Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

'Files missing' in windows 8.1, computer freezes + BSOD Kernel Data Inpage Error


  • This topic is locked This topic is locked
20 replies to this topic

#1 quiescentials

quiescentials

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 02 October 2017 - 01:10 PM

I've been redirected here from this topic: https://www.bleepingcomputer.com/forums/t/657411/windows-81-suddenly-freezes-all-the-time/

 

For the past few weeks I'm experiencing my computer freezing up for a few seconds at the time. For example, I will type something in Word and it will freeze for a few seconds and then show me what I've typed. Same goes for Google Chrome, InDesign, etc. It also happens when switching tabs or opening the start menu. It will freeze a few seconds, then resume. When I open task manager I can see the 'disk'  column go up to 100 even though none of the processes go past 0.1 mb. Then it goes down again for a while and it climbs up to 100 again, even though I'm doing nothing and the processes stay the same. 

 

Moreover, I cannot download new apps in the appstore because I'm missing files. Same goes for trying to do a system restore or go back to factory settings: It always says files are missing from Windows. 

 

I have also been experiencing BSOD saying 'Kernel Date Inpage Error'. 

 

FRST LOG:

--------------------------------------

Scanresultaten van Farbar Recovery Scan Tool (FRST) (x64) Versie: 02-10-2017
Gestart door Tjitske (Beheerder) op LT-294628 (02-10-2017 19:39:52)
Gestart vanaf C:\Users\Eigenaar\Desktop
Geladen Profielen: Tjitske (Beschikbare Profielen: Tjitske & Tjitske_2)
Platform: Windows 8.1 (Update) (X64) Taal: Nederlands (Nederland)
Internet Explorer Versie 11 (Standaardbrowser: Chrome)
Boot Modus: Normal
 
==================== Processen (gefilterd) =================
 
(Als een item is opgenomen in de fixlist, het proces zal worden gesloten. Het bestand zal niet worden verplaatst.)
 
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Fork, Ltd.) C:\Windows\Prey\wpxsvc.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Green Eclipse) C:\Program Files (x86)\StickyPad\StickyPad.exe
(Spotify Ltd) C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Register (gefilterd) ===========================
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd. Het bestand zal niet worden verplaatst.)
 
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-15] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-11-28] (Qualcomm®Atheros®)
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [Sticky Pad] => C:\Program Files (x86)\StickyPad\StickyPad.exe [516153 2013-02-08] (Green Eclipse)
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [Spotify Web Helper] => C:\Users\Eigenaar\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1579120 2017-09-11] (Spotify Ltd)
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9856176 2017-09-23] (Piriform Ltd)
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\MountPoints2: {740a4379-6ddd-11e7-82f0-0c54a55bd23e} - "E:\Autorun.exe" 
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\MountPoints2: {975dd30d-1e2c-11e4-8259-6002b44675c4} - "E:\iLinker.exe" 
 
==================== Internet (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, als het een registry item is wordt verwijderd of hersteld naar de standaard.)
 
Tcpip\Parameters: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{58222378-E0BE-461D-AE58-216A8098A386}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{58222378-E0BE-461D-AE58-216A8098A386}: [DhcpNameServer] 89.101.251.228 89.101.251.229
Tcpip\..\Interfaces\{9952D8D6-62D3-4B0F-B2D4-1051F677F20D}: [DhcpNameServer] 192.168.0.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-857772458-488675974-1936586719-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-857772458-488675974-1936586719-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-16] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-09-15] (AVAST Software)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-16] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-09-16] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-09-15] (AVAST Software)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-16] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\u053du98.default [2017-10-02]
FF DefaultSearchUrl: Mozilla\Firefox\Profiles\u053du98.default -> hxxps://www.google.com/search
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\u053du98.default -> Google
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\u053du98.default -> Google
FF Homepage: Mozilla\Firefox\Profiles\u053du98.default -> about:home
FF Keyword.URL: Mozilla\Firefox\Profiles\u053du98.default -> hxxps://www.google.com/search
FF Extension: (Avira Browser Safety) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\u053du98.default\Extensions\abs@avira.com.xpi [2017-10-02]
FF Extension: (Avast SafePrice) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\u053du98.default\Extensions\sp@avast.com.xpi [2017-09-15]
FF Extension: (Avast Online Security) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\u053du98.default\Extensions\wrc@avast.com.xpi [2017-09-15]
FF Extension: (Adblock Plus) - C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\u053du98.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-08-23]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => niet gevonden
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => niet gevonden
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-16] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-08-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [Geen bestand]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2017-08-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.nl/"
CHR Session Restore: Default -> is ingeschakeld.
CHR Profile: C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default [2017-10-02]
CHR Extension: (Google Presentaties) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-02]
CHR Extension: (Google Documenten) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09]
CHR Extension: (Google Drive) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-26]
CHR Extension: (Google Search) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-16]
CHR Extension: (Google Spreadsheets) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Offline Documenten) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-28]
CHR Extension: (AdBlock) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-09-25]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-10-02]
CHR Extension: (Avast Online Security) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-16]
CHR Extension: (Universe) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\igcicgpahfpikagbhofhehldknadneld [2017-10-02]
CHR Extension: (YouTube) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm [2015-09-27]
CHR Extension: (Google Hangouts) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl [2017-05-13]
CHR Extension: (Save as PDF) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpdjmbiefanbdgnkcikhllpmjnnllbbc [2017-10-02]
CHR Extension: (Google Search) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfpjmkngecpnnajkmdhplmeoelenkpgk [2016-11-01]
CHR Extension: (Betalingen via Chrome Web Store) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Gmail) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-21]
CHR Extension: (Chrome Media Router) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-26]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (gefilterd) ====================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2257016 2017-08-23] (Adobe Systems, Incorporated)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-15] (AVAST Software s.r.o.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-11-28] (Windows ® Win 7 DDK provider) [Bestand niet getekend]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-15] (AVAST Software)
R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2015-04-12] (Fork, Ltd.) [Bestand niet getekend]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
 
===================== Drivers (gefilterd) ======================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [320528 2017-09-15] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [198976 2017-09-15] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [343296 2017-09-15] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [57736 2017-09-15] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [47016 2017-09-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [147784 2017-09-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [110376 2017-09-15] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [84416 2017-09-15] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1016384 2017-09-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [590880 2017-09-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [199312 2017-09-19] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [361784 2017-09-26] (AVAST Software)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-28] (Qualcomm Atheros)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 F5D5055; C:\Windows\system32\DRIVERS\F5D5055.sys [56832 2009-10-20] (Belkin)
S2 hardlock; C:\Windows\system32\drivers\hardlock.sys [323584 2012-10-06] (SafeNet Inc.)
R0 PRTDRV; C:\Windows\System32\Drivers\PRTDRV.sys [34088 2013-10-14] (Psychology Software Tools)
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
 
==================== NetSvcs (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
 
