a website is legitimate or not, or if a file is safe to download and execute, or if a program looks "too good" to be free, I suggest you to avoid going to that website, downloading that file or using that program.

Here are a few guides, tutorials, articles, etc. that you could read in order to learn more about computer protection and security to improve your current computer protection setup but also improve your good web browsing and computer usage practices :gRvSooB.pngThe End!

And that's it! Now that you know more about how to protect your computer and secure it, you're good to go back to your online activities, but in a safe and secure way! You are also free to stay on BleepingComputer and ask for help in different topics if you ever need to. Just make sure that you post your question/issue in the right section to get the best assistance possible. And if you ever get infected again (which I hope you wont!), you can always comeback in this section to get another checkup with one of our trained malware removal member.

Do you have any questions before I close this thread? :)

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 Afgs1993

Afgs1993
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:08:23 PM

Posted 25 October 2016 - 11:20 AM

Dear Aura,

 

Hereby my results. I have AVG Internet Security as a anti virus program, is that a good anti virus programme or should i use avast or avira instead?

 

# DelFix v1.013 - Logfile created 25/10/2016 at 18:18:02
# Updated 17/04/2016 by Xplode
# Username : Shoaib - SHOAIB
# Operating System : Windows 10 Pro  (64 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Shoaib\Downloads\Addition.txt
Deleted : C:\Users\Shoaib\Downloads\Fixlog.txt
Deleted : C:\Users\Shoaib\Downloads\FRST.txt
Deleted : C:\Users\Shoaib\Downloads\FRST64 (1).exe
Deleted : C:\Users\Shoaib\Downloads\FRST64.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########


#13 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 25 October 2016 - 11:21 AM

If you paid for it, then keep it and wait for the licence to expire before shopping for a new Antivirus. Personally, I don't really like AVG due to their shady practices of collecting user data and selling them to 3rd party and also pushing a lot of useless PUPs on users' system (like AVG PC TuneUp, SecureSearch, etc.).

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,480 posts
  • ONLINE
  •  
  • Gender:Male
  • Local time:02:23 PM

Posted 28 October 2016 - 06:50 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users