==================== Een Maand Aangemaakt bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2017-10-02 19:39 - 2017-10-02 19:40 - 000021859 _____ C:\Users\Eigenaar\Desktop\FRST.txt
2017-10-02 19:39 - 2017-10-02 19:39 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-10-02 19:01 - 2017-10-02 19:01 - 002399744 _____ (Farbar) C:\Users\Eigenaar\Desktop\FRST64.exe
2017-10-02 17:09 - 2017-10-02 17:09 - 000000207 _____ C:\Windows\tweaking.com-regbackup-LT-294628-Windows-8.1-(64-bit).dat
2017-10-02 17:09 - 2017-10-02 17:09 - 000000000 ____D C:\RegBackup
2017-10-02 15:02 - 2017-10-02 15:02 - 000262144 _____ C:\Windows\Minidump\100217-24781-01.dmp
2017-10-02 14:17 - 2017-10-02 14:17 - 000000000 __SHD C:\found.001
2017-10-02 14:08 - 2017-10-02 19:05 - 000000000 ___HD C:\Users\Public\Documents\AdobeGC
2017-10-02 14:06 - 2017-10-02 14:06 - 000285136 _____ C:\Windows\Minidump\100217-5390-01.dmp
2017-09-28 21:32 - 2017-10-02 18:57 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\PackageStaging
2017-09-28 20:51 - 2017-09-28 20:51 - 000262144 _____ C:\Windows\Minidump\092817-35500-01.dmp
2017-09-28 18:34 - 2017-09-28 18:34 - 000000000 ____D C:\Users\Eigenaar\Desktop\tweaking.com_windows_repair_aio
2017-09-28 18:32 - 2017-09-28 18:34 - 036632239 _____ C:\Users\Eigenaar\Desktop\tweaking.com_windows_repair_aio.zip
2017-09-28 18:18 - 2017-09-28 18:18 - 000010192 ____N C:\bootsqm.dat
2017-09-28 14:53 - 2017-09-28 14:53 - 000000000 ____D C:\Users\Eigenaar\Desktop\Archief
2017-09-28 14:53 - 2017-09-28 14:30 - 000823226 _____ C:\Users\Eigenaar\Desktop\Archief.zip
2017-09-28 11:19 - 2017-09-28 13:22 - 000000000 ____D C:\ESD
2017-09-28 11:18 - 2017-09-28 11:18 - 000000000 ___HD C:\$Windows.~WS
2017-09-28 11:18 - 2017-09-28 11:18 - 000000000 ____D C:\$WINDOWS.~BT
2017-09-28 11:09 - 2017-09-28 11:10 - 018357776 _____ (Microsoft Corporation) C:\Users\Eigenaar\Desktop\MediaCreationTool.exe
2017-09-28 11:05 - 2017-09-28 11:05 - 000000881 _____ C:\Users\Eigenaar\Downloads\Documenten - Snelkoppeling.lnk
2017-09-28 11:03 - 2017-09-28 11:03 - 000000638 _____ C:\Users\Eigenaar\Desktop\ProduKey.cfg
2017-09-28 11:03 - 2017-04-10 12:27 - 000129744 _____ (NirSoft) C:\Users\Eigenaar\Desktop\ProduKey.exe
2017-09-28 11:03 - 2017-04-10 12:27 - 000017708 _____ C:\Users\Eigenaar\Desktop\ProduKey.chm
2017-09-28 11:03 - 2017-04-10 12:27 - 000017399 _____ C:\Users\Eigenaar\Desktop\readme.txt
2017-09-28 11:02 - 2017-09-28 11:02 - 000080011 _____ C:\Users\Eigenaar\Desktop\produkey-x64.zip
2017-09-28 10:39 - 2017-09-28 10:39 - 000000938 _____ C:\Users\Eigenaar\Desktop\HD Tune.lnk
2017-09-28 10:26 - 2017-09-28 10:26 - 000285136 _____ C:\Windows\Minidump\092817-4937-01.dmp
2017-09-27 10:06 - 2017-09-27 10:06 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe InDesign CC 2017.lnk
2017-09-27 10:01 - 2017-09-27 10:01 - 000003508 _____ C:\Windows\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-tjitske.kingma@outlook.com
2017-09-27 09:17 - 2017-10-02 15:09 - 000000000 ___RD C:\Users\Eigenaar\Creative Cloud Files
2017-09-27 09:17 - 2017-09-27 09:17 - 000001241 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2017-09-27 09:17 - 2017-09-27 09:17 - 000001229 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2017-09-27 02:33 - 2017-09-27 02:33 - 000285192 _____ C:\Windows\Minidump\092717-5109-01.dmp
2017-09-27 00:43 - 2017-09-27 00:46 - 000000000 ____D C:\Users\Eigenaar\Desktop\AdobeCC-2015-64-bit
2017-09-27 00:40 - 2017-09-27 10:02 - 000000600 _____ C:\Users\Eigenaar\Documents\MuseLog.txt
2017-09-26 23:53 - 2017-09-26 23:53 - 000000000 ____D C:\Users\Public\Documents\Adobe
2017-09-26 23:53 - 2017-09-26 23:53 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2017-09-26 23:53 - 2017-09-26 23:53 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\chc
2017-09-26 23:48 - 2017-09-27 10:07 - 000000000 ___HD C:\adobeTemp
2017-09-26 23:46 - 2017-09-27 00:06 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-857772458-488675974-1936586719-1002
2017-09-26 23:44 - 2017-09-26 23:44 - 000000000 ____D C:\Users\Tjitske_2\AppData\LocalLow\Adobe
2017-09-26 23:44 - 2017-09-26 23:44 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\CrashDumps
2017-09-26 23:43 - 2017-09-26 23:43 - 000000000 ____D C:\Users\Tjitske_2\AppData\Roaming\ClassicShell
2017-09-26 23:43 - 2017-09-26 23:43 - 000000000 ____D C:\Users\Tjitske_2\AppData\Roaming\AVAST Software
2017-09-26 23:43 - 2017-09-26 23:43 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\CEF
2017-09-26 23:43 - 2014-08-06 09:29 - 000002170 _____ C:\Users\Tjitske_2\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk
2017-09-26 23:42 - 2017-09-26 23:43 - 000000000 ____D C:\Users\Tjitske_2\OneDrive
2017-09-26 23:41 - 2017-09-26 23:44 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\Adobe
2017-09-26 23:41 - 2017-09-26 23:41 - 000000000 ____D C:\Users\Tjitske_2\AppData\Roaming\Atheros
2017-09-26 23:40 - 2017-09-26 23:44 - 000000000 ____D C:\Users\Tjitske_2\AppData\Roaming\Adobe
2017-09-26 23:40 - 2017-09-26 23:42 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\Packages
2017-09-26 23:40 - 2017-09-26 23:40 - 000001430 _____ C:\Users\Tjitske_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2017-09-26 23:40 - 2017-09-26 23:40 - 000000000 __SHD C:\Users\Tjitske_2\IntelGraphicsProfiles
2017-09-26 23:40 - 2017-09-26 23:40 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\VirtualStore
2017-09-26 23:40 - 2017-09-26 23:40 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\Google
2017-09-26 23:38 - 2017-09-28 18:41 - 000000000 ____D C:\Users\Tjitske_2
2017-09-26 23:38 - 2017-09-26 23:38 - 000000020 ___SH C:\Users\Tjitske_2\ntuser.ini
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Sjablonen
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Netwerkprinteromgeving
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Mijn documenten
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Menu Start
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Documents\Mijn video's
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Documents\Mijn muziek
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\Documents\Mijn afbeeldingen
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programma's
2017-09-26 23:38 - 2017-09-26 23:38 - 000000000 _SHDL C:\Users\Tjitske_2\AppData\Local\Geschiedenis
2017-09-26 23:38 - 2014-08-14 16:45 - 000000000 ____D C:\Users\Tjitske_2\AppData\Local\Microsoft Help
2017-09-26 23:38 - 2014-08-06 09:25 - 000000000 ____D C:\Users\Tjitske_2\AppData\Roaming\Macromedia
2017-09-26 23:38 - 2014-02-22 06:37 - 000000369 _____ C:\Users\Tjitske_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2017-09-26 23:38 - 2014-02-22 06:37 - 000000369 _____ C:\Users\Tjitske_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2017-09-26 23:37 - 2017-09-27 00:14 - 000000000 ___RD C:\Users\Eigenaar\Creative Cloud Files (archived) (3)
2017-09-26 23:34 - 2017-09-26 23:34 - 000000000 ____D C:\Users\Eigenaar\Documents\Bluetooth Folder
2017-09-26 22:47 - 2017-09-26 22:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Flash Builder 4.7
2017-09-26 22:46 - 2017-09-26 22:46 - 000000000 ____D C:\Users\Eigenaar\Adobe Flash Builder 4.7
2017-09-26 22:39 - 2017-09-26 22:39 - 000001000 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Muse CC 2015.lnk
2017-09-26 22:26 - 2017-09-26 22:26 - 007322728 _____ (Adobe System Incorporated.) C:\Users\Eigenaar\Desktop\AdobeCreativeCloudCleanerTool.exe
2017-09-26 22:13 - 2017-10-02 19:18 - 000004738 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for LT-294628-Tjitske LT-294628
2017-09-26 21:58 - 2017-09-26 21:58 - 011850480 _____ (Microsoft Corporation) C:\Users\Eigenaar\Desktop\proofingtools_en-us-x64.exe
2017-09-26 13:53 - 2017-09-26 13:53 - 000085613 _____ C:\Users\Eigenaar\Downloads\Definitieveberekeningtoeslagen.pdf
2017-09-26 13:53 - 2017-09-26 13:53 - 000085435 _____ C:\Users\Eigenaar\Desktop\Definitieveberekeningtoeslagen.pdf
2017-09-26 12:43 - 2017-09-26 12:43 - 000000000 ____D C:\Users\Eigenaar\Desktop\Saves
2017-09-23 18:42 - 2017-09-28 11:03 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-23 18:42 - 2017-09-28 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-09-23 18:42 - 2017-09-28 11:03 - 000000000 ____D C:\Program Files\WinRAR
2017-09-23 18:41 - 2017-09-23 18:41 - 002549872 _____ C:\Users\Eigenaar\Desktop\winrar-x64-550nl.exe
2017-09-23 18:40 - 2017-09-23 18:48 - 388420080 _____ C:\Users\Eigenaar\Desktop\Audio_Realtek_6.0.1.7027_W81x64_A.zip
2017-09-21 22:44 - 2017-09-21 22:44 - 006754944 _____ (ESET spol. s r.o.) C:\Users\Eigenaar\Desktop\esetonlinescanner_enu.exe
2017-09-21 22:42 - 2017-09-21 22:42 - 000001605 _____ C:\Users\Eigenaar\Desktop\JRT.txt
2017-09-21 22:39 - 2017-09-21 22:39 - 001790024 _____ (Malwarebytes) C:\Users\Eigenaar\Desktop\JRT.exe
2017-09-21 22:30 - 2017-09-21 22:30 - 000110975 _____ C:\Users\Eigenaar\Desktop\TDSS.txt
2017-09-21 22:25 - 2017-09-21 22:31 - 000222040 _____ C:\TDSSKiller.3.1.0.15_21.09.2017_22.25.06_log.txt
2017-09-21 22:24 - 2017-09-21 22:25 - 004922400 _____ (AO Kaspersky Lab) C:\Users\Eigenaar\Desktop\tdsskiller.exe
2017-09-21 22:23 - 2017-09-21 22:24 - 004830473 _____ C:\Users\Eigenaar\Desktop\tdsskiller.zip
2017-09-21 22:23 - 2017-09-21 22:23 - 000035013 _____ C:\Users\Eigenaar\Desktop\Result.txt
2017-09-21 22:15 - 2017-09-21 22:21 - 000035013 _____ C:\Users\Eigenaar\Desktop\MTB.txt
2017-09-21 22:14 - 2017-09-21 22:14 - 000892416 _____ (Farbar) C:\Users\Eigenaar\Desktop\MiniToolBox.exe
2017-09-16 16:13 - 2017-09-16 16:13 - 000097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-09-16 14:26 - 2017-09-28 10:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2017-09-16 14:26 - 2017-09-28 10:39 - 000000000 ____D C:\Program Files (x86)\HD Tune
2017-09-16 14:25 - 2017-09-16 14:25 - 000642632 _____ (EFD Software ) C:\Users\Eigenaar\Desktop\hdtune_255.exe
2017-09-16 14:03 - 2017-10-02 15:02 - 438337182 _____ C:\Windows\MEMORY.DMP
2017-09-16 14:03 - 2017-09-16 14:03 - 000285136 _____ C:\Windows\Minidump\091617-10390-01.dmp
2017-09-15 21:11 - 2017-09-19 10:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-09-15 21:11 - 2017-09-15 21:11 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-15 21:11 - 2017-09-15 21:11 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-09-15 21:10 - 2017-09-15 21:11 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-09-15 21:10 - 2017-09-15 21:10 - 000000000 ____D C:\Windows\PCHEALTH
2017-09-15 21:09 - 2017-09-15 21:09 - 000000000 __RHD C:\MSOCache
2017-09-15 21:09 - 2017-09-15 21:09 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2017-09-15 21:09 - 2017-09-15 21:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-15 21:09 - 2017-09-15 21:09 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-09-15 21:05 - 2017-09-15 21:06 - 000000000 ____D C:\Users\Eigenaar\Downloads\Microsoft Office Professional Plus 2013
2017-09-15 21:02 - 2017-09-15 21:02 - 000000000 ____D C:\Users\Eigenaar\Documents\Adobe Scripts
2017-09-15 20:33 - 2017-09-15 20:33 - 008182736 _____ (Malwarebytes) C:\Users\Eigenaar\Desktop\AdwCleaner.exe
2017-09-15 19:29 - 2017-09-23 18:58 - 000000000 ____D C:\Program Files\CCleaner
2017-09-15 19:29 - 2017-09-15 19:29 - 009826968 _____ (Piriform Ltd) C:\Users\Eigenaar\Desktop\ccsetup534.exe
2017-09-15 19:29 - 2017-09-15 19:29 - 000002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-09-15 19:29 - 2017-09-15 19:29 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-15 19:29 - 2017-09-15 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-15 17:18 - 2017-09-15 16:16 - 000401488 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-09-15 17:08 - 2017-09-15 17:08 - 000000000 __SHD C:\found.000
2017-09-15 16:17 - 2017-09-28 21:01 - 000004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-09-15 16:17 - 2017-09-26 12:54 - 000361784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-09-15 16:17 - 2017-09-19 17:18 - 000199312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2017-09-15 16:17 - 2017-09-15 17:18 - 000001938 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2017-09-15 16:17 - 2017-09-15 16:17 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\AVAST Software
2017-09-15 16:17 - 2017-09-15 16:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-09-15 16:17 - 2017-09-15 16:16 - 001016384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000590880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000343296 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000320528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000198976 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000147784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000110376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000084416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000057736 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-09-15 16:17 - 2017-09-15 16:16 - 000047016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-09-15 16:13 - 2017-09-15 16:17 - 000000000 ____D C:\ProgramData\AVAST Software
2017-09-15 16:13 - 2017-09-15 16:13 - 000000000 ____D C:\Program Files\AVAST Software
2017-09-15 15:59 - 2017-09-15 15:59 - 000030278 _____ C:\ProgramData\agent.uninstall.1505483951.bdinstall.bin
2017-09-15 15:28 - 2017-09-15 15:28 - 000212519 _____ C:\ProgramData\cl.uninstall.1505481904.bdinstall.bin
2017-09-15 15:26 - 2017-09-15 15:26 - 000036857 _____ C:\ProgramData\dm.uninstall.1505481965.bdinstall.bin
2017-09-14 11:56 - 2015-01-06 05:01 - 000072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2017-09-14 11:56 - 2015-01-06 04:59 - 000080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2017-09-14 11:56 - 2015-01-06 03:12 - 000185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2017-09-14 11:56 - 2015-01-06 03:02 - 000164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2017-09-14 11:56 - 2014-11-15 21:05 - 000801584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2017-09-14 11:56 - 2014-11-15 08:29 - 000962216 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2017-09-14 11:56 - 2014-11-14 08:57 - 001027584 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2017-09-14 11:56 - 2014-11-14 07:03 - 000885760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2017-09-14 11:56 - 2014-11-08 06:00 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2017-09-14 11:56 - 2014-11-08 05:56 - 000048128 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2017-09-14 11:56 - 2014-11-08 05:56 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2017-09-14 11:56 - 2014-11-08 05:56 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2017-09-14 11:56 - 2014-11-08 05:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2017-09-14 11:56 - 2014-11-08 05:13 - 000039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2017-09-14 11:56 - 2014-11-08 05:13 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2017-09-14 11:56 - 2014-11-08 05:13 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2017-09-14 11:56 - 2014-11-08 04:48 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2017-09-14 11:56 - 2014-11-08 04:03 - 000733696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2017-09-14 11:56 - 2014-11-08 03:58 - 004837376 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2017-09-14 11:56 - 2014-11-08 03:49 - 001154048 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2017-09-14 11:56 - 2014-11-05 04:12 - 000211968 _____ (Microsoft Corporation) C:\Windows\system32\QSHVHOST.DLL
2017-09-14 11:56 - 2014-11-05 04:12 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\QSVRMGMT.DLL
2017-09-14 11:56 - 2014-11-05 04:06 - 000514048 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2017-09-14 11:56 - 2014-11-05 03:39 - 000155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSHVHOST.DLL
2017-09-14 11:56 - 2014-11-05 03:39 - 000094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\QSVRMGMT.DLL
2017-09-14 11:56 - 2014-11-05 03:33 - 000465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2017-09-14 11:56 - 2014-11-05 03:14 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\WSDMon.dll
2017-09-14 11:56 - 2014-11-04 21:33 - 000058176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2017-09-14 11:56 - 2014-11-04 08:27 - 000128512 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2017-09-14 11:56 - 2014-11-04 07:01 - 000827392 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2017-09-14 11:56 - 2014-10-21 03:59 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\eventcls.dll
2017-09-14 11:56 - 2014-10-21 03:19 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eventcls.dll
2017-09-14 11:56 - 2014-10-21 02:50 - 000074752 _____ (Microsoft Corporation) C:\Windows\system32\vsstrace.dll
2017-09-14 11:56 - 2014-10-21 02:31 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\vssapi.dll
2017-09-14 11:56 - 2014-10-21 02:31 - 000055296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vsstrace.dll
2017-09-14 11:56 - 2014-10-21 02:20 - 001142272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vssapi.dll
2017-09-14 11:56 - 2014-10-17 06:56 - 000039744 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2017-09-14 11:55 - 2014-11-17 22:17 - 000672984 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2017-09-14 11:55 - 2014-11-14 08:54 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.Handlers.dll
2017-09-14 11:54 - 2015-06-10 00:39 - 000081920 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2017-09-14 11:54 - 2015-06-10 00:39 - 000053248 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2017-09-14 11:54 - 2015-06-10 00:38 - 001201664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2017-09-14 11:49 - 2017-09-15 16:14 - 000000000 ____D C:\Program Files\Intel Driver Update Utility
2017-09-14 11:49 - 2017-09-14 11:49 - 000000000 ____D C:\ProgramData\Intel
2017-09-13 13:34 - 2017-09-14 11:22 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Panda Security
2017-09-13 13:29 - 2017-09-14 11:22 - 000000000 ____D C:\ProgramData\Panda Security
2017-09-13 11:19 - 2017-08-19 19:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 11:19 - 2017-08-19 18:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2017-09-13 11:19 - 2017-08-18 00:07 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2017-09-13 11:19 - 2017-08-18 00:07 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2017-09-13 11:19 - 2017-08-18 00:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2017-09-13 11:19 - 2017-08-18 00:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2017-09-13 11:19 - 2017-08-15 16:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 11:19 - 2017-08-15 16:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-09-13 11:19 - 2017-08-15 16:01 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2017-09-13 11:19 - 2017-08-15 16:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-09-13 11:19 - 2017-08-15 15:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-09-13 11:19 - 2017-08-13 20:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 11:19 - 2017-08-13 19:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 11:19 - 2017-08-13 19:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 11:19 - 2017-08-13 19:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 11:19 - 2017-08-13 18:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-09-13 11:19 - 2017-08-13 18:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 11:19 - 2017-08-13 18:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 11:19 - 2017-08-13 18:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-09-13 11:19 - 2017-08-13 18:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-09-13 11:19 - 2017-08-13 18:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-09-13 11:19 - 2017-08-13 18:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 11:19 - 2017-08-13 18:21 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2017-09-13 11:19 - 2017-08-13 18:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 11:19 - 2017-08-13 18:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-09-13 11:19 - 2017-08-13 18:15 - 007078912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2017-09-13 11:19 - 2017-08-13 18:14 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2017-09-13 11:19 - 2017-08-13 18:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 11:19 - 2017-08-13 18:05 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 11:19 - 2017-08-13 18:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 11:19 - 2017-08-13 18:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 11:19 - 2017-08-13 18:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 11:19 - 2017-08-13 17:52 - 005274624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2017-09-13 11:19 - 2017-08-13 17:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2017-09-13 11:19 - 2017-08-13 17:51 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2017-09-13 11:19 - 2017-08-13 17:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-09-13 11:19 - 2017-08-13 17:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-09-13 11:19 - 2017-08-13 17:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-09-13 11:19 - 2017-08-13 17:44 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-09-13 11:19 - 2017-08-13 17:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-09-13 11:19 - 2017-08-13 17:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 11:19 - 2017-08-13 17:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 11:19 - 2017-08-13 17:25 - 007797248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2017-09-13 11:19 - 2017-08-13 17:18 - 005270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 11:19 - 2017-08-13 17:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 11:19 - 2017-08-13 17:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-09-13 11:19 - 2017-08-13 17:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-09-13 11:19 - 2017-08-13 17:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-09-13 11:19 - 2017-08-12 11:30 - 022361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 11:19 - 2017-08-12 11:26 - 019789736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-09-13 11:19 - 2017-08-12 02:39 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-09-13 11:19 - 2017-08-12 01:59 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 11:19 - 2017-08-12 01:58 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 11:19 - 2017-08-12 01:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-09-13 11:19 - 2017-08-11 22:46 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
2017-09-13 11:19 - 2017-08-11 22:29 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
2017-09-13 11:19 - 2017-08-11 22:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
2017-09-13 11:19 - 2017-08-11 05:30 - 004170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 11:19 - 2017-08-11 05:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 11:19 - 2017-08-11 05:27 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 11:19 - 2017-08-11 04:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2017-09-13 11:19 - 2017-08-11 04:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2017-09-13 11:19 - 2017-08-11 04:08 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2017-09-13 11:19 - 2017-08-11 04:02 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-09-13 11:19 - 2017-08-11 03:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2017-09-13 11:19 - 2017-08-11 03:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 11:19 - 2017-08-11 03:44 - 001095680 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 11:19 - 2017-08-11 03:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 11:19 - 2017-08-11 03:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
2017-09-13 11:19 - 2017-08-06 23:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2017-09-13 11:19 - 2017-08-06 09:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2017-09-13 11:19 - 2017-07-22 20:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
2017-09-13 11:19 - 2017-07-22 19:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
2017-09-13 11:19 - 2017-07-17 21:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-09-13 11:19 - 2017-07-17 01:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-09-13 11:19 - 2017-07-14 01:03 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-09-13 11:19 - 2017-07-12 22:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
2017-09-13 11:19 - 2017-07-12 22:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 11:19 - 2017-07-12 22:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
2017-09-13 11:19 - 2017-07-12 22:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-09-13 11:19 - 2017-07-08 21:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 11:19 - 2017-07-08 20:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 11:19 - 2017-07-08 20:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 11:19 - 2017-07-08 20:20 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-09-13 11:19 - 2017-07-08 19:25 - 001436160 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 11:19 - 2017-07-08 19:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-09-13 11:19 - 2017-07-08 05:14 - 000100184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2017-09-12 14:48 - 2017-09-15 15:27 - 000005497 _____ C:\bdlog.txt
2017-09-12 14:41 - 2017-09-12 14:42 - 066347240 _____ (Malwarebytes ) C:\Users\Eigenaar\Downloads\mb3-setup-consumer-3.2.2.2018.exe
2017-09-11 14:04 - 2017-09-11 14:04 - 000126405 _____ C:\Users\Eigenaar\Downloads\Bericht prestatiebeurs.pdf
2017-09-11 11:56 - 2017-09-11 11:56 - 000057459 _____ C:\ProgramData\dm.1505123772.bdinstall.bin
2017-09-11 11:56 - 2017-09-11 11:56 - 000000000 ____D C:\ProgramData\Bitdefender Device Management
2017-09-11 11:55 - 2017-09-11 11:55 - 000473614 _____ C:\ProgramData\cl.1505123645.bdinstall.bin
2017-09-11 11:55 - 2017-09-11 11:55 - 000000385 _____ C:\Windows\system32\user_gensett.xml
2017-09-11 11:55 - 2017-09-11 11:55 - 000000000 ____D C:\ProgramData\Atc
2017-09-11 11:54 - 2017-09-11 11:54 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\QuickScan
2017-09-11 11:54 - 2017-09-11 11:54 - 000000000 ____D C:\ProgramData\BDLogging
2017-09-11 11:54 - 2007-04-11 11:11 - 000511328 _____ (Microsoft Corporation) C:\Windows\capicom.dll
2017-09-11 11:52 - 2017-09-15 15:29 - 000000000 ____D C:\Program Files\Common Files\Bitdefender
2017-09-11 11:43 - 2017-09-11 11:43 - 000048863 _____ C:\ProgramData\agent.1505123008.bdinstall.bin
2017-09-11 11:43 - 2017-09-11 11:43 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2017-09-11 11:42 - 2017-09-11 11:43 - 009932864 _____ C:\Users\Eigenaar\Downloads\bitdefender_windows_dca0d186-fa41-4a1d-b4f3-cd2fbdd921e7.exe
2017-09-11 10:05 - 2017-09-26 22:37 - 000000000 ____D C:\Users\Eigenaar\Documents\Adobe
2017-09-11 09:58 - 2017-09-11 09:59 - 038420728 _____ (Tweaking.com) C:\Users\Eigenaar\Downloads\tweaking.com_windows_repair_aio_setup.exe
2017-09-10 17:14 - 2017-09-11 11:09 - 000000000 ____D C:\Program Files (x86)\WinRAR
2017-09-10 17:14 - 2017-09-10 17:14 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\WinRAR
2017-09-07 13:26 - 2017-09-07 13:26 - 000015871 _____ C:\Users\Eigenaar\Downloads\2017090007.pdf
2017-09-07 13:19 - 2017-09-07 13:19 - 000430896 _____ C:\Users\Eigenaar\Documents\3 NU Bijdrageovereenkomst_T.Kingma_ondertekend.pdf
2017-09-04 09:18 - 2017-09-07 13:20 - 000000000 ____D C:\Users\Eigenaar\Downloads\Noordhof af
 
==================== Een Maand Gewijzigd bestanden en mappen ========
 
(Als een item is opgenomen in de fixlist, het bestand/map wordt verplaatst.)
 
2017-10-02 19:39 - 2014-09-15 18:11 - 000000000 ____D C:\FRST
2017-10-02 19:27 - 2014-08-06 09:50 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\ClassicShell
2017-10-02 19:11 - 2013-10-23 19:53 - 001743424 _____ C:\Windows\system32\PerfStringBackup.INI
2017-10-02 19:11 - 2013-08-23 00:58 - 000764080 _____ C:\Windows\system32\perfh013.dat
2017-10-02 19:11 - 2013-08-23 00:58 - 000146914 _____ C:\Windows\system32\perfc013.dat
2017-10-02 19:11 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2017-10-02 19:02 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\AppReadiness
2017-10-02 19:01 - 2014-08-05 17:56 - 000003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-857772458-488675974-1936586719-1001
2017-10-02 18:58 - 2014-08-13 21:56 - 000000000 ___DO C:\Users\Eigenaar\OneDrive
2017-10-02 18:57 - 2014-08-05 17:52 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Packages
2017-10-02 18:54 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-10-02 18:54 - 2013-08-22 16:44 - 005227592 _____ C:\Windows\system32\FNTCACHE.DAT
2017-10-02 17:25 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2017-10-02 17:16 - 2013-08-22 15:25 - 000000112 _____ C:\Windows\win.ini
2017-10-02 15:36 - 2014-09-15 14:21 - 000000000 ____D C:\AdwCleaner
2017-10-02 15:19 - 2014-09-06 10:37 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\CrashDumps
2017-10-02 15:09 - 2014-08-06 09:25 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Adobe
2017-10-02 15:04 - 2014-08-05 17:52 - 000000000 ____D C:\Users\Eigenaar
2017-10-02 15:02 - 2014-09-15 14:55 - 000000000 ____D C:\Windows\Minidump
2017-10-02 14:14 - 2013-08-22 15:25 - 000786432 ___SH C:\Windows\system32\config\BBI
2017-10-02 13:05 - 2017-01-27 10:50 - 000000000 ____D C:\Users\Eigenaar\AppData\LocalLow\Mozilla
2017-09-28 21:08 - 2013-08-22 15:25 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_912
2017-09-28 19:24 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-28 19:24 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\registration
2017-09-28 19:22 - 2014-09-16 17:30 - 000000000 _____ C:\Recovery.txt
2017-09-28 13:22 - 2013-10-23 20:46 - 000000000 ____D C:\Windows\Panther
2017-09-27 10:06 - 2014-10-22 11:47 - 000000000 ____D C:\Program Files\Adobe
2017-09-27 10:06 - 2014-10-22 11:45 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-09-27 09:17 - 2014-08-06 09:25 - 000000000 ____D C:\ProgramData\Adobe
2017-09-27 09:17 - 2014-08-06 09:25 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-09-27 09:03 - 2016-08-30 15:00 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-27 09:03 - 2014-08-05 17:52 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Adobe
2017-09-27 08:59 - 2016-08-29 18:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2017-09-27 00:40 - 2016-08-29 18:29 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\com.adobe.AdobeMuseCC.2015.0
2017-09-27 00:37 - 2016-08-30 15:06 - 000000033 _____ C:\Users\Eigenaar\AppData\Roaming\AdobeWLCMCache.dat
2017-09-26 23:41 - 2014-08-05 17:52 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2017-09-26 23:34 - 2014-08-06 10:47 - 000000000 ____D C:\ProgramData\Atheros
2017-09-26 22:53 - 2016-08-29 18:46 - 000001357 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CC.lnk
2017-09-26 22:18 - 2017-07-14 11:53 - 000000000 ___RD C:\Users\Eigenaar\Creative Cloud Files (archived) (2)
2017-09-26 21:56 - 2015-01-24 18:18 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Spotify
2017-09-26 21:56 - 2015-01-24 18:18 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\Spotify
2017-09-26 12:43 - 2017-07-02 20:03 - 000000000 ____D C:\Program Files (x86)\Mr DJ
2017-09-25 21:44 - 2017-08-25 19:11 - 000002235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-25 21:44 - 2017-08-25 19:11 - 000002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-09-23 18:49 - 2014-09-04 13:07 - 000000000 ____D C:\Users\Eigenaar\AppData\Local\ESET
2017-09-23 18:49 - 2014-08-06 10:15 - 000000000 ___HD C:\Program Files (x86)\Temp
2017-09-23 18:49 - 2014-08-06 10:15 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-09-19 17:19 - 2014-08-06 09:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-19 10:56 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2017-09-16 16:14 - 2017-01-19 16:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-16 16:14 - 2015-09-27 20:13 - 000110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-09-16 16:14 - 2014-08-06 09:30 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-09-16 16:14 - 2014-08-06 09:30 - 000001209 _____ C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2017-09-16 16:14 - 2014-08-06 09:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-09-16 16:14 - 2014-08-06 09:26 - 000000000 ____D C:\Program Files\Java
2017-09-16 16:14 - 2014-08-06 09:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-09-16 16:13 - 2015-01-10 19:58 - 000000000 ____D C:\Program Files (x86)\Java
2017-09-16 15:31 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-15 21:11 - 2013-08-23 01:00 - 000000000 ____D C:\Windows\ShellNew
2017-09-15 21:10 - 2014-08-13 22:23 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-15 21:10 - 2013-08-22 17:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-15 20:50 - 2013-08-22 17:36 - 000000000 ____D C:\Program Files\Common Files\System
2017-09-15 19:30 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\ModemLogs
2017-09-15 16:14 - 2014-09-06 17:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-15 16:14 - 2014-08-05 17:58 - 000000000 ____D C:\Program Files\Intel
2017-09-15 15:31 - 2014-09-15 14:24 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-15 15:29 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\ELAMBKUP
2017-09-15 15:20 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2017-09-15 15:19 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts_bak_839
2017-09-14 12:27 - 2014-08-05 18:01 - 000000451 _____ C:\Windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2017-09-13 13:53 - 2014-08-06 09:25 - 000004398 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-09-13 13:53 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2017-09-13 13:53 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-13 13:34 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
2017-09-13 13:34 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\GroupPolicy
2017-09-13 13:26 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2017-09-13 11:26 - 2014-08-06 09:07 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 11:25 - 2014-08-06 09:07 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-11 11:53 - 2014-10-08 16:10 - 000000000 ____D C:\Users\Eigenaar\AppData\Roaming\Avira
2017-09-11 11:53 - 2014-10-08 16:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-09-11 11:53 - 2014-10-08 16:03 - 000000000 ____D C:\ProgramData\Avira
2017-09-07 22:19 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\NDF
2017-09-02 01:54 - 2017-05-14 20:45 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-09-02 01:54 - 2017-05-14 20:45 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Bestanden in de root van sommige mappen =======
 
2014-10-08 19:02 - 2014-10-21 20:54 - 000000132 _____ () C:\Users\Eigenaar\AppData\Roaming\Adobe PNG Format CS6 Prefs
2016-08-30 15:06 - 2017-09-27 00:37 - 000000033 _____ () C:\Users\Eigenaar\AppData\Roaming\AdobeWLCMCache.dat
2014-09-28 22:45 - 2014-09-28 22:45 - 000003852 _____ () C:\Users\Eigenaar\AppData\Local\HWVendorDetection.log
2017-09-11 11:43 - 2017-09-11 11:43 - 000048863 _____ () C:\ProgramData\agent.1505123008.bdinstall.bin
2017-09-15 15:59 - 2017-09-15 15:59 - 000030278 _____ () C:\ProgramData\agent.uninstall.1505483951.bdinstall.bin
2017-09-11 11:55 - 2017-09-11 11:55 - 000473614 _____ () C:\ProgramData\cl.1505123645.bdinstall.bin
2017-09-15 15:28 - 2017-09-15 15:28 - 000212519 _____ () C:\ProgramData\cl.uninstall.1505481904.bdinstall.bin
2017-09-11 11:56 - 2017-09-11 11:56 - 000057459 _____ () C:\ProgramData\dm.1505123772.bdinstall.bin
2017-09-15 15:26 - 2017-09-15 15:26 - 000036857 _____ () C:\ProgramData\dm.uninstall.1505481965.bdinstall.bin
2014-08-06 10:16 - 2014-08-06 10:16 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-04 20:41 - 2014-10-04 20:41 - 000001534 _____ () C:\ProgramData\ss.ini
 
==================== Bamital & volsnap ======================
 
(Er is geen automatische fix voor bestanden die de verificatie niet doorkomen.)
 
C:\Windows\system32\winlogon.exe => Bestand is getekend
C:\Windows\system32\wininit.exe => Bestand is getekend
C:\Windows\explorer.exe => Bestand is getekend
C:\Windows\SysWOW64\explorer.exe => Bestand is getekend
C:\Windows\system32\svchost.exe => Bestand is getekend
C:\Windows\SysWOW64\svchost.exe => Bestand is getekend
C:\Windows\system32\services.exe => Bestand is getekend
C:\Windows\system32\User32.dll => Bestand is getekend
C:\Windows\SysWOW64\User32.dll => Bestand is getekend
C:\Windows\system32\userinit.exe => Bestand is getekend
C:\Windows\SysWOW64\userinit.exe => Bestand is getekend
C:\Windows\system32\rpcss.dll => Bestand is getekend
C:\Windows\system32\dnsapi.dll => Bestand is getekend
C:\Windows\SysWOW64\dnsapi.dll => Bestand is getekend
C:\Windows\system32\Drivers\volsnap.sys => Bestand is getekend
 
LastRegBack: 2017-09-28 17:41
 
==================== Eind van FRST.txt ============================
 
 
Extra scanresultaten van Farbar Recovery Scan Tool (x64) Versie: 02-10-2017
Gestart door Tjitske (02-10-2017 19:40:29)
Gestart vanaf C:\Users\Eigenaar\Desktop
Windows 8.1 (Update) (X64) (2014-08-05 15:52:08)
Boot Modus: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-857772458-488675974-1936586719-500 - Administrator - Disabled)
Gast (S-1-5-21-857772458-488675974-1936586719-501 - Limited - Disabled)
Tjitske (S-1-5-21-857772458-488675974-1936586719-1001 - Administrator - Enabled) => C:\Users\Eigenaar
Tjitske_2 (S-1-5-21-857772458-488675974-1936586719-1002 - Limited - Enabled) => C:\Users\Tjitske_2
 
==================== Security Center ========================
 
(Als een item is opgenomen in de fixlist, zal het worden verwijderd.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Geïnstalleerde programma's ======================
 
(Alleen de adware-programma's met 'verborgen' vlag zou kunnen worden toegevoegd aan de fixlist om ze zichtbaar te maken. De adware-programma's moeten handmatig gedeinstallerd worden.)
 
AcrobatPro-XI-64-bit (HKLM\...\{E5CD9874-3C4F-4A50-8C17-3F33A3709AE6}) (Version: 1.0.0 - Adobe Systems Incorporated) Hidden
Adobe Acrobat Reader DC - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe InDesign CC 2017 (HKLM-x32\...\IDSN_12_1_0) (Version: 12.1.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
AdobeCC-2015-64-bit (HKLM\...\{CA1330A6-9DE7-4DC6-83F2-6CC898E9BBD7}) (Version: 1.0.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.34 - Piriform)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version:  - EFD Software)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Proofing Tools 2013 - Nederlands (HKLM\...\{90150000-001F-0413-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{2af972c7-13b0-4978-92a8-fee26a4fb4e9}) (Version: 12.0.21005.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x86 nl) (HKLM-x32\...\Mozilla Firefox 55.0.3 (x86 nl)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.3.0 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 nl) (HKLM-x32\...\Mozilla Thunderbird 52.3.0 (x86 nl)) (Version: 52.3.0 - Mozilla)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Prey Anti-Theft (HKLM-x32\...\{AC65C5A1-AEA9-474C-B544-520D8D4FDCFD}) (Version: 1.3.9 - Prey, Inc.) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.21 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Spotify (HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Spotify) (Version: 1.0.59.395.ge6ca9946 - Spotify AB)
StickyPad (HKLM-x32\...\{08CE81A5-3D9D-4F9A-AEB2-07DB44ADCC2A}) (Version: 2.3.54 - Green Eclipse)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WhatsApp (HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\WhatsApp) (Version: 0.2.4240 - WhatsApp)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
==================== Aangepaste CLSID (gefilterd): ==========================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
CustomCLSID: HKU\S-1-5-21-857772458-488675974-1936586719-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-857772458-488675974-1936586719-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-15] (AVAST Software)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvAppExt.dll [2013-11-28] (Qualcomm®Atheros®)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-15] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-15] (AVAST Software)
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ShellContextExt.dll [2013-11-28] (Qualcomm®Atheros®)
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Geen bestand
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\Windows\system32\igfxOSP.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-15] (AVAST Software)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2014-04-20] (IvoSoft)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-14] (Alexander Roshal)
 
==================== Geplande Taken (gefilterd) =============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
Task: {01F5FD07-6C02-4FE1-B80A-120D9766BFEF} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-15] (AVAST Software)
Task: {1C1FC357-ABA1-4DCE-B01F-08E2C4ADA386} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {4059E745-B022-4752-89A7-593F80ECD223} - System32\Tasks\Microsoft Office 15 Sync Maintenance for LT-294628-Tjitske LT-294628 => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2016-02-09] (Microsoft Corporation)
Task: {4A6A86ED-AE66-4E7A-94D5-31751B4FD318} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-09-13] (Microsoft Corporation)
Task: {4DED2F0F-8055-49FD-B447-931CF06BA44D} - System32\Tasks\{0231EC29-21CD-48E2-8457-12876DF74059} => C:\Windows\system32\pcalua.exe [2014-10-29] (Microsoft Corporation)
Task: {4FB64ABC-A232-49F6-B5FA-2EA17CA4CB35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-23] (Piriform Ltd)
Task: {6DD20A91-41B4-41D9-BE3D-247C3E782CBF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-13] (Adobe Systems Incorporated)
Task: {7D17BB15-2524-4C43-A3D7-ECBE5060194B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-857772458-488675974-1936586719-1001
Task: {7F934185-1463-48C2-816C-896B9EAA440C} - \ParetoLogic Update Version3_triggeronce -> Geen bestand <==== AANDACHT
Task: {C12D2B2A-0814-4666-ADCD-432E3B2FC310} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-25] (Google Inc.)
Task: {D3018D1D-8ABD-46B2-97E1-FD5614211CF8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {E2230AB5-1D66-4810-A98A-8A5D9061416E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-08-25] (Google Inc.)
Task: {EBB0AC57-9747-41E1-8EB6-8DE27A5575EF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-tjitske.kingma@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
 
(Als een item is opgenomen in de fixlist, de taak (job) bestand wordt verplaatst. Het bestand dat wordt uitgevoerd door de taak zal niet worden verplaatst.)
 
 
==================== Snelkoppelingen & WMI ========================
 
(De items kunnen worden opgenomen in de fixlist.txt om hersteld of verwijderd te worden.)
 
 
ShortcutWithArgument: C:\Users\Eigenaar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Hangouts.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=knipolnnllmklapflnccelgolnpehhpl
 
==================== Geladen Modules (gefilterd) ==============
 
2013-11-28 22:35 - 2013-11-28 22:35 - 000011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-11-28 22:32 - 2013-11-28 22:32 - 000086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-11-28 22:38 - 2013-11-28 22:38 - 000012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2017-09-15 16:16 - 2017-09-15 16:16 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-25 21:44 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-25 21:44 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-09-15 16:16 - 2017-09-15 16:16 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-15 16:16 - 2017-09-15 16:16 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-15 17:18 - 2017-09-15 17:18 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-15 16:16 - 2017-09-15 16:16 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-15 16:16 - 2017-09-15 16:16 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-15 16:16 - 2017-09-15 16:16 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-28 11:02 - 2017-09-15 16:16 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
 
==================== Alternate Data Streams (gefilterd) =========
 
(Als een item is opgenomen in de fixlist, alleen de ADS wordt verwijderd.)
 
 
==================== Veilige Modus (gefilterd) ===================
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. De "AlternateShell" waarde wordt hersteld.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
 
==================== Bestandskoppeling (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, het registry item zal worden teruggezet naar de standaardwaarden of verwijderd.)
 
 
==================== Internet Explorer vertrouwde/beperkte toegang ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd.)
 
 
==================== Hosts inhoud: ===============================
 
(Als nodig Hosts: opdracht kan worden opgenomen in de fixlist om Hosts te resetten.)
 
2013-08-22 15:25 - 2017-10-02 17:16 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
 
==================== Andere gebieden ============================
 
(Momenteel is er geen automatische fix voor dit onderdeel.)
 
HKU\S-1-5-21-857772458-488675974-1936586719-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hogwarts burning.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is ingeschakeld.
 
==================== MSCONFIG/TASK MANAGER Uitgeschakelde items ==
 
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_E906F75BB452BCF2818C69147DD66E6F"
 
==================== Firewall regels (gefilterd) ===============
 
(Als een item is opgenomen in de fixlist, wordt uit het register verwijderd. Het bestand zal niet worden verplaatst tenzij apart vermeld.)
 
FirewallRules: [{6F81DD5F-A76F-4C64-964F-FD36E8377D4F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{6E0F972C-5548-4207-93A8-9C4C79A2E4B2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{78B255C4-F69C-4391-956B-D3BB2F50B0E7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CA0C4E22-C0AA-486D-ADD1-81666A815A19}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3EE89825-9AAC-4CBC-B226-EB3BC2D7A97A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EFA26668-D424-43C6-A97F-E304CDC569DA}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{BDB7D6F5-4EAC-4DF5-9FDE-9D2D7DB65EF2}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{C2DCDA92-DBDF-4821-9545-9775855EAAAA}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{7FBD1524-5D17-4A3D-979D-8645C1FF9BB9}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{99335701-31DD-4EA7-9CC2-B6674404678E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [TCP Query User{A2F2E594-B1B0-43A4-9FB8-71478BB9F116}C:\users\eigenaar\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\eigenaar\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{31CAADBB-5DE0-4ED4-80C7-64CEDD2E277C}C:\users\eigenaar\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\eigenaar\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{830D7185-8853-4C2A-A39A-2477EAB9C589}C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [UDP Query User{BA4684EE-C75E-4773-962D-D45115B3A3E9}C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [TCP Query User{B4E1FA0A-6032-4399-94E5-0F0214195F34}C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [UDP Query User{7F642941-18C5-41E1-9605-6F656DAE32B4}C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe] => (Allow) C:\users\eigenaar\appdata\roaming\mozilla\firefox\profiles\u053du98.default\extensions\jid1-4p0kohsjxu1qgg@jetpack\resources\hola_firefox_ext\data\plugins\hola_plugin_x64.exe
FirewallRules: [TCP Query User{9711C846-7DEB-42DD-8A01-E367D1525B34}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CCC4C59D-E075-4A9A-A740-B6789676616C}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [TCP Query User{BBCABC10-E6C1-4013-A5A9-D6AAAD85C95C}C:\users\eigenaar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eigenaar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3ADE458A-4116-4734-B75C-2DA109331E5C}C:\users\eigenaar\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\eigenaar\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{F0CC26FE-9B99-4CB7-8115-12EDCF35F2FD}C:\users\eigenaar\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eigenaar\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B43C8280-4090-4DA9-9D6A-243AD27081D4}C:\users\eigenaar\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\eigenaar\appdata\roaming\spotify\spotify.exe
FirewallRules: [{6C1A92D3-6671-47C3-BE67-23E9BFCF0B11}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2E2CB877-912F-46CE-9AD8-A3E4B263578C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8133F629-E689-4F70-A724-F4FAF4492FF2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{A20F1BDC-CF39-4747-B40B-A44DA235DB5F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{FCD47AE8-AC7D-4884-875C-940257F1B33C}] => (Allow) C:\Users\Eigenaar\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F0470066-85D7-4A0D-89AE-C3CDA5D329B8}] => (Allow) C:\Users\Eigenaar\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{0D2FF0B1-2F82-4A76-8E58-74776F19D15D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{55F15B20-162B-4FA5-B7EA-273FC7BA2458}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8F99563E-4E44-48AB-9553-E0B947FA1E6C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{958CB2F6-E00E-404F-963A-6440A381481F}] => (Allow) C:\Windows\Prey\versions\1.6.2\bin\node.exe
FirewallRules: [TCP Query User{BD2F3AA8-4C52-4BAE-93DB-1ECD9A45EBB8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{D7DDEA34-F490-467C-9A35-304FC08472E8}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{39F2AAAC-9EAC-43C3-86A9-E00BF343F6AD}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9B086722-7A56-462F-95C2-338653B6D8CA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{891DCA61-19C1-41DC-8DBD-C52021627139}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{8EB602AF-3813-4B1B-B992-2CAD49E4AFEE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8EA915B0-6A2E-42C9-BE46-269B83BDF0D2}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{0ADA828B-3986-4454-8F22-96009FA6B120}] => (Allow) C:\Program Files\Adobe\Adobe Flash Builder 4.7 (64 Bit)\FlashBuilder.exe
FirewallRules: [{BFE43D67-A35F-4783-AFAF-D0F78BD31C12}] => (Allow) LPort=7935
 
==================== Herstelpunten =========================
 
28-09-2017 20:56:46 Tweaking.com - Windows Repair 2018
02-10-2017 14:13:57 Windows Update
 
==================== Defecte Apparaatbeheer Apparaten =============
 
 
==================== Eventlog fouten: =========================
 
Applicatiefouten:
==================
Error: (10/02/2017 07:40:35 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (44896) Windows: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -509.
 
Error: (10/02/2017 07:40:34 PM) (Source: ESENT) (EventID: 465) (User: )
Description: SearchIndexer (44896) Windows: Er is een beschadiging opgetreden in logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log tijdens een interne herstelbewerking. De ontbrekende controlesomrecord is gevonden op positie END. De gegevens die niet met het opvulpatroon van het logboekbestand overeenkomen, zijn voor het eerst gevonden in sector 28 (0x0000001C). Dit logboekbestand is beschadigd en kan niet meer worden gebruikt.
 
Error: (10/02/2017 07:40:34 PM) (Source: ESENT) (EventID: 477) (User: )
Description: SearchIndexer (44896) Windows: De verificatie van de logboekreeks die is gelezen vanaf het bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log bij een verschuiving van 114688 (0x000000000001c000) voor 4096 (0x00001000) bytes is mislukt vanwege een ongeldige bereikcontrolesom. De verwachte controlesom is 5580859941704473019 (0x4d73328c5e8099bb) en de werkelijke controlesom is 5580859941704473019 (0x4d73328c5e8099bb). Tijdens de leesbewerking treedt fout -501 (0xfffffe0b) op. Als dit probleem zich blijft voordoen, herstelt u het logboekbestand vanaf een vorige back-up.
 
Error: (10/02/2017 07:40:30 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (44876) Windows: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -509.
 
Error: (10/02/2017 07:40:30 PM) (Source: ESENT) (EventID: 465) (User: )
Description: SearchIndexer (44876) Windows: Er is een beschadiging opgetreden in logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log tijdens een interne herstelbewerking. De ontbrekende controlesomrecord is gevonden op positie END. De gegevens die niet met het opvulpatroon van het logboekbestand overeenkomen, zijn voor het eerst gevonden in sector 28 (0x0000001C). Dit logboekbestand is beschadigd en kan niet meer worden gebruikt.
 
Error: (10/02/2017 07:40:30 PM) (Source: ESENT) (EventID: 477) (User: )
Description: SearchIndexer (44876) Windows: De verificatie van de logboekreeks die is gelezen vanaf het bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log bij een verschuiving van 114688 (0x000000000001c000) voor 4096 (0x00001000) bytes is mislukt vanwege een ongeldige bereikcontrolesom. De verwachte controlesom is 5580859941704473019 (0x4d73328c5e8099bb) en de werkelijke controlesom is 5580859941704473019 (0x4d73328c5e8099bb). Tijdens de leesbewerking treedt fout -501 (0xfffffe0b) op. Als dit probleem zich blijft voordoen, herstelt u het logboekbestand vanaf een vorige back-up.
 
Error: (10/02/2017 07:40:26 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (44168) Windows: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -509.
 
Error: (10/02/2017 07:40:26 PM) (Source: ESENT) (EventID: 465) (User: )
Description: SearchIndexer (44168) Windows: Er is een beschadiging opgetreden in logboekbestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log tijdens een interne herstelbewerking. De ontbrekende controlesomrecord is gevonden op positie END. De gegevens die niet met het opvulpatroon van het logboekbestand overeenkomen, zijn voor het eerst gevonden in sector 28 (0x0000001C). Dit logboekbestand is beschadigd en kan niet meer worden gebruikt.
 
Error: (10/02/2017 07:40:26 PM) (Source: ESENT) (EventID: 477) (User: )
Description: SearchIndexer (44168) Windows: De verificatie van de logboekreeks die is gelezen vanaf het bestand C:\ProgramData\Microsoft\Search\Data\Applications\Windows\edb.log bij een verschuiving van 114688 (0x000000000001c000) voor 4096 (0x00001000) bytes is mislukt vanwege een ongeldige bereikcontrolesom. De verwachte controlesom is 5580859941704473019 (0x4d73328c5e8099bb) en de werkelijke controlesom is 5580859941704473019 (0x4d73328c5e8099bb). Tijdens de leesbewerking treedt fout -501 (0xfffffe0b) op. Als dit probleem zich blijft voordoen, herstelt u het logboekbestand vanaf een vorige back-up.
 
Error: (10/02/2017 07:40:22 PM) (Source: ESENT) (EventID: 454) (User: )
Description: SearchIndexer (44272) Windows: Het herstellen/terugzetten van de database is mislukt vanwege de onverwachte fout -509.
 
 
Systeemfouten:
=============
Error: (10/02/2017 07:40:35 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Windows Search-service is onverwacht beëindigd. Dit is nu 581 keer gebeurd.
 
Error: (10/02/2017 07:40:35 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2388525565
 
Error: (10/02/2017 07:40:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Windows Search-service is onverwacht beëindigd. Dit is nu 580 keer gebeurd.
 
Error: (10/02/2017 07:40:30 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2388525565
 
Error: (10/02/2017 07:40:26 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Windows Search-service is onverwacht beëindigd. Dit is nu 579 keer gebeurd.
 
Error: (10/02/2017 07:40:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2388525565
 
Error: (10/02/2017 07:40:22 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Windows Search-service is onverwacht beëindigd. Dit is nu 578 keer gebeurd.
 
Error: (10/02/2017 07:40:22 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2388525565
 
Error: (10/02/2017 07:40:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: De Windows Search-service is onverwacht beëindigd. Dit is nu 577 keer gebeurd.
 
Error: (10/02/2017 07:40:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: De service Windows Search is gestopt met de volgende specifieke servicefout: 
%%2388525565
 
 
CodeIntegrity:
===================================
  Date: 2017-10-02 18:55:01.476
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-02 17:07:22.978
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-02 15:03:06.195
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-02 14:40:41.836
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-10-02 14:06:38.178
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-09-29 12:02:46.212
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-09-28 21:31:40.287
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2017-08-30 16:12:10.158
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-30 16:12:09.590
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
 
  Date: 2017-08-30 16:12:08.885
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Store signing level requirements.
 
 
==================== Geheugen info =========================== 
 
Processor: Intel® Core™ i5-3230M CPU @ 2.60GHz
Percentage geheugen in gebruik: 78%
Totaal fysiek RAM-geheugen: 3978.35 MB
Beschikbaar fysiek RAM-geheugen: 858.08 MB
Totaal Virtueel geheugen: 8842.35 MB
Beschikbaar Virtual geheugen: 5454.84 MB
 
==================== Schijven ================================
 
Drive c: () (Fixed) (Total:232.54 GB) (Free:125.03 GB) NTFS
Drive e: (DATA) (Fixed) (Total:465.76 GB) (Free:359.5 GB) NTFS
 
==================== MBR & Partitietabel ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B3033391)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 000EC498)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== Eind van Addition.txt ============================

 



BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 05 October 2017 - 08:50 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===
This is an outdated copy of Java.
Remove it via the Control Panel > Programs > Programs and Features. Keep the latest version Java 8 Update 144
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.
Please copy the entire contents of the code box below to the a new file.
 
start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [AdobeBridge] => [X]
CHR Extension: (Avast SafePrice) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Avast Online Security) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Geen bestand
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
Task: {7F934185-1463-48C2-816C-896B9EAA440C} - \ParetoLogic Update Version3_triggeronce -> Geen bestand <==== AANDACHT
FirewallRules: [{3EE89825-9AAC-4CBC-B226-EB3BC2D7A97A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EFA26668-D424-43C6-A97F-E304CDC569DA}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{BDB7D6F5-4EAC-4DF5-9FDE-9D2D7DB65EF2}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{C2DCDA92-DBDF-4821-9545-9775855EAAAA}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{7FBD1524-5D17-4A3D-979D-8645C1FF9BB9}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{99335701-31DD-4EA7-9CC2-B6674404678E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Program Files\KMSpico

End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Post the logs and let me know what problem persists.

#3 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 06 October 2017 - 09:26 AM

Hi nasdaq, thanks for replying! I deleted the old version of Java and ran your fix. The problem doesn't seem to have been resolved completely, as my computer still freezes (even as I was typing this it froze up a few seconds. Twice now!). 

 

-------

 

Fix resultaat van Farbar Recovery Scan Tool (x64) Versie: 03-10-2017 01
Gestart door Tjitske (06-10-2017 16:15:47) Run:2
Gestart vanaf C:\Users\Eigenaar\Desktop
Geladen Profielen: Tjitske (Beschikbare Profielen: Tjitske & Tjitske_2)
Boot Modus: Normal
==============================================
 
fixlist inhoud:
*****************
start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
HKU\S-1-5-21-857772458-488675974-1936586719-1001\...\Run: [AdobeBridge] => [X]
CHR Extension: (Avast SafePrice) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-16]
CHR Extension: (Avira Browser Safety) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09]
CHR Extension: (Avast Online Security) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-16]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]
ContextMenuHandlers4: [MSSE] -> {0365FE2C-F183-4091-AC82-BFC39FB75C49} =>  -> Geen bestand
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> Geen bestand
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> Geen bestand
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> Geen bestand
Task: {7F934185-1463-48C2-816C-896B9EAA440C} - \ParetoLogic Update Version3_triggeronce -> Geen bestand <==== AANDACHT
FirewallRules: [{3EE89825-9AAC-4CBC-B226-EB3BC2D7A97A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{EFA26668-D424-43C6-A97F-E304CDC569DA}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{BDB7D6F5-4EAC-4DF5-9FDE-9D2D7DB65EF2}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{C2DCDA92-DBDF-4821-9545-9775855EAAAA}] => (Allow) C:\Program Files\KMSpico\KMSServer.exe
FirewallRules: [{7FBD1524-5D17-4A3D-979D-8645C1FF9BB9}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{99335701-31DD-4EA7-9CC2-B6674404678E}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
C:\Program Files\KMSpico
 
End
*****************
 
Herstelpunt is succesvol gemaakt.
Proces succesvol afgesloten.
HKU\S-1-5-21-857772458-488675974-1936586719-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => waarde is succesvol verwijderd
CHR Extension: (Avast SafePrice) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-16] => Fout: Geen automatische fix gevonden voor dit item.
CHR Extension: (Avira Browser Safety) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-09] => Fout: Geen automatische fix gevonden voor dit item.
CHR Extension: (Avast Online Security) - C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-09-16] => Fout: Geen automatische fix gevonden voor dit item.
HKLM\SOFTWARE\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\flliilndjeohchalpbbcdekjklbdgfkk => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => sleutel is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\efavdrv => sleutel is succesvol verwijderd
efavdrv => dienst is succesvol verwijderd
HKLM\System\CurrentControlSet\Services\IntcAzAudAddService => sleutel is succesvol verwijderd
IntcAzAudAddService => dienst is succesvol verwijderd
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\MSSE => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{0365FE2C-F183-4091-AC82-BFC39FB75C49} => sleutel niet gevonden. 
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => sleutel niet gevonden. 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => sleutel niet gevonden. 
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => sleutel niet gevonden. 
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => sleutel is succesvol verwijderd
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => sleutel niet gevonden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F934185-1463-48C2-816C-896B9EAA440C} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F934185-1463-48C2-816C-896B9EAA440C} => sleutel is succesvol verwijderd
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ParetoLogic Update Version3_triggeronce => sleutel niet gevonden. 
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3EE89825-9AAC-4CBC-B226-EB3BC2D7A97A} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EFA26668-D424-43C6-A97F-E304CDC569DA} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BDB7D6F5-4EAC-4DF5-9FDE-9D2D7DB65EF2} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C2DCDA92-DBDF-4821-9545-9775855EAAAA} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7FBD1524-5D17-4A3D-979D-8645C1FF9BB9} => waarde is succesvol verwijderd
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{99335701-31DD-4EA7-9CC2-B6674404678E} => waarde is succesvol verwijderd
"C:\Program Files\KMSpico" => niet gevonden.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31495809 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 225768 B
Edge => 0 B
Chrome => 470841423 B
Firefox => 43258245 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 16827234 B
NetworkService => 0 B
Eigenaar => 156461037 B
Tjitske_2 => 19164914 B
 
RecycleBin => 3982202 B
EmptyTemp: => 715.9 MB tijdelijke gegevens verwijderd.
 
================================
 
 
Het systeem moest herstart worden.
 
==== Eind van Fixlog 16:16:23 ====


#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 06 October 2017 - 01:06 PM



Hi,

Run the computer in Safe Mode.
https://support.microsoft.com/en-us/help/2809468/how-to-easily-enter-safe-mode-in-windows-8-one-click-series
Let me know if the problem persists in that mode.

Restart the computer normally and run this operating check.

Check the integrity of the operating system files.
Follow the instructions on this page.
https://answers.microsoft.com/en-us/windows/forum/windows_8-update/sfcscannow-cannot-fix-corrupted-files-windows-8/144e79db-69de-4337-b6c3-33e7b1545ce2

Keep me posted on the results.

#5 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 07 October 2017 - 02:22 PM

I ran my computer in safe mode, I think it was less slow in safe mode, at least when typing in Chrome. I couldn't get InDesign to work so I only surfed around the web a bit and typed a little to see if it would freeze, and it didnt

 

 I ran the operating check and it says I have corrupt files but that it is unable to fix them, and I don't quite understand what the next steps are. My computer still seems sluggish, although I'm not experiencing freezing at this moment, but I'm not using it much over the weekend.



#6 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 08 October 2017 - 07:23 AM

Hi,

Lets check the status of 3rd party drivers.

Navigate to this page.
http://learn.flexerasoftware.com/SVM-EVAL-Personal-Software-Inspector

Download and run the Flexera Software Personal Software Inspector.

Update all the 3rd party divers that are reported as needing an update.

Keep me posted.

#7 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 08 October 2017 - 09:05 AM

I updated everything I could. It tells me to update node.js 0.x and node.js 4.x. I don't know what this is (something to do with Java?) and it won't update.

 

Otherwise, my laptop still freezes and I had another BSOD with the same Kernel Inpage error.

 

I read that a clean installation of windows would help, but I'm not sure if it would? 



#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 08 October 2017 - 01:03 PM

Hi,

Lets find out if we can lean something from the BSOD.

Please download the free home edition of WhoCrashed to your Desktop from here whocra10.png and install it by double-clicking "whocrashedSetup.exe".
At the end, it will open automatically. Click the "Analyze" button.

Please scroll down the Information window to copy and paste the results in your next reply.

#9 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 08 October 2017 - 01:28 PM

Hi, thanks for putting up with me! Here's the report:

 

Crash dump directory: C:\Windows\Minidump

Crash dumps are enabled on your computer.

On Sun 8-10-2017 15:32:04 your computer crashed
crash dump file: C:\Windows\Minidump\100817-5437-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14DDA0)
Bugcheck code: 0x7A (0xFFFFF6FB7DBED7D8, 0xFFFFFFFFC000003F, 0x25BAB880, 0xFFFFF6FB7DAFB000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Sun 8-10-2017 15:32:04 your computer crashed
crash dump file: C:\Windows\memory.dmp
This was probably caused by the following module: aswsnx.sys (aswSnx+0x2CA6C)
Bugcheck code: 0x7A (0xFFFFF6FB7DBED7D8, 0xFFFFFFFFC000003F, 0x25BAB880, 0xFFFFF6FB7DAFB000)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\drivers\aswsnx.sys
product: Avast Antivirus
company: AVAST Software
description: Avast Virtualization Driver
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
A third party driver was identified as the probable root cause of this system error. It is suggested you look for an update for the following driver: aswsnx.sys (Avast Virtualization Driver, AVAST Software).
Google query: AVAST Software KERNEL_DATA_INPAGE_ERROR



On Mon 2-10-2017 23:09:17 your computer crashed
crash dump file: C:\Windows\Minidump\100217-4859-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14DDA0)
Bugcheck code: 0x7A (0xFFFFF6E00089C5C0, 0xFFFFFFFFC000003F, 0x45FD4880, 0xFFFFC001138B8CB0)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 2-10-2017 15:01:42 your computer crashed
crash dump file: C:\Windows\Minidump\100217-24781-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14DDA0)
Bugcheck code: 0x7A (0xFFFFF6E000F16250, 0xFFFFFFFFC000003F, 0x239ED880, 0xFFFFC001E2C4A3F8)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



On Mon 2-10-2017 14:05:43 your computer crashed
crash dump file: C:\Windows\Minidump\100217-5390-01.dmp
This was probably caused by the following module: ntoskrnl.exe (nt+0x14DDA0)
Bugcheck code: 0x7A (0xFFFFF6E00040A7C8, 0xFFFFFFFFC000003F, 0x5CA2C880, 0xFFFFC000814F97B0)
Error: KERNEL_DATA_INPAGE_ERROR
file path: C:\Windows\system32\ntoskrnl.exe
product: Microsoft® Windows® Operating System
company: Microsoft Corporation
description: NT Kernel & System
Bug check description: This bug check indicates that the requested page of kernel data from the paging file could not be read into memory.
The crash took place in the Windows kernel. Possibly this problem is caused by another driver that cannot be identified at this time.



 

Conclusion

9 crash dumps have been found and analyzed. Only 5 are included in this report. A third party driver has been identified to be causing system crashes on your computer. It is strongly suggested that you check for updates for these drivers on their company websites. Click on the links below to search with Google for updates for these drivers:

aswsnx.sys (Avast Virtualization Driver, AVAST Software)

If no updates for these drivers are available, try searching with Google on the names of these drivers in combination with the errors that have been reported for these drivers. Include the brand and model name of your computer as well in the query. This often yields interesting results from discussions on the web by users who have been experiencing similar problems.


Read the topic general suggestions for troubleshooting system crashes for more information.

Note that it's not always possible to state with certainty whether a reported driver is responsible for crashing your system or that the root cause is in another module. Nonetheless it's suggested you look for updates for the products that these drivers belong to and regularly visit Windows update or enable automatic updates for Windows. In case a piece of malfunctioning hardware is causing trouble, a search with Google on the bug check errors together with the model name and brand of your computer may help you investigate this further.
 



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 09 October 2017 - 07:10 AM



Hi,

Uninstall Avast software using their uninstaller.

Follow the instructions on this page.

https://www.avast.com/uninstall-utility

Restart the computer normally when completed.

Make sure that the Windows Defender is enable.

How is the computer running now with Windows Defender running?

#11 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 09 October 2017 - 07:46 AM

Hi Nasdaq,

 

I uninstalled Avast and enabled Windows Defender. I resumed working as usual (in InDesing and Word) and still experience the same kind of freezing as before. I know it is not because I have two programs open at the same time, as it will also freeze when I'm only using Chrome and nothing else, or only Word and nothing else. 


Edited by quiescentials, 09 October 2017 - 07:47 AM.


#12 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 09 October 2017 - 10:50 AM

Hi,

Check your RAM.

Follow the instructions on this page.

https://answers.microsoft.com/en-us/windows/forum/windows8_1-performance/how-to-check-exact-ram-usage-on-windows-81/7c7e5542-249c-4641-b67a-4d9d99a519ed

#13 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 09 October 2017 - 11:14 AM

I'm not sure what I have to do with this information. I attached a screenshot of the RAM usage. I tried using the Windows troubleshooter as described, but it couldn't find/fix any problems. 



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:06 PM

Posted 10 October 2017 - 07:51 AM

Hi,

Can you screenshot of the RAM usage. I do not see it.

It's a 2 step process.

How to attach a file to your reply:
In the Reply section in the bottom of the topic Click the "more reply Options" button.
attachlogs.png

Attach the file.
Select the "Choose a File" navigate to the location of the File.
Click the file you wish to Attach.
Click Attach this file.
Click the Add reply button.
===

Download and run the Ccleaner tool.
https://www.piriform.com/ccleaner/download

All I want you to do is clean the File system only.
DO not run any of the other options.

Look at this tutorial and proceed to clean you files.


===

Next:

Check this registry key and make sure that it is set to 0 (Zero)
If not change it.
 

1. Open Registry Editor (Start > Type regedit and press enter)
2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Search
3. Double click SetupCompletedSuccessfully
4. Change it from a 1 to a 0.

===

Let me know if the problem persists.

#15 quiescentials

quiescentials
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Local time:09:06 PM

Posted 10 October 2017 - 08:14 AM

Hi. I ran CCleaner and only deleted the files. The registry was already set to 0.

 

I've tried to attach the screenshot of my RAM again (sorry, my windows is in Dutch so it's in Dutch). I think I forgot to hit the attach button last time.

 

Now I've deleted these files my laptop is running a bit quicker than before, but I've used CCleaner before and it won't last for long. 

 

Edit: I spoke too soon, it just freezes as often as before 

Attached Files

  • Attached File  RAM.JPG   108.04KB   0 downloads

Edited by quiescentials, 10 October 2017 - 08:16 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